Hi All
i have a user and i would like to give him Read permissions to security center(https://securitycenter.microsoft.com/). If i add him to the Role Security reader in Azure AD, Will it work me. Please guide me.
Hi All
i have a user and i would like to give him Read permissions to security center(https://securitycenter.microsoft.com/). If i add him to the Role Security reader in Azure AD, Will it work me. Please guide me.
@RogerRoger-2394
Thank you for your post!
Assigning the Security Reader role in AzureAD to your user will work. However, keep in mind that you can assign this at the Azure AD or resource level with Azure RBAC (IAM). Depending on your requirements, the Azure AD Security Reader role and the Azure RBAC Security Reader role will give you a different set of permissions. For example, the AzureAD role will give a user global read-only access for security-related features, while the RBAC role will give the user view permissions (recommendations, alerts, a security policy, and security states) for Security Center.
For more info:
Azure AD Security Reader
Azure RBAC Security Reader
Permissions in Azure Security Center
If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.
Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.
@RogerRoger-2394
I just wanted to check in and see if you had any other questions or if you were able to resolve this issue?
Hi,
If you want to assign roles for Defender for Endpoint, following article might help you.
You will find different roles permissions and you will have to choose the ones that works for you:
Hope this helps.
10 people are following this question.