SOLVED

Access control?

%3CLINGO-SUB%20id%3D%22lingo-sub-134900%22%20slang%3D%22en-US%22%3EAccess%20control%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-134900%22%20slang%3D%22en-US%22%3E%3CP%3EIs%20there%20a%20way%20to%20restrict%20who%20can%20access%20ATP%3F%26nbsp%3B%20I%20am%20just%20onboarding%20and%20I've%20found%20any%20user%20can%20access%20it%20-%20which%20could%20be%20a%20bit%20of%20a%20problem.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-136275%22%20slang%3D%22en-US%22%3ERE%3A%20Access%20control%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-136275%22%20slang%3D%22en-US%22%3EAt%20the%20%3CA%20href%3D%22https%3A%2F%2Fportal.atp.azure.com%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fportal.atp.azure.com%3C%2FA%3E%20you%20see%20a%20little%20link%20and%20help%20button%20in%20the%20upper%20right%20corner.%20It%20says%20there%20are%20three%20groups%20namein%20%22Azure%20ATP%20%5Bworkspace%5D%20%5Brole%5D%22%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-136189%22%20slang%3D%22en-US%22%3ERe%3A%20RE%3A%20Access%20control%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-136189%22%20slang%3D%22en-US%22%3E%3CP%3EAzure%20ATP%20creates%20three%20AAD%20groups%20which%20you%20can%20use%20to%20provide%20access%20to%20each%20Azure%20ATP%20workspace%20you%20create%3A%20They%20are%20named%20Azure%20ATP%20%3CWORKSPACENAME%3E%20Administrators%3B%26nbsp%3B%3CSPAN%3EAzure%20ATP%20%3CWORKSPACENAME%3E%26nbsp%3BUsers%20and%20Azure%20ATP%26nbsp%3B%3CWORKSPACENAME%3E%20%3C%2FWORKSPACENAME%3E%3C%2FWORKSPACENAME%3E%3C%2FSPAN%3E%3CSPAN%3EViewers.%20Details%20on%20what%20each%20group%20can%20access%20can%20be%20found%20here%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fadvanced-threat-analytics%2Fata-role-groups%26nbsp%3B%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fadvanced-threat-analytics%2Fata-role-groups%3C%2FA%3E%3C%2FSPAN%3E%26nbsp%3B%3C%2FWORKSPACENAME%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%3EAdding%20users%20to%20these%20AAD%20groups%20will%20give%20them%20access%20to%20an%20individual%20workspace%20(they%20will%20need%20to%20use%20the%20full%20workspace%20URL).%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%3EOnly%20Global%20Administrators%20and%20Security%20administrators%20can%20access%20the%20Workspace%20management%20portal%20at%20%3CA%20href%3D%22https%3A%2F%2Fportal.atp.azure.com%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fportal.atp.azure.com%3C%2FA%3E%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-136159%22%20slang%3D%22en-US%22%3ERe%3A%20RE%3A%20Access%20control%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-136159%22%20slang%3D%22en-US%22%3EThanks.%20Turned%20out%20the%20users%20I%20asked%20to%20try%20it%20was%20Global%20admins.%20I've%20tested%20with%20someone%20else%20and%20they%20could%20not%20get%20access.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-136034%22%20slang%3D%22en-US%22%3ERE%3A%20Access%20control%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-136034%22%20slang%3D%22en-US%22%3EHi%2C%20in%20my%20experience%20only%20a%20Global%20Administrator%20can%20access%20the%20content%20of%20the%20Azure%20ATP.%3C%2FLINGO-BODY%3E
Deleted
Not applicable

Is there a way to restrict who can access ATP?  I am just onboarding and I've found any user can access it - which could be a bit of a problem.

 

 

4 Replies
Hi, in my experience only a Global Administrator can access the content of the Azure ATP.
Thanks. Turned out the users I asked to try it was Global admins. I've tested with someone else and they could not get access.
Best Response
Solution

Azure ATP creates three AAD groups which you can use to provide access to each Azure ATP workspace you create: They are named Azure ATP <WorkspaceName> Administrators; Azure ATP <WorkspaceName> Users and Azure ATP <WorkspaceName> Viewers. Details on what each group can access can be found here: https://docs.microsoft.com/en-us/advanced-threat-analytics/ata-role-groups 

 

Adding users to these AAD groups will give them access to an individual workspace (they will need to use the full workspace URL).

 

Only Global Administrators and Security administrators can access the Workspace management portal at https://portal.atp.azure.com

At the https://portal.atp.azure.com you see a little link and help button in the upper right corner. It says there are three groups namein "Azure ATP [workspace] [role]"