How do permissions work in Microsoft Defender for Cloud?
Microsoft Defender for Cloud uses Azure role-based access control (Azure RBAC), which provides built-in roles that can be assigned to users, groups, and services in Azure.
Defender for Cloud assesses the configuration of your resources to identify security issues and vulnerabilities. In Defender for Cloud, you only see information related to a resource when you're assigned the role of Owner, Contributor, or Reader for the subscription or resource group that a resource belongs to.
See Permissions in Microsoft Defender for Cloud to learn more about roles and allowed actions in Defender for Cloud.
Who can modify a security policy?
To modify a security policy, you must be a Security Admin or an Owner or Contributor of that subscription.
To learn how to configure a security policy, see Setting security policies in Microsoft Defender for Cloud.
What is the minimum SAS policy permissions required when exporting data to Azure Event Hubs?
Send is the minimum SAS policy permissions required. For step-by-step instructions, see Step 1: Create an Event Hubs namespace and event hub with send permissions in this article.