General Query: Privileged Administrator Role vs Job Function Roles

Ankush 20 Reputation points
2023-05-03T09:54:06.7366667+00:00

Hi

I have two questions:

  1. What's the difference between Privileged Administrator Role vs Job Function Roles assignment type ?

2 Why its showing only Owner, Contributor & User Access Administrator assignment type as "Privileged". Is it because of some configuration performed in Azure AD Privileged Identity Management ?

I have attached the snapshot as well here.

PIM.PNG

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
715 questions
Microsoft Entra
0 comments No comments
{count} votes

Accepted answer
  1. Sedat SALMAN 13,270 Reputation points
    2023-05-03T21:02:06.63+00:00

    Privileged Administrator Roles are high-level roles that provide users with elevated permissions to manage resources across the Azure environment. These roles have more access and control than typical user roles, which makes them essential for managing critical aspects of your environment. Examples of Privileged Administrator Roles include Global Administrator, Security Administrator, and User Access Administrator.

    Job Function Roles, on the other hand, are roles specifically designed to provide users with permissions to perform particular job functions or tasks within the Azure environment. These roles are more focused on specific responsibilities and have a narrower scope of access compared to Privileged Administrator Roles. Examples of Job Function Roles include Network Contributor, Storage Account Contributor, and Virtual Machine Contributor.

    The reason why only Owner, Contributor, and User Access Administrator assignment types are displayed as "Privileged" in your Azure AD PIM might be due to your organization's specific configurations. These roles are considered privileged because they grant elevated permissions that allow users to manage resources at a higher level.

    1 person found this answer helpful.
    0 comments No comments

0 additional answers

Sort by: Most helpful