| Display name | Security Operator | ||
|---|---|---|---|
| Id | 5f2222b1-57c3-48ba-8ad5-d4759f1fde6f | ||
| Description | Creates and manages security events. | ||
| Detailed description | Users with this role can manage alerts and have global read-only access on security-related feature, including all information in Microsoft 365 security center, Microsoft Entra ID Protection, Privileged Identity Management. | ||
| Categories | securityAndCompliance | ||
| isPrivileged | True Privileged | ||
| EntraOps Tier Level | ControlPlane | ||
| #Resource Actions unique | 67 | ||
| #Resource Actions Operations unique | 67 | ||
| #Resource Actions privileged | 1 | ||
| #Resource Actions direct | 13 | ||
| Resource Actions inherited | True | ||
| #Resource Actions inherited | 54 | ||
| Resource Actions inherited from | Directory Readers (88d8e3e3-8f55-4a1e-953a-9b9898b8876b) | ||
| #Resource Actions overlap direct&inherited | 0 | ||
| Resource Actions overlap direct&inherited | |||
| #Resource Actions inherited to | 0 other Entra Id Roles | ||
| Resource Actions inherited to | n/a | ||
| #Resource Actions conditioned | 0 | ||
| #Resource Actions unconditioned | 67 | ||
| #NameSpaces | 7 | ||
| NameSpaces | microsoft.azure.advancedThreatProtection: 1 microsoft.azure.supportTickets: 1 microsoft.directory: 61 microsoft.intune: 1 microsoft.office365.securityComplianceCenter: 1 microsoft.office365.supportTickets: 1 microsoft.windows.defenderAdvancedThreatProtection: 1 |
||
| Actions | allTasks: 7 read: 60 |
||
| Operations actionVerbs | GET: 60 n/a: 7 |
||
| Resource Actions where Consent Policy applies | 0 | ||
| Resource Actions / Consent Policy | n/a | ||
| JSON enriched |
|
||
| JSON raw (v1.0 endpoint) |
|
||
| JSON raw (beta endpoint) |
|