Voltar para roles
Role actions2·Control Plane1·Management Plane0·User Access1·Não classificadas0·CategoriaIdentity·EAM TierControl Plane

Agent ID Developer

Control PlaneIdentity2 role actions
Template ID
adb2368d-a9be-41b5-8667-d96778e081b0
Categoria
Identity
EAM Tier
Control Plane (Tier 0)
Enterprise Access Model: Control Plane

Controle total do tenant. Comprometimento leva a takeover completo. Isole de planos inferiores.

Descrição

Create an agent identity blueprint and its agent identity blueprint principal in a tenant. User will be added as an owner of the created agent identity blueprint and its agent identity blueprint principal.

Permissões completas

Todas as 2 role actions desta role, classificadas por tier do EAM.

Role ActionCategoriaTier
microsoft.directory/agentIdentityBlueprints/createAsOwner
Agent IdentityTier 0
microsoft.directory/servicePrincipals/standard/read
Default memberTier 2

2 de 2 role actions

PowerShell

Get-MgRoleManagementDirectoryRoleDefinition `
  -UnifiedRoleDefinitionId "adb2368d-a9be-41b5-8667-d96778e081b0"

Microsoft Graph

GET https://graph.microsoft.com/v1.0/
  roleManagement/directory/
  roleDefinitions/adb2368d-a9be-41b5-8667-d96778e081b0
Ver documentação oficial na Microsoft Learn

Roles relacionadas

Agent ID Administrator
Tier 0Identity
Agent Registry Administrator
Tier 0Identity
Directory Synchronization Accounts
Tier 0Identity
Directory Writers
Tier 0Identity
Domain Name Administrator
Tier 0Identity