Global Administrator
PrivilegiadaControl PlaneIdentity254 role actions
Template ID
62e90394-69f5-4237-9190-012177145e10Categoria
IdentityEAM Tier
Control Plane (Tier 0)Enterprise Access Model: Control Plane
Controle total do tenant. Comprometimento leva a takeover completo. Isole de planos inferiores.
Descrição
Users with this role have access to all administrative features in Microsoft Entra ID, as well as services that federate to Microsoft Entra ID like Exchange Online, SharePoint Online, and Skype for Business Online. The person who signs u...
Permissões completas
Todas as 254 role actions desta role, classificadas por tier do EAM.
| Role Action | Categoria | Tier |
|---|---|---|
microsoft.agentRegistry/allEntities/allProperties/allTasks | Agent Identity | Tier 0 |
microsoft.azure.advancedThreatProtection/allEntities/allTasks | Identity Threat Detection and Response | Tier 0 |
microsoft.commerce.tenantRelationships/customerDelegatedAdminPrivileges/allProperties/allTasks | Cross Tenant Management | Tier 0 |
microsoft.directory/accessReviews/allProperties/allTasks | Entitlement Management | Tier 0 |
microsoft.directory/accessReviews/definitions/allProperties/allTasks | Entitlement Management | Tier 0 |
microsoft.directory/adminConsentRequestPolicy/allProperties/allTasks | Application and Workload Identity | Tier 0 |
microsoft.directory/administrativeUnits/allProperties/allTasks | Tenant Management | Tier 0 |
microsoft.directory/agentIdentities/appRoleAssignedTo/update | Agent Identity | Tier 0 |
microsoft.directory/agentIdentities/authentication/update | Agent Identity | Tier 0 |
microsoft.directory/agentIdentities/basic/update | Agent Identity | Tier 0 |
microsoft.directory/agentIdentities/create | Agent Identity | Tier 0 |
microsoft.directory/agentIdentities/delete | Agent Identity | Tier 0 |
microsoft.directory/agentIdentities/disable | Agent Identity | Tier 0 |
microsoft.directory/agentIdentities/enable | Agent Identity | Tier 0 |
microsoft.directory/agentIdentities/owners/update | Agent Identity | Tier 0 |
microsoft.directory/agentIdentities/tag/update | Agent Identity | Tier 0 |
microsoft.directory/agentIdentityBlueprintPrincipals/appRoleAssignedTo/update | Agent Identity | Tier 0 |
microsoft.directory/agentIdentityBlueprintPrincipals/authentication/update | Agent Identity | Tier 0 |
microsoft.directory/agentIdentityBlueprintPrincipals/basic/update | Agent Identity | Tier 0 |
microsoft.directory/agentIdentityBlueprintPrincipals/create | Agent Identity | Tier 0 |
microsoft.directory/agentIdentityBlueprintPrincipals/delete | Agent Identity | Tier 0 |
microsoft.directory/agentIdentityBlueprintPrincipals/disable | Agent Identity | Tier 0 |
microsoft.directory/agentIdentityBlueprintPrincipals/enable | Agent Identity | Tier 0 |
microsoft.directory/agentIdentityBlueprintPrincipals/owners/update | Agent Identity | Tier 0 |
microsoft.directory/agentIdentityBlueprintPrincipals/tag/update | Agent Identity | Tier 0 |
microsoft.directory/agentIdentityBlueprints/allProperties/update | Agent Identity | Tier 0 |
microsoft.directory/agentIdentityBlueprints/appRoles/update | Agent Identity | Tier 0 |
microsoft.directory/agentIdentityBlueprints/audience/update | Agent Identity | Tier 0 |
microsoft.directory/agentIdentityBlueprints/authentication/update | Agent Identity | Tier 0 |
microsoft.directory/agentIdentityBlueprints/basic/update | Agent Identity | Tier 0 |
microsoft.directory/agentIdentityBlueprints/create | Agent Identity | Tier 0 |
microsoft.directory/agentIdentityBlueprints/credentials/update | Agent Identity | Tier 0 |
microsoft.directory/agentIdentityBlueprints/delete | Agent Identity | Tier 0 |
