Clone a role/policy in the Remediation dashboard

This article describes how you can use the Remediation dashboard in Microsoft Entra Permissions Management to clone roles/policies for the Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP) authorization systems.

Note

To view the Remediation tab, you must have Viewer, Controller, or Administrator permissions. To make changes on this tab, you must have Controller or Administrator permissions. If you don't have these permissions, contact your system administrator.

Note

Microsoft Azure uses the term role for what other Cloud providers call policy. Permissions Management automatically makes this terminology change when you select the authorization system type. In the user documentation, we use role/policy to refer to both.

Clone a role/policy

1. On the Permissions Management home page, select the Remediation tab, and then select the Role/Policies tab.

2. Select the role/policy you want to clone, and from the Actions column, select Clone.

3. (AWS Only) In the Clone box, the Clone Resources and Clone Conditions checkboxes are automatically selected. Deselect the boxes if the resources and conditions are different from what is displayed.

4. Enter a name for each authorization system that was selected in the Policy Name boxes, and then select Next.

5. If the data collector hasn't been given controller privileges, the following message displays: Only online/controller-enabled authorization systems can be submitted for cloning.

   To clone this role manually, download the script and JSON file.

6. Select Submit.

7. Refresh the Role/Policies tab to see the role/policy you cloned.

Next steps

• To view existing roles/policies, requests, and permissions, see View roles/policies, requests, and permission in the Remediation dashboard.
• To view information about roles/policies, see View information about roles/policies