Role for Azure Security Center / Defender for cloud

Mohammed Altamash Khan 2,076 Reputation points


Is there any specific role where i can assign user read only for Azure security center / Defender for cloud. The end goal is the user only want to check compliance status of azure security. i don't want custom role.

i believe security reader is fine but is their more granular one ?


Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,188 questions
0 comments No comments
{count} votes

Accepted answer
  1. Alistair Ross 7,101 Reputation points Microsoft Employee


    The Security reader is the least privileged built-in role for checking compliance status in Defender for Cloud. Custom roles is the only way to make it more granular

    kind regards


0 additional answers

Sort by: Most helpful