Microsoft Entra ID · Identity Governance

Tenant Governance Reader

Read-only access to all tenant governance data in the Microsoft Entra Tenant Governance service.

Scope: Read-only visibility into all tenant governance data and configurations

Permissions

Read all tenant governance data
View governance policies and configurations
View governance relationship details
Access governance reports and status

Common use cases

Auditing multi-tenant governance compliance
Monitoring governance relationship health
Executive reporting on cross-tenant governance
Compliance reviews of multi-tenant configurations

Best practices

Assign to compliance auditors and governance reviewers
Use for executives needing visibility into multi-tenant governance
Prefer this over Administrator role for read-only needs

Security considerations

Can view governance configurations across tenants — may reveal organizational structure
Read-only — no risk of configuration changes
Safe for broad assignment to governance stakeholders

Official Microsoft Learn documentation →

Open the interactive RBACMap →