You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-xdr/import-rbac-roles.md
+9-1Lines changed: 9 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -12,7 +12,7 @@ ms.collection:
12
12
- tier3
13
13
ms.custom:
14
14
ms.topic: how-to
15
-
ms.date: 06/13/2024
15
+
ms.date: 06/28/2024
16
16
ms.reviewer:
17
17
search.appverid: met150
18
18
---
@@ -45,16 +45,22 @@ The following steps guide you on how to import roles into Microsoft Defender XDR
45
45
46
46
> [!IMPORTANT]
47
47
> You must be a Global Administrator or Security Administrator in Microsoft Entra ID, or have all the **Authorization** permissions assigned in Microsoft Defender XDR Unified RBAC to perform this task. For more information on permissions, see [Permission pre-requisites](manage-rbac.md#permissions-prerequisites).
48
+
> Microsoft recommends that you use roles with the fewest permissions. This helps improve security for your organization. Global Administrator is a highly privileged role that should be limited to emergency scenarios when you can't use an existing role.
48
49
49
50
1. Sign in to the [Microsoft Defender portal](https://security.microsoft.com).
51
+
50
52
2. In the navigation pane, select **Permissions**.
53
+
51
54
3. Select **Roles** under Microsoft Defender XDR to get to the Permissions and roles page.
55
+
52
56
4. Select **Import role**.
57
+
53
58
5. Select the products you want to import roles from.
54
59
55
60
:::image type="content" source="/defender/media/defender/m365-defender-import-workloads.png" alt-text="Screenshot of the import workloads page" lightbox="/defender/media/defender/m365-defender-import-workloads.png":::
56
61
57
62
6. Select **Next** to choose the roles to import. You can choose all roles or select specific roles from the list. Select the role name to review the permissions and assigned users or groups for that specific role.
63
+
58
64
7. Select the roles you want to import and select **Next**.
59
65
60
66
> [!NOTE]
@@ -63,6 +69,7 @@ The following steps guide you on how to import roles into Microsoft Defender XDR
63
69
> To import this role to Unified RBAC, remove the user or user group from the role in the original RBAC model. Select the role to view the list of users that still exist for that role to determine which user or group to remove.
64
70
65
71
8. Select **Submit**.
72
+
66
73
9. Select **Done** on the confirmation page.
67
74
68
75
Now that you have imported your roles you will be able to [View and edit roles](edit-delete-rbac-roles.md) and activate the workloads.
@@ -78,5 +85,6 @@ Imported roles appear in the **Permissions and roles** list together with any cu
78
85
79
86
-[Activate Microsoft Defender XDR Unified RBAC](activate-defender-rbac.md)
80
87
-[Edit or delete roles](edit-delete-rbac-roles.md)
0 commit comments