AzEntraIdRolesAdvertizer

last sync: 2025-Apr-29 17:09:03 Etc/UTC

Conditional Access Administrator - b1be1c3e-b65d-4f19-8427-f6fa0d97feb9
Entra Id Role definition

Display name Conditional Access Administrator
Id b1be1c3e-b65d-4f19-8427-f6fa0d97feb9
Description Can manage Conditional Access capabilities.
Detailed description Users with this role have the ability to manage Microsoft Entra Conditional Access settings. Note: To deploy Exchange ActiveSync Conditional Access policy in Azure, the user must also be Global Administrator.
Categories identity,securityAndCompliance
isPrivileged True Privileged
EntraOps Tier Level ControlPlane
#Resource Actions unique 67
#Resource Actions Operations unique 70
#Resource Actions privileged 1
#Resource Actions direct 13
Resource Actions inherited True
#Resource Actions inherited 54
Resource Actions inherited from Directory Readers (88d8e3e3-8f55-4a1e-953a-9b9898b8876b)
#Resource Actions overlap direct&inherited 0
Resource Actions overlap direct&inherited
#Resource Actions inherited to 0 other Entra Id Roles
Resource Actions inherited to n/a
#Resource Actions conditioned 0
#Resource Actions unconditioned 67
#NameSpaces 1
NameSpaces microsoft.directory: 67
Actions create: 2
delete: 2
read: 58
update: 5
Operations actionVerbs DELETE: 4
GET: 58
PATCH: 4
POST: 4
Resource Actions where Consent Policy applies 0
Resource Actions / Consent Policy n/a
JSON enriched
JSON raw (v1.0 endpoint)
GET /roleManagement/directory/roleDefinitions/{id}
JSON raw (beta endpoint)
GET /roleManagement/directory/roleDefinitions/{id}