| Display name | Global Secure Access Administrator | ||
|---|---|---|---|
| Id | ac434307-12b9-4fa1-a708-88bf58caabc1 | ||
| Description | Create and manage all aspects of Global Secure Internet Access and Microsoft Global Secure Private Access, including managing access to public and private endpoints. | ||
| Detailed description | Users with this role have global permissions within Microsoft Global Secure network access solutions, including full read-write access to the admin portal for Global Secure Internet Access and Global Secure Private Access. This role does not grant the ability to manage enterprise applications, application registrations, and application proxy settings. | ||
| Categories | securityAndCompliance | ||
| isPrivileged | False | ||
| EntraOps Tier Level | ControlPlane | ||
| #Resource Actions unique | 70 | ||
| #Resource Actions Operations unique | 70 | ||
| #Resource Actions privileged | 0 | ||
| #Resource Actions direct | 20 | ||
| Resource Actions inherited | True | ||
| #Resource Actions inherited | 54 | ||
| Resource Actions inherited from | Directory Readers (88d8e3e3-8f55-4a1e-953a-9b9898b8876b) | ||
| #Resource Actions overlap direct&inherited | 4 | ||
| Resource Actions overlap direct&inherited | microsoft.directory/applicationPolicies/standard/read microsoft.directory/applications/owners/read microsoft.directory/applications/policies/read microsoft.directory/applications/standard/read |
||
| #Resource Actions inherited to | 0 other Entra Id Roles | ||
| Resource Actions inherited to | n/a | ||
| #Resource Actions conditioned | 0 | ||
| #Resource Actions unconditioned | 70 | ||
| #NameSpaces | 7 | ||
| NameSpaces | microsoft.azure.supportTickets: 1 microsoft.directory: 64 microsoft.networkAccess: 1 microsoft.office365.messageCenter: 1 microsoft.office365.serviceHealth: 1 microsoft.office365.supportTickets: 1 microsoft.office365.webPortal: 1 |
||
| Actions | allTasks: 4 read: 66 |
||
| Operations actionVerbs | GET: 66 n/a: 4 |
||
| Resource Actions where Consent Policy applies | 0 | ||
| Resource Actions / Consent Policy | n/a | ||
| JSON enriched |
|
||
| JSON raw (v1.0 endpoint) |
|
||
| JSON raw (beta endpoint) |
|