

Modify a role/policy in the Remediation dashboard

This article describes how you can use the Remediation dashboard in Microsoft Entra Permissions Management to modify roles/policies for the Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP) authorization systems.


To view the Remediation tab, you must have Viewer, Controller, or Administrator permissions. To make changes on this tab, you must have Controller or Administrator permissions. If you don't have these permissions, contact your system administrator.


Microsoft Azure uses the term role for what other cloud providers call policy. Permissions Management automatically makes this terminology change when you select the authorization system type. In the user documentation, we use role/policy to refer to both.

Modify a role/policy

  1. On the Permissions Management home page, select the Remediation tab, and then select the Role/Policies tab.

  2. Select the role/policy you want to modify, and from the Actions column, select Modify.

    You can't modify System policies and roles.

  3. On the Statements page, make your changes to the Tasks, Resources, Request conditions, and Effect sections as required, and then select Next.

  4. Review the changes to the JSON or script on the Preview page, and then select Submit.

Next steps