Running Azure Cloud Shell without subscription level contributor

The default Cloud Shell will attempt to create new Resource Group if one does not exist.

For user that needs cloud shell, but does not have contributor privileges for the subscription, you can create separate resource group and give limited permissions to benefit from the functionality:

With following permissions you can let low privileged user to have cloud shell:

1. Reader on the resource group
2. Contributor on per user storage account

Create Cloud Shell

After creation of the file share user can open cloud shell