Feb 04 2020 03:43 AM
Dear all,
recently we tested user group admin delegation rights in Microsoft Cloud App Security. According https://docs.microsoft.com/en-us/cloud-app-security/manage-admins
User group admin: Has full or read-only permissions to all of the data in Microsoft Cloud App Security that deals exclusively with the specific group selected here. For example, if you give a user admin permission to the group "Germany - all users", the admin can view and modify information in Microsoft Cloud App Security only for that user group. ... Moreover The user group admin should have no permissions on File page.
However if we test this user group admin can see all the files in the file page (even files which are owned by users not part of the group to which he/she has rights). I would say that user group admin should be able to see no files or at least only those files which are owned by someone in group that is administering.
Has this changed recently in microsoft cloud app security, is it by design or have I misconfigured something somehow?
Thank you for your help
Martin
Feb 21 2020 09:56 AM
I recommend submitting a support ticket for us to investigate this.