Microsoft Security Tech Accelerator
Dec 06 2023, 07:00 AM - 12:00 PM (PST)
Microsoft Tech Community

RBAC permissions

Brass Contributor


Hopefully i'll get a response to this question!  Are the 3 Azure ATP role groups only designed to work in the ATP portal?  I'm a member of the Azure ATP Administrators group and can see incidents and alerts in the ATP Portal but not on the Defender 365 Portal.  Is their a similar RBAC model for Defender 365 or just the Azure Roles??




8 Replies
the ATP portal (* and are aligned with the same RBAC permissions for data coming from AATP (MDI) .
However its not working in My test user is a member of the ATP Admins group only in Azure and it works fine in the ATP Portal but not the 365 Portal
I would double check that indeed you are logged in with the exact same credentials to both portals,
and if you do, open a support case.
best response confirmed by rob_wood_8894 (Brass Contributor)
Correction: The permissions will be aligned when we move to the new RBAC model which is coming soon.
See for handling the current permission model.
Sorry for misleading earlier.

@Eli Ofek No worries, i thought as much and the support guys have more or less confirmed that for the 365 Defender portal you need Azure admin roles currently as it is combining features with MDCA and MDE

@Eli Ofek Hi are there any timelines for when the RBAC model you mentioned is coming to the 365 Security portal?

This is currently being previewed with select customer, the expectation is that it will be in public preview in the coming months