New Microsoft 365 Defender RBAC (Preview)
Hi All,
I've stumbled accross the new Microsoft 365 Defender Role-based access control (RBAC). It is still in Preview but i gave it a go.For now you can create the RBAC Roles only in the M365 Defender Portal. But Graph Integration is at least on the Roadmap.
Centrally manage permissions with the Microsoft 365 Defender role-based access control (RBAC) model
Microsoft 365 Defender role-based access control (RBAC)
Let's have a look. You can find it under the Microsoft 365 Defender Portal https://security.microsoft.com/mtp_roles
Let's create a custom role
Give it a Name and some Discription if you like
Select one of the Categories
Select the Permissions you need or want
Add an assignment
Give it a name and select the Identities
The summary page
Sucessfully created the RBAC Role
That's how it looks like in the Portal
I guess because of the "Security data basics (read)" Permissions i could access a lot of Information.
For just Microsoft 365 Defender for Office 365 / Exchang Online Protection Quarantine it's better to use the "Email and Collaboration Roles"
And assign just the Quarantine Permission
That's much better if you just want someone to manage the Quarantine
Regards
Andres Bohren