Thanks for sharing this, this helped!
I was using the roles you can find under "Azure > Azure Active Directory > Roles and administrators", I wasn't aware that I should've went for the roles under "Intune > Tenant administration > Roles > All roles > Application Manager > Assignments > Assign to new group".
Thanks for the clarification.