Hello,
Thank you for your answer. Will be there soon integration of permissions for Cloud App Security to Microsoft365 Defender portal since integration of two portals is ongoing?
Best Regards
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hello guys,
Just want to ask you if you have any "other way around" to assign more rights for custom role than specified in Roles&Administrators section of Azure? We as a company want to "edit" Security Administrator role and create a new role from Security Administrator permissions? To further explain this issue - we want to create new role because we want to exclude view of machines, alerts and any insight from specific location on Defender and other portals that are bond to Microsoft Security. Can anyone who faced common issue share some experience?
Hello,
Thank you for your answer. Will be there soon integration of permissions for Cloud App Security to Microsoft365 Defender portal since integration of two portals is ongoing?
Best Regards
@Vasilije Djurovic Thank you for reaching out to us. If I understand correctly you want to create a custom security administrator role in Azure AD ( or would say duplicate of security administrator role minus view of machines, alerts and any insight from specific location on Defender and other portals that are bond to Microsoft Security)
Unfortunately not all actions/permissions defined in default Security administrator role are available for custom role, I have reviewed all the permissions defined in Security administrator role as mentioned here https://learn.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#security-administrator:~:text=premises%20password%20protection.-,Actions,-Description few are not available to make a replica of security administrator role.
If your end goal is to control the permissions for defender for endpoint portal, you can go MDE portal - Settings - Endpoints - Roles - review the permissions as mentioned in the screenshot and create a RBAC based on it.
If this doesnt help, you can post your feedback over here https://feedback.azure.com/d365community/search/?q=security+administrator+custom+role which is closely monitored by our team so that they can work on your feedback and improve the product further.
Let me know if you have any further questions, feel free to post back.