Microsoft Entra ID · Identity Governance
Permissions Management Administrator
Manage all aspects of Microsoft Entra Permissions Management including discovery, remediation, and monitoring of permissions across multi-cloud environments.
Scope: Full administration of Microsoft Entra Permissions Management across multi-cloud environments
Permissions
- Full administration of Permissions Management
- Configure Permissions Management settings
- Manage data collectors for AWS, Azure, and GCP
- View and act on permissions analytics
- Create and manage Permissions Creep Index alerts
- Generate multi-cloud permissions reports
- Configure just-in-time permissions requests
- Manage Permissions Management roles and policies
Common use cases
- Multi-cloud permissions discovery and right-sizing
- Permissions Creep Index monitoring
- Just-in-time access workflows for cloud resources
- Cross-cloud permissions analytics
- Detecting over-provisioned identities in AWS, Azure, and GCP
- Remediation of excessive permissions
Best practices
- Onboard all cloud environments for comprehensive visibility
- Review Permissions Creep Index regularly
- Set up automated alerts for high-risk permissions
- Use just-in-time access instead of standing permissions
- Right-size permissions based on actual usage
- Integrate with existing governance workflows
Security considerations
- This is a PRIVILEGED role — full access to permissions analytics
- Can view and modify permissions across all connected clouds
- Sensitive visibility into identity activity across environments
- Requires careful assignment due to cross-cloud scope