Merge pull request #2571 from MicrosoftDocs/diannegali-updateurbacmde

adding MDE note for URBAC - publishing Feb 17, 2025

Author: diannegali

defender-xdr/activate-defender-rbac.md

@@ -12,7 +12,7 @@ ms.collection:
 - tier3
 ms.custom: 
 ms.topic: how-to
-ms.date: 11/17/2024
+ms.date: 02/16/2025
 ms.reviewer: 
 search.appverid: met150
 ---
@@ -32,7 +32,12 @@ search.appverid: met150
 - [Microsoft Defender for Cloud Apps](/defender-cloud-apps/)
 - [Microsoft Security Exposure Management](/security-exposure-management/)
 
-For the Microsoft Defender XDR security portal to start enforcing the permissions and assignments configured in your new [custom roles](create-custom-rbac-roles.md) or [imported roles](import-rbac-roles.md), you must activate the Microsoft Defender XDR Unified RBAC model for some or all of your workloads.
+This article lists the steps to activate Defender workloads available in your environment to use the Microsoft Defender XDR Unified role-based access control (RBAC). Activate the Unified RBAC model for some or all of your workloads for the Microsoft Defender portal to start enforcing the permissions and assignments configured in your new [custom roles](create-custom-rbac-roles.md) or [imported roles](import-rbac-roles.md).
+
+> [!IMPORTANT]
+> Starting February 16, 2025, the Microsoft Defender XDR Unified RBAC model will be the default permissions model for new Microsoft Defender Endpoint tenants. These new tenants won't have the capability to export roles and permissions from the current model.
+>
+> Defender for Endpoint tenants with roles and permissions assigned or exported prior to this date will maintain their current roles and permissions configuration.
 
 <a name='activate-microsoft-365-defender-unified-rbac'></a>
 
@@ -44,7 +49,7 @@ The following steps guide you on how to activate the Microsoft Defender XDR Unif
 2. [Activate in Microsoft Defender XDR settings](#activate-in-microsoft-365-defender-settings)
 
 > [!IMPORTANT]
-> You must be a Global Administrator or Security Administrator in Microsoft Entra ID to perform this task. For more information on permissions, see [Permission pre-requisites](manage-rbac.md#permissions-prerequisites).
+> You must be a Global Administrator or Security Administrator in Microsoft Entra ID to perform this task. For more information on permissions, see [Permission prerequisites](manage-rbac.md#permissions-prerequisites).
 > Microsoft recommends that you use roles with the fewest permissions. This helps improve security for your organization. Global Administrator is a highly privileged role that should be limited to emergency scenarios when you can't use an existing role.
 
 ### Activate from the Permissions and roles page
@@ -60,12 +65,12 @@ You can activate your workloads in two ways from the Permissions and roles page:
 - Select **Activate workloads** on the banner above the list of roles to go directly to the **Activate workloads** screen.
 - You must activate each workload one by one. Once you select the individual toggle, you activate (or deactivate) that workload.
 
-:::image type="content" source="/defender/media/defender/defender-activate-workloads.png" alt-text="Screenshot of the choose workloads to activate screen.":::
+:::image type="content" source="/defender/media/defender/defender-activate-workloads.png" alt-text="Screenshot of the page where you can choose workloads to activate.":::
 
    > [!NOTE]
-   > The **Activate workloads** button is only available when there is it at least one workload that's not active for Microsoft Defender XDR Unified RBAC.
+   > The **Activate workloads** button is only available when there's it at least one workload that's not active for Microsoft Defender XDR Unified RBAC.
    > Microsoft Defender for Cloud is active by default with Microsoft Defender XDR Unified RBAC.
-   > Defender XDR Unified RBAC is automatically active for Exposure Management access. Once a custom role with one of the Exposure Management permissions is created, it has an immediate impact on assigned users. There is no need to activate it.
+   > Defender XDR Unified RBAC is automatically active for Exposure Management access. Once a custom role with one of the Exposure Management permissions is created, it has an immediate impact on assigned users. There's no need to activate it.
    > 
    > To activate Exchange Online permissions in Microsoft Defender XDR Unified RBAC, Defender for Office 365 permissions must be active. 
    
