Scoping a policy to an Admin role

%3CLINGO-SUB%20id%3D%22lingo-sub-1036132%22%20slang%3D%22en-US%22%3EScoping%20a%20policy%20to%20an%20Admin%20role%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1036132%22%20slang%3D%22en-US%22%3E%3CP%3EI%20understand%20how%20I%20can%20adjust%20the%20scope%20of%20an%20MCAS%20Policy%20to%20specific%20users%20or%20user%20groups%2C%20is%20there%20any%20way%20to%20do%20this%20for%20specific%20Admin%20Roles%2C%20i.e.%20SPO%2C%20EXO%20or%20Teams%20admins%20or%20any%20of%20the%20other%20Azure%20AD%20admin%20roles%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1036132%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ECloud%20App%20Security%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1070823%22%20slang%3D%22en-US%22%3ERe%3A%20Scoping%20a%20policy%20to%20an%20Admin%20role%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1070823%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fcloud-app-security%2Fmanage-admins%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fcloud-app-security%2Fmanage-admins%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThe%20documentation%20above%20covers%20the%20possible%20admin%20roles.%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1096%22%20target%3D%22_blank%22%3E%40Dean%20Gross%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1071979%22%20slang%3D%22en-US%22%3ERe%3A%20Scoping%20a%20policy%20to%20an%20Admin%20role%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1071979%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F177014%22%20target%3D%22_blank%22%3E%40Banu%20Jafarli%3C%2FA%3E%26nbsp%3BSorry%2C%20I%20was%20not%20very%20clear%2C%20I%20am%20asking%20about%20the%20ability%20to%20create%20a%20policy%20that%20would%20monitor%20activities%20performed%20by%20users%20in%20a%20specific%20Admin%20Role.%20The%20filter%20shown%20below%20lets%20me%20pick%20users%2C%20or%20groups%2C%20but%20not%20Roles.%26nbsp%3B%20When%20we%20use%20Azure%20AD%20Privileged%20Identity%20Management%2C%20the%20people%20that%20have%20enabled%20a%20specific%20role%20can%20vary%2C%20in%20some%20scenarios%20it%20could%20be%20helpful%20to%20have%20a%20policy%20to%20monitor%20various%20PIM%20managed%20roles.%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F162314iA2A00065DF6C8858%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22clipboard_image_1.png%22%20title%3D%22clipboard_image_1.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Respected Contributor

I understand how I can adjust the scope of an MCAS Policy to specific users or user groups, is there any way to do this for specific Admin Roles, i.e. SPO, EXO or Teams admins or any of the other Azure AD admin roles?

2 Replies
Highlighted

https://docs.microsoft.com/en-us/cloud-app-security/manage-admins

 

The documentation above covers the possible admin roles. 

 

@Dean Gross 

Highlighted

@Banu Jafarli Sorry, I was not very clear, I am asking about the ability to create a policy that would monitor activities performed by users in a specific Admin Role. The filter shown below lets me pick users, or groups, but not Roles.  When we use Azure AD Privileged Identity Management, the people that have enabled a specific role can vary, in some scenarios it could be helpful to have a policy to monitor various PIM managed roles. 

clipboard_image_1.png