Microsoft Entra Permissions Management is now generally available!
Published Jul 07 2022 06:00 AM 237K Views

Howdy folks, 


As a part of our mission to support organizations’ multicloud strategy, last summer we acquired CloudKnox Security, a leader in Cloud Infrastructure Entitlement Management (CIEM). We delivered the Microsoft public preview of the solution in February. Since then, we’ve been preparing for GA with enhancements, including GDPR compliance, global localization, and automated onboarding.   


Today, I’m thrilled to announce the general availability (GA) of Microsoft Entra Permissions Management, formerly CloudKnox, as part of the Microsoft Entra portfolio. Permissions Management is available today as a standalone solution, priced at $125 per resource, per year. Resources supported are compute resources, container clusters, serverless functions, and databases across Amazon Web Services, Microsoft Azure, and Google Cloud Platform. Let’s dive into some of the product features and updates.  



Manage permissions of any identity, across any cloud, with one unified platform

Microsoft Entra Permissions Management allows organizations to discover, remediate, and monitor permissions for all identities (both human and workloads) and resources across multicloud environments. By continuously monitoring permission usage, Permissions Management allows you to enforce the principle of least privilege at cloud scale using historical data so that your organization can improve its security posture without interrupting productivity. 


  • Discover: Get granular visibility into every action performed by every identity, on every resource, and assess your permission risk and monitoring permissions granted versus permissions used.
  • Remediate: Close the permission gap by enforcing the principle of least privileges based on actual usage, leveraging our permission on-demand workflow when additional permissions are needed.
  • Monitor: Continuously monitor all activity to detect anomalous permission usage and generate detailed forensic reports to support rapid investigation and remediation.


Example of Microsoft Entra Permission Manager screenshot





New streamlined onboarding and monitoring capabilities

As part of our GA release, we’re introducing a new, automated approach to onboarding your AWS, Azure, and GCP environments into Permissions Management. With a simplified workflow, you can efficiently collect permissions data across clouds at scale with just a few clicks. 


To kick off our integrations with our Microsoft portfolio, users can now monitor their Permission Creep Index and access Permissions Management directly from their Defender for Cloud dashboard, extending Defender for Cloud's protection with CIEM.    


This is just the beginning! We're actively expanding our integrations and features and will begin rolling them out later this year. To learn more about our GA release, visit our Permissions Management documentation.


Try Microsoft Entra Permissions Management today   

We're offering a free 90-day trial to Permissions Management so that you can run a comprehensive risk assessment and identify the top permission risks across your multicloud infrastructure.   


Within a few hours of onboarding, Permissions Management will generate a comprehensive Permissions Analytics Report to identify your organization’s areas of greatest risk, with actionable insights to begin remediation and secure your environment. Request a free risk assessment today at


If you're interested in learning more about Microsoft Entra Permissions Management, visit our website and our product documentation! We’d love to hear your feedback, so please leave a comment below and join our security experts at our Ask Me Anything session on July 19th at 9 AM PST if you have any questions.   


Best regards, 

Alex Simons (Twitter: @Alex_A_Simons) 

Corporate Vice President Product Management 

Microsoft Identity Division  



Learn more about Microsoft identity: 


Version history
Last update:
‎Jul 11 2022 10:00 AM
Updated by: