Scoping a policy to an Admin role

%3CLINGO-SUB%20id%3D%22lingo-sub-1036132%22%20slang%3D%22en-US%22%3EScoping%20a%20policy%20to%20an%20Admin%20role%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1036132%22%20slang%3D%22en-US%22%3E%3CP%3EI%20understand%20how%20I%20can%20adjust%20the%20scope%20of%20an%20MCAS%20Policy%20to%20specific%20users%20or%20user%20groups%2C%20is%20there%20any%20way%20to%20do%20this%20for%20specific%20Admin%20Roles%2C%20i.e.%20SPO%2C%20EXO%20or%20Teams%20admins%20or%20any%20of%20the%20other%20Azure%20AD%20admin%20roles%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1036132%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ECloud%20App%20Security%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1070823%22%20slang%3D%22en-US%22%3ERe%3A%20Scoping%20a%20policy%20to%20an%20Admin%20role%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1070823%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fcloud-app-security%2Fmanage-admins%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fcloud-app-security%2Fmanage-admins%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThe%20documentation%20above%20covers%20the%20possible%20admin%20roles.%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1096%22%20target%3D%22_blank%22%3E%40Dean%20Gross%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1071979%22%20slang%3D%22en-US%22%3ERe%3A%20Scoping%20a%20policy%20to%20an%20Admin%20role%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1071979%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F177014%22%20target%3D%22_blank%22%3E%40Banu%20Jafarli%3C%2FA%3E%26nbsp%3BSorry%2C%20I%20was%20not%20very%20clear%2C%20I%20am%20asking%20about%20the%20ability%20to%20create%20a%20policy%20that%20would%20monitor%20activities%20performed%20by%20users%20in%20a%20specific%20Admin%20Role.%20The%20filter%20shown%20below%20lets%20me%20pick%20users%2C%20or%20groups%2C%20but%20not%20Roles.%26nbsp%3B%20When%20we%20use%20Azure%20AD%20Privileged%20Identity%20Management%2C%20the%20people%20that%20have%20enabled%20a%20specific%20role%20can%20vary%2C%20in%20some%20scenarios%20it%20could%20be%20helpful%20to%20have%20a%20policy%20to%20monitor%20various%20PIM%20managed%20roles.%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F162314iA2A00065DF6C8858%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22clipboard_image_1.png%22%20title%3D%22clipboard_image_1.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Respected Contributor

I understand how I can adjust the scope of an MCAS Policy to specific users or user groups, is there any way to do this for specific Admin Roles, i.e. SPO, EXO or Teams admins or any of the other Azure AD admin roles?

2 Replies

https://docs.microsoft.com/en-us/cloud-app-security/manage-admins

 

The documentation above covers the possible admin roles. 

 

@Dean Gross 

@Banu Jafarli Sorry, I was not very clear, I am asking about the ability to create a policy that would monitor activities performed by users in a specific Admin Role. The filter shown below lets me pick users, or groups, but not Roles.  When we use Azure AD Privileged Identity Management, the people that have enabled a specific role can vary, in some scenarios it could be helpful to have a policy to monitor various PIM managed roles. 

clipboard_image_1.png