Forum Discussion
Dean_Gross
Oct 13, 2022Silver Contributor
Using Lighthouse to monitor MDC
This Cross-tenant management experiences - Azure Lighthouse | Microsoft Learn states that "the entire subscription must be delegated to the managing tenant; Microsoft Defender for Cloud scenarios are not supported with delegated resource groups" does this mean that every subscription monitored by MDC must be delegated to the managed service provider?
Also what happens if MDC is monitoring another cloud? how does this affect the service provider?
- Chandrasekhar_AryaSteel ContributorWe are planning to host defender and manage via lighthouse we ended up delegating the entire subscription and then defined the RBAC roles specific to defender (security reader and Security administrator) the delegation at resource group level doesn't work as defender monitors at subscription level