https://learn.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protection
Conditional Access Administrator
- Does not have access to Identity Protection | User risk policy
- Does not have "Grants access to Risky Users Report"
Authentication Administrator
- Does not have access to Identity Protection | User risk policy
- Does not have "Grants access to Risky Users Report"
Security Administrator
- Has update access to Identity Protection | User risk policy
microsoft.directory/identityProtection/allProperties/update = Update all resources in Azure AD Identity Protection
- Grants access to Risky Users Report
Security Operator
- Has only read access to Identity Protection | User risk policy
microsoft.directory/identityProtection/allProperties/allTasks = Create and delete all resources, and read and update standard properties in Azure AD Identity Protection
- Grants access to Risky Users Report
No comments:
Post a Comment