microsoft.directory/agentIdentityBlueprints/owners/update | Agent Identity | Tier 0 |
microsoft.directory/agentIdentityBlueprints/permissions/update | Agent Identity | Tier 0 |
microsoft.directory/agentIdentityBlueprints/tag/update | Agent Identity | Tier 0 |
microsoft.directory/applicationTemplates/instantiate | Application and Workload Identity | Tier 0 |
microsoft.directory/applications/allProperties/allTasks | Application and Workload Identity | Tier 0 |
microsoft.directory/applications/disablement/update | Application and Workload Identity | Tier 0 |
microsoft.directory/authorizationPolicy/allProperties/allTasks | Tenant Management | Tier 0 |
microsoft.directory/backup/preview/cancel | Backup and Recovery | Tier 0 |
microsoft.directory/backup/preview/create | Backup and Recovery | Tier 0 |
microsoft.directory/backup/recovery/cancel | Backup and Recovery | Tier 0 |
microsoft.directory/backup/recovery/create | Backup and Recovery | Tier 0 |
microsoft.directory/backup/standard/read | Backup and Recovery | Tier 0 |
microsoft.directory/bitlockerKeys/key/read | Global Endpoint Bitlocker Recovery | Tier 0 |
microsoft.directory/bulkJobs/basic/update | Tenant Management | Tier 0 |
microsoft.directory/bulkJobs/create | Tenant Management | Tier 0 |
microsoft.directory/cloudAppSecurity/allProperties/allTasks | Cloud Access Security Broker | Tier 0 |
microsoft.directory/conditionalAccessPolicies/allProperties/allTasks | Conditional Access | Tier 0 |
microsoft.directory/connectorGroups/allProperties/update | Private Secure Access | Tier 0 |
microsoft.directory/connectorGroups/create | Private Secure Access | Tier 0 |
microsoft.directory/connectorGroups/delete | Private Secure Access | Tier 0 |
microsoft.directory/connectors/create | Private Secure Access | Tier 0 |
microsoft.directory/contacts/allProperties/allTasks | Global User Management | Tier 0 |
microsoft.directory/contracts/allProperties/allTasks | Privileged IAM | Tier 0 |
microsoft.directory/crossTenantAccessPolicy/basic/update | Conditional Access | Tier 0 |
microsoft.directory/crossTenantAccessPolicy/default/b2bCollaboration/update | Conditional Access | Tier 0 |
microsoft.directory/crossTenantAccessPolicy/default/b2bDirectConnect/update | Conditional Access | Tier 0 |
microsoft.directory/crossTenantAccessPolicy/default/tenantRestrictions/update | Conditional Access | Tier 0 |
microsoft.directory/crossTenantAccessPolicy/partners/b2bCollaboration/update | Conditional Access | Tier 0 |
microsoft.directory/crossTenantAccessPolicy/partners/b2bDirectConnect/update | Conditional Access | Tier 0 |
microsoft.directory/crossTenantAccessPolicy/partners/delete | Conditional Access | Tier 0 |
microsoft.directory/crossTenantAccessPolicy/partners/identitySynchronization/basic/update | Conditional Access | Tier 0 |
microsoft.directory/crossTenantAccessPolicy/partners/identitySynchronization/create | Conditional Access | Tier 0 |
microsoft.directory/crossTenantAccessPolicy/partners/templates/multiTenantOrganizationIdentitySynchronization/basic/update | Conditional Access | Tier 0 |
microsoft.directory/crossTenantAccessPolicy/partners/templates/multiTenantOrganizationIdentitySynchronization/resetToDefaultSettings | Conditional Access | Tier 0 |
microsoft.directory/crossTenantAccessPolicy/partners/templates/multiTenantOrganizationPartnerConfiguration/basic/update | Conditional Access | Tier 0 |
microsoft.directory/crossTenantAccessPolicy/partners/templates/multiTenantOrganizationPartnerConfiguration/resetToDefaultSettings | Conditional Access | Tier 0 |
microsoft.directory/crossTenantAccessPolicy/partners/tenantRestrictions/update | Conditional Access | Tier 0 |
microsoft.directory/customAuthenticationExtensions/allProperties/allTasks | