Merge pull request #286123 from bandersmsft/remove-classic-admins

MCM - Updates to remove classic admin roles for EA

Author: prmerger-automator[bot]

articles/cost-management-billing/manage/cancel-azure-subscription.md

@@ -56,7 +56,7 @@ The following table describes the permission required to cancel a subscription.
 |Subscription type     |Who can cancel  |
 |---------|---------|
 |Subscriptions created when you sign up for Azure through the Azure website. For example, when you sign up for an [Azure Free Account](https://azure.microsoft.com/offers/ms-azr-0044p/), [account with pay-as-you-go rates](https://azure.microsoft.com/offers/ms-azr-0003p/) or as a [Visual studio subscriber](https://azure.microsoft.com/pricing/member-offers/credit-for-visual-studio-subscribers/). |  Service administrator and subscription owner  |
-|[Microsoft Enterprise Agreement](https://azure.microsoft.com/pricing/enterprise-agreement/) and [Enterprise Dev/Test](https://azure.microsoft.com/offers/ms-azr-0148p/)     |  Service administrator and subscription owner       |
+|[Microsoft Enterprise Agreement](https://azure.microsoft.com/pricing/enterprise-agreement/) and [Enterprise Dev/Test](https://azure.microsoft.com/offers/ms-azr-0148p/)     |  Subscription owner       |
 |[Azure plan](https://azure.microsoft.com/offers/ms-azr-0017g/) and [Azure plan for DevTest](https://azure.microsoft.com/offers/ms-azr-0148g/)     |  Subscription owners      |
 
 An account administrator without the service administrator or subscription owner role can’t cancel an Azure subscription. For more information, see [Azure classic subscription administrators](../../role-based-access-control/classic-administrators.md).

articles/cost-management-billing/manage/direct-ea-administration.md

@@ -3,7 +3,7 @@ title: EA Billing administration on the Azure portal
 description: This article explains the common tasks that an enterprise administrator accomplishes in the Azure portal.
 author: bandersmsft
 ms.author: banders
-ms.date: 06/07/2024
+ms.date: 09/04/2024
 ms.topic: conceptual
 ms.service: cost-management-billing
 ms.subservice: enterprise
@@ -265,12 +265,9 @@ Transferring one or more subscriptions from one EA enrollment to another EA enro
 
 Before starting the ownership transfer, get familiar with the following Azure role-based access control (RBAC) policies:
 
-- When doing a subscription or account ownership transfers between two organizational IDs within the same tenant, the following items are preserved:
-    - Azure RBAC policies
-    - Existing service administrator
-    - Coadministrator roles
+- When doing a subscription or account ownership transfers between two organizational IDs within the same tenant Azure RBAC policies and role assignments are preserved.
 - Cross-tenant subscription or account ownership transfers result in losing your Azure RBAC policies and role assignments.
-- Policies and administrator roles don't transfer across different directories. Service administrators are updated to the owner of destination account.
+- Policies and administrator roles don't transfer across different directories. The destination enrollment account owner is assigned as the Subscription Owner role on the subscription.
 - To avoid losing Azure RBAC policies and role assignments when transferring subscription between tenants, ensure that the **Move the subscriptions to the recipient's Microsoft Entra tenant** selection remains cleared. This selection keeps the services, Azure roles, and policies on the current Microsoft Entra tenant and only transfers the billing ownership for the account.
 
 Before changing an account owner:
@@ -412,18 +409,14 @@ When a user is added as an account owner, any Azure subscriptions associated wit
 
 ## Create a subscription
 
-You can use subscriptions to give teams in your organization access to development environments and projects. For example: 
+You can use subscriptions to give teams in your organization access to development environments and projects. For example:
 
 - Test
 - Production
 - Development
 - Staging
 
-When you create different subscriptions for each application environment, you help secure each environment.
-
-- You can also assign a different service administrator account for each subscription.
-- You can associate subscriptions with any number of services.
-- The account owner creates subscriptions and assigns a service administrator account to each subscription in their account.
+When you create different subscriptions for each application environment, you help secure each environment. As an account owner, you can create multiple subscriptions and assign different Subscription Owners for each subscription.
 
 Check out the [EA admin manage subscriptions](https://www.youtube.com/watch?v=KFfcg2eqPo8) video. It's part of the [Enterprise Customer Billing Experience in the Azure portal](https://www.youtube.com/playlist?list=PLeZrVF6SXmsoHSnAgrDDzL0W5j8KevFIm) series of videos.
 
@@ -602,7 +595,7 @@ For either option, you must submit a [support request](https://support.microsoft
 An organizational unit used to administer subscriptions and for reporting.
 
 **Account owner**<br>
-The person who manages subscriptions and service administrators on Azure. They can view usage data on this account and its associated subscriptions.
+The person who manages subscriptions and developoment projects.
 
 **Amendment subscription**<br>
 A one-year, or coterminous subscription under the enrollment amendment.
@@ -634,11 +627,12 @@ An amendment signed by an enterprise, which provides them with access to Azure a
 **Resource quantity consumed**<br>
 The quantity of an individual Azure service that was used in a month.
 
-**Service administrator**<br>
+**Subscription**<br>
+Represents an Azure EA subscription and is a container of Azure services.
+
+**Subscription owner**<br>
 The person who accesses and manages subscriptions and development projects.
 
-**Subscription**<br>
-Represents an Azure EA subscription and is a container of Azure services managed by the same service administrator.
 
 **Work or school account**<br>
 For organizations that set up Microsoft Entra ID with federation to the cloud and all accounts are on a single tenant.

articles/cost-management-billing/manage/understand-ea-roles.md

@@ -6,7 +6,7 @@ ms.reviewer: sapnakeshari
 ms.service: cost-management-billing
 ms.subservice: enterprise
 ms.topic: conceptual
-ms.date: 02/16/2024
+ms.date: 09/04/2024
 ms.author: banders
 ---
 
@@ -49,7 +49,7 @@ The Azure portal hierarchy for Cost Management consists of:
 
 - **Accounts** are organizational units in the Azure portal for Cost Management. You can use accounts to manage subscriptions and access reports.
 
-- **Subscriptions** are the smallest unit in the Azure portal for Cost Management. They're containers for Azure services managed by the Account Owner role, also known as the Subscription's service administrator.
+- **Subscriptions** are the smallest unit in the Azure portal for Cost Management. They're containers for Azure services.
 
 The following diagram illustrates simple Azure EA hierarchies.
 
@@ -63,7 +63,6 @@ The following administrative user roles are part of your enterprise enrollment:
 - EA purchaser
 - Department administrator
 - Account owner
-- Service administrator
 - Notification contact
 
 Use Cost Management in the [Azure portal](https://portal.azure.com) so you can manage Azure Enterprise Agreement roles.
@@ -127,7 +126,7 @@ You can grant department administrators read-only access when you edit or create
 Users with this role can:
 
 - Create and manage subscriptions.
-- Manage service administrators.
+- Manage subscription role assignments.
 - View usage for subscriptions.
 
 Each account requires a unique work, school, or Microsoft account. For more information about Azure portal administrative roles, see [Understand Azure Enterprise Agreement administrative roles in Azure](understand-ea-roles.md).
@@ -136,10 +135,6 @@ There can be only one account owner per account. However, there can be multiple
 
 For different Microsoft Entra accounts, it can take more than 30 minutes for permission settings to take effect.
 
-### Service administrator
-
-The service administrator role has permissions to manage services in the Azure portal and assign users to the coadministrator role.
-
 ### Notification contact
 
 The notification contact receives usage notifications related to the enrollment.