Share via

Role & Permissions

Son man 20 Reputation points
2024-10-08T20:50:58.76+00:00

What are the correct roles or permissions to let a user read and edit the email threat policies in Microsoft defender portal?

From what I can find it would be Security Administrator. Is there a way to lower this role so it is not as privileged, if no other built-in roles exist for it?

Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
231 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,704 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vasil Michev 111.2K Reputation points MVP
    2024-10-09T06:45:52.9766667+00:00

    Defender supports granular RBAC permissions, so you can just use that instead of the Entra roles. You can even create custom roles with just the permissions you need, read here: https://learn.microsoft.com/en-us/defender-xdr/create-custom-rbac-roles

    1 person found this answer helpful.
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.