@@ -98,15 +103,15 @@ Follow these steps to activate your workloads directly in Microsoft Defender XDR
 You have now successfully activated (or deactivated) that workload.
 
 > [!NOTE]
-> The Microsoft Defender XDR Unified RBAC model only impacts the Microsoft Defender XDR security portal. It does not impact the [Microsoft Purview Compliance center](https://compliance.microsoft.com) or the [Exchange Admin Center](https://admin.exchange.microsoft.com).
+> The Microsoft Defender XDR Unified RBAC model only impacts the Microsoft Defender portal. It doesn't impact the [Microsoft Purview portal](https://purview.microsoft.com) or the [Exchange Admin Center](https://admin.exchange.microsoft.com).
 
 <a name='deactivate-microsoft-365-defender-unified-rbac'></a>
 
 ## Deactivate Microsoft Defender XDR Unified RBAC
 
 You can deactivate Microsoft Defender XDR Unified RBAC and revert to the individual RBAC models from Microsoft Defender for Endpoint, Microsoft Defender for Identity, and Microsoft Defender for Office 365 (Exchange Online Protection).
 
-To Deactivate the workloads, repeat the steps above and select the workloads you want to deactivate. The status is set to **Not Active**.
+To deactivate the workloads, repeat the steps in the previous section and select the workloads you want to deactivate. The status is set to **Not Active**.
 
 If you deactivate a workload, the roles created and edited within Microsoft Defender XDR Unified RBAC are no longer in effect, and the previous permissions model is used instead.
 

defender-xdr/compare-rbac-roles.md

@@ -12,7 +12,7 @@ ms.collection:
 - tier3
 ms.custom:
 ms.topic: reference
-ms.date: 11/17/2024
+ms.date: 02/16/2025
 ms.reviewer:
 search.appverid: met150
 ---
@@ -42,6 +42,11 @@ This article describes how existing roles and permissions in Microsoft Defender
 
 ## Map Microsoft Defender XDR Unified RBAC permissions to existing RBAC permissions
 
+> [!IMPORTANT]
+> Starting February 16, 2025, the Microsoft Defender XDR Unified RBAC model will be the default permissions model for new Microsoft Defender Endpoint tenants. These new tenants won't have the capability to export roles and permissions from the current model.
+>
+> Defender for Endpoint tenants with roles and permissions assigned or exported prior to this date will maintain their current roles and permissions configuration.
+
 Use the tables in the following sections to learn more about how your existing individual RBAC role definitions map to your new Microsoft Defender XDR Unified RBAC roles:
 
 1. [Map Defender for Endpoint and Defender Vulnerability Management permissions](#map-defender-for-endpoint-and-defender-vulnerability-management-permissions-to-the-microsoft-365-defender-rbac-permissions)

defender-xdr/edit-delete-rbac-roles.md

@@ -12,12 +12,12 @@ ms.collection:
 - tier3
 ms.custom: 
 ms.topic: how-to
-ms.date: 11/17/2024
+ms.date: 02/16/2025
 ms.reviewer: 
 search.appverid: met150
 ---
 
-# Edit, delete and export roles in Microsoft Defender XDR Unified role-based access control (RBAC)
+# Edit, delete, and export roles in Microsoft Defender XDR Unified role-based access control (RBAC)
 
 [!INCLUDE [Microsoft Defender XDR rebranding](../includes/microsoft-defender.md)]
 
@@ -39,7 +39,7 @@ In Microsoft Defender XDR Unified role-based access control (RBAC), you can edit
 The following steps guide you on how to edit roles in Microsoft Defender XDR Unified RBAC:
 
 > [!IMPORTANT]
-> You must be a Global Administrator or Security Administrator in Microsoft Entra ID, or have all the Authorization permissions assigned in Microsoft Defender XDR Unified RBAC to perform this task. For more information on permissions, see [Permission pre-requisites](manage-rbac.md#permissions-prerequisites).
+> You must be a Global Administrator or Security Administrator in Microsoft Entra ID, or have all the Authorization permissions assigned in Microsoft Defender XDR Unified RBAC to perform this task. For more information on permissions, see [Permission prerequisites](manage-rbac.md#permissions-prerequisites).
 > Microsoft recommends that you use roles with the fewest permissions to help improve security for your organization. Global Administrator is a highly privileged role that should be limited to emergency scenarios when you can't use an existing role.
 
