MC481198 – Microsoft 365 Defender: new role-based access control (RBAC) in preview (archived)

Microsoft Exchange Logo

check before: 2022-12-21

Product:

Azure Active Directory, Defender, Defender for Endpoint, Defender for Identity, Defender for Office 365, Entra, Entra ID, Exchange, Microsoft 365 Defender

Platform:

Online, World tenant

Status:

Change type:

New feature, Admin impact

Links:

Details:

The new RBAC enables security admins to centrally manage privileges across multiple security solutions within a single system with a greater efficiency, currently supporting Microsoft Defender for Endpoint, Microsoft Defender for Office 365, and Microsoft Defender for Identity. Supporting additional Microsoft 365 Defender products will follow in the future.
The new model is fully compatible with the existing individual RBAC models currently supported in Microsoft 365 Defender.
In the new model, permissions are grouped into pre-defined categories that are enforced consistently across the portal and public APIs. In addition, the new model offers greater control over permissions and assignments.
By default, custom roles created in the Microsoft 365 Defender RBAC model are scoped to all data sources. However, if needed, a role can be scoped to one or more specific data sources. Administrators can create and apply roles in the new model by defining new custom roles from scratch or by importing existing roles from the individual RBAC models.
Notes:
The Microsoft 365 Defender security portal will continue to respect existing Azure Active Directory global roles.
The new RBAC model will continue to respect scoping based on device groups for Microsoft Defender for Endpoint.
For Microsoft Defender for Office, scenarios that adhere to Exchange Online roles are not impacted by this new model and will still be managed by Exchange Online in https://admin.exchange.microsoft.com.
Microsoft recommends that customers follow the least privileges principle when assigning permissions to users.
[When this will happen:]
Rollout will begin in mid-December 2022 and is expected to be completed by end of January 2023.

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:

Created:
2022-12-07

updated:
2022-12-07

Task Type

XXXXXXX ... free basic plan only

Docu to Check

XXXXXXX ... free basic plan only

MS How does it affect me

XXXXXXX ... free basic plan only

MS Preperations

XXXXXXX ... free basic plan only

MS Urgency

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

More Info URL

XXXXXXX ... free basic plan only

** AI generated content. This information is not reliable.

the free basic plan is required to see all details. Sign up here


Last updated 6 months ago

Share to MS Teams

Login to your account

Welcome Back, We Missed You!