I can not activate Microsoft Entra ID Premium P2 to create custom role

Question

I am experiencing difficulty accessing Microsoft Entra ID Premium P2, which is impacting my ability to create custom roles and manage permissions within the Azure Portal. Specifically, I am attempting to create a custom role that allows users to perform actions related to Virtual Machines, Virtual Networks, Storage Accounts, Databases, Web Services, Azure Key Vaults, and Firewalls.

Despite my efforts, I am unable to access Microsoft Entra ID Premium P2, and this is hindering the progress of my tasks. To address this issue, I would like to open a support case to seek guidance and resolution. Below are some details regarding the issue:

• Entra ID Premium P2 Access Issue: Unable to access Microsoft Entra ID Premium P2 for role management and custom role creation.

I kindly request your assistance in investigating and resolving this matter. If additional information is required, or if there are specific steps that I can take to provide further context, please let me know. Thank you for your prompt attention to this issue. I appreciate your support in resolving this matter as soon as possible.

Answer 1

Hi,

If you are a Privileged Role Administrator or Global Administrator in the tenant you should be able to create the custom role, can you check if you are the GA or PR Admin assigned to you? If not you will not be able to create it, check this https://learn.microsoft.com/en-us/entra/identity/role-based-access-control/custom-create

Hope this helps. JS

== Please accept as answer and do a Thumbs-up to upvote this response if you are satisfied with the community help. Your upvote will be beneficial for the community users facing similar issues.

Answer 2

Hello @Mehwish Jawed

Here are some steps you can follow to activate Microsoft Entra ID Premium P2:

1. Sign into Azure Portal.
2. In the search box, search for “Microsoft Entra ID” and select it from the results.
3. In the left pane, select “Licenses” -> “Overview”.
4. In the top right under “Quick tasks”, select “Get a free trial”.
5. Select “Microsoft Entra ID P2” and select “Activate”.

If you’re using a free trial subscription, please note that Microsoft Entra ID Free license is attached to the default directory under a Tenant ID. As you’re using a free trial subscription, you cannot upgrade Microsoft Entra ID Free license to Microsoft Entra ID P2 license.

Microsoft Entra ID P2 free trials are limited to one free trial per tenant.

If you’ve already activated the Microsoft Entra ID P2 free trial in the past, it will not allow you to activate again. To get access to your work email, you may need to contact your IT department or administrator.

They may need to grant you the necessary permissions.

Once you have activated Microsoft Entra ID Premium P2, you can create custom roles in Azure Portal:

1. In the Azure portal, open a subscription or resource group where you want the custom role to be assignable and then open “Access control (IAM)”.
2. Click “Add” and then click “Add custom role”. This opens the custom roles editor with the “Start from scratch” option selected.

Please note that these are general steps and might not solve your specific issue. If this information provided here helps solve your issue, please tag this as answered, so it helps further community readers, who may have similar questions.