RBAC

Azure – You can now delegate management of reservations

Leave a Comment / Microsoft Azure / / / , , , ,

As you may be aware, one way to optimize running costs on Azure is to use reservations, allowing you to get discount when you commit running specific workloads and SKUs (see https://docs.microsoft.com/en-us/azure/cost-management-billing/reservations/save-compute-costs-reservations/ to know more). Another important part of running workloads in cloud services is ensuring you can delegate some administration tasks to workloads owners. […]

Azure – You can now delegate management of reservations Read More »

Azure – You can now use RBAC to manage access to Key Vault (preview)

Leave a Comment / Beta / Preview, Microsoft Azure, Security / / / , , , , , ,

As you know, Key Vault lets you save secrets, certificates or keys in a secure way to then allows you to use it either with automation or simply as a ‘user vault’. You also know that access to the Key Vault is managed by assigning access policies, defining who can access and do what. Well,

Azure – You can now use RBAC to manage access to Key Vault (preview) Read More »

Intune – Additional permissions for the Endpoint Security Manager role

Leave a Comment / Endpoint Configuration Manager, Microsoft Intune / / / , , ,

As you know, you can delegate permissions to allow certain administrative or management tasks using RBAC (Role Based Access Control) on Intune/Endpoint Configuration Manager. Well, new permissions have been added to the Endpoint Security Manager role: Initiate Configuration Manager action Microsoft Defender ATP Reboot now Remote lock Rotate BitLockerKeys (preview) Rotate FileVault key Shut down

Intune – Additional permissions for the Endpoint Security Manager role Read More »

Azure – You can now create custom RBAC role to access subscription or Resource Groups

Leave a Comment / Microsoft Azure / / / , ,

As you know, access to Azure subscriptions and resources is managed using Role Based Access Control (RBAC). While Microsoft is providing a lot of out the box RBAC roles, sometime you may need to create a custom role with very specific permissions to access subscriptions and resource groups. In the past, this ability to create

Azure – You can now create custom RBAC role to access subscription or Resource Groups Read More »

Intune – New administration roles available

Leave a Comment / Microsoft Intune / / / , , , ,

A new administration role for Intune has been made available – Endpoint Security Manager. This new role is an extension of the the Security Administrator role, to allow you The associated permissions with this new Endpoint Security Manager are: Read, Create, Update, Delete, and Assign Device Compliance Policies Read, Delete, and Update Managed devices Read,

Intune – New administration roles available Read More »

Exchange Online – A new administration role is being deployed: Quarantine Administrator

Leave a Comment / Exchange, Office 365, Security / / / , , , , , , , ,

This was a missing role since the beginning of Office 365 and Exchange Online to allow the delegation of the administration of the quarantine. Before you had to create your very own Exchange Role with the correct permissions – Mail Recipient, Message Tracking, Transport Hygiene and View-Only Configuration (which was not easy to find as

Exchange Online – A new administration role is being deployed: Quarantine Administrator Read More »