 1. Sign in to the [Microsoft Defender portal](https://security.microsoft.com) as global administrator or security administrator.
@@ -61,13 +61,18 @@ The following steps guide you on how to edit roles in Microsoft Defender XDR Uni
 
 To delete roles in Microsoft Defender XDR Unified RBAC, select the role or roles you want to delete and select **Delete roles**.
 
-If the workload is active, all assigned user permission are deleted by removing the role.
+If the workload is active, all assigned user permissions are deleted by removing the role.
 
 > [!NOTE]
-> After deleting an imported role, the role won't be deleted from the individual product RBAC model. If needed, you can re-import it to the Microsoft Defender XDR Unified RBAC list of roles.
+> When an an imported role is deleted, the role isn't deleted from the individual product RBAC model. If needed, you can reimport it to the Microsoft Defender XDR Unified RBAC list of roles.
 
 ## Export roles
 
+> [!IMPORTANT]
+> Starting February 16, 2025, the Microsoft Defender XDR Unified RBAC model will be the default permissions model for new Microsoft Defender Endpoint tenants. These new tenants won't have the capability to export roles and permissions from the current model.
+>
+> Defender for Endpoint tenants with roles and permissions assigned or exported before this date will maintain their current roles and permissions configuration.
+
 The Export feature enables you to export the following roles data:
 
 - Role name
@@ -86,7 +91,7 @@ The following steps guide you on how to export roles in Microsoft Defender XDR U
 > [!NOTE]
 > To export roles, you must be a Global Administrator or Security Administrator in Microsoft Entra ID, or have the **Authorization (manage)** permission assigned for all data sources in Microsoft Defender XDR Unified RBAC and have at least one workload activated for Defender XDR Unified RBAC.
 >
->For more information on permissions, see [Permission pre-requisites](manage-rbac.md#permissions-prerequisites).
+>For more information on permissions, see [Permission prerequisites](manage-rbac.md#permissions-prerequisites).
 
 1. Sign in to the [Microsoft Defender portal](https://security.microsoft.com) with the required roles or permissions.
 

defender-xdr/manage-rbac.md

@@ -12,7 +12,7 @@ ms.collection:
 - tier3
 ms.custom: 
 ms.topic: overview
-ms.date: 11/17/2024
+ms.date: 02/16/2025
 ms.reviewer: 
 search.appverid: met150
 ---
@@ -36,6 +36,11 @@ Microsoft Defender XDR provides integrated threat protection, detection, and res
 
 The Microsoft Defender XDR Unified role-based access control (RBAC) model provides a single permissions management experience that provides one central location for administrators to control user permissions across different security solutions.
 
+> [!IMPORTANT]
+> Starting February 16, 2025, the Microsoft Defender XDR Unified RBAC model will be the default permissions model for new Microsoft Defender Endpoint tenants. These new tenants won't have the capability to export roles and permissions from the current model.
+>
+> Defender for Endpoint tenants with roles and permissions assigned or exported prior to this date will maintain their current roles and permissions configuration.
+
 <a name='whats-supported-by-the-microsoft-365-defender-unified-rbac-model'></a>
 
 ## What's supported by the Microsoft Defender XDR Unified RBAC model

defender-xdr/whats-new-in-microsoft-defender-urbac.md

@@ -12,13 +12,17 @@ ms.collection:
   - m365-security-compliance
   - tier2
 ms.topic: conceptual
-ms.date: 11/17/2024
+ms.date: 02/16/2025
 ---
 
 # What's new in Microsoft Defender XDR Unified role-based access control (RBAC)
 
 This article provides information about new features and important product updates for the latest release of Microsoft Defender XDR Unified role-based access control (RBAC).
 
+## February 2025
+
+Starting February 16, 2025, the Microsoft Defender XDR Unified RBAC model is the default permissions model for new Microsoft Defender Endpoint tenants. These new tenants won't have the capability to export roles and permissions from the current model. Defender for Endpoint tenants with roles and permissions assigned or exported prior to this date will maintain their current roles and permissions configuration.
+
 ## November 2024
 
 ### Microsoft Defender for Cloud Apps permissions are now integrated with Microsoft Defender XDR Unified role-based access control (RBAC)