New Azure AD built-in role – Cloud App Security Administrator

We have created a new built-in role in Azure AD for you to manage Microsoft Cloud App Security (MCAS).

When this will happen

This role is available in all environments now.

How this will affect your organization

You will now have a new built-in role in Azure AD to manage Microsoft Cloud App Security (MCAS)

  • Cloud App Security Administrator – Users with this role has full admin permissions in Microsoft Cloud App Security (MCAS). They can manage policies and settings, upload logs, and perform governance actions.

What you need to do to prepare:

Security Administrator grants permissions across many security workloads. So, if you want more granular control over just MCAS, consider using Cloud App Security Administrator.

Because Global administrator accounts are powerful and vulnerable to attack, we recommend that you have fewer than five Global Administrators. Use these lower privileged roles instead.

Learn more

Cloud App Security Administrator

Message ID: MC261079


No comments yet

Leave a Reply


I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.