SOLVED

Access control?

%3CLINGO-SUB%20id%3D%22lingo-sub-134900%22%20slang%3D%22en-US%22%3EAccess%20control%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-134900%22%20slang%3D%22en-US%22%3E%3CP%3EIs%20there%20a%20way%20to%20restrict%20who%20can%20access%20ATP%3F%26nbsp%3B%20I%20am%20just%20onboarding%20and%20I've%20found%20any%20user%20can%20access%20it%20-%20which%20could%20be%20a%20bit%20of%20a%20problem.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-136275%22%20slang%3D%22en-US%22%3ERE%3A%20Access%20control%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-136275%22%20slang%3D%22en-US%22%3EAt%20the%20%3CA%20href%3D%22https%3A%2F%2Fportal.atp.azure.com%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fportal.atp.azure.com%3C%2FA%3E%20you%20see%20a%20little%20link%20and%20help%20button%20in%20the%20upper%20right%20corner.%20It%20says%20there%20are%20three%20groups%20namein%20%22Azure%20ATP%20%5Bworkspace%5D%20%5Brole%5D%22%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-136189%22%20slang%3D%22en-US%22%3ERe%3A%20RE%3A%20Access%20control%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-136189%22%20slang%3D%22en-US%22%3E%3CP%3EAzure%20ATP%20creates%20three%20AAD%20groups%20which%20you%20can%20use%20to%20provide%20access%20to%20each%20Azure%20ATP%20workspace%20you%20create%3A%20They%20are%20named%20Azure%20ATP%20%3CWORKSPACENAME%3E%20Administrators%3B%26nbsp%3B%3CSPAN%3EAzure%20ATP%20%3CWORKSPACENAME%3E%26nbsp%3BUsers%20and%20Azure%20ATP%26nbsp%3B%3CWORKSPACENAME%3E%20%3C%2FWORKSPACENAME%3E%3C%2FWORKSPACENAME%3E%3C%2FSPAN%3E%3CSPAN%3EViewers.%20Details%20on%20what%20each%20group%20can%20access%20can%20be%20found%20here%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fadvanced-threat-analytics%2Fata-role-groups%26nbsp%3B%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fadvanced-threat-analytics%2Fata-role-groups%3C%2FA%3E%3C%2FSPAN%3E%26nbsp%3B%3C%2FWORKSPACENAME%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%3EAdding%20users%20to%20these%20AAD%20groups%20will%20give%20them%20access%20to%20an%20individual%20workspace%20(they%20will%20need%20to%20use%20the%20full%20workspace%20URL).%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%3EOnly%20Global%20Administrators%20and%20Security%20administrators%20can%20access%20the%20Workspace%20management%20portal%20at%20%3CA%20href%3D%22https%3A%2F%2Fportal.atp.azure.com%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fportal.atp.azure.com%3C%2FA%3E%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-136159%22%20slang%3D%22en-US%22%3ERe%3A%20RE%3A%20Access%20control%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-136159%22%20slang%3D%22en-US%22%3EThanks.%20Turned%20out%20the%20users%20I%20asked%20to%20try%20it%20was%20Global%20admins.%20I've%20tested%20with%20someone%20else%20and%20they%20could%20not%20get%20access.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-136034%22%20slang%3D%22en-US%22%3ERE%3A%20Access%20control%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-136034%22%20slang%3D%22en-US%22%3EHi%2C%20in%20my%20experience%20only%20a%20Global%20Administrator%20can%20access%20the%20content%20of%20the%20Azure%20ATP.%3C%2FLINGO-BODY%3E
Highlighted
Deleted
Not applicable

Is there a way to restrict who can access ATP?  I am just onboarding and I've found any user can access it - which could be a bit of a problem.

 

 

4 Replies
Highlighted
Hi, in my experience only a Global Administrator can access the content of the Azure ATP.
Highlighted
Thanks. Turned out the users I asked to try it was Global admins. I've tested with someone else and they could not get access.
Highlighted
Best Response
Solution

Azure ATP creates three AAD groups which you can use to provide access to each Azure ATP workspace you create: They are named Azure ATP <WorkspaceName> Administrators; Azure ATP <WorkspaceName> Users and Azure ATP <WorkspaceName> Viewers. Details on what each group can access can be found here: https://docs.microsoft.com/en-us/advanced-threat-analytics/ata-role-groups 

 

Adding users to these AAD groups will give them access to an individual workspace (they will need to use the full workspace URL).

 

Only Global Administrators and Security administrators can access the Workspace management portal at https://portal.atp.azure.com

Highlighted
At the https://portal.atp.azure.com you see a little link and help button in the upper right corner. It says there are three groups namein "Azure ATP [workspace] [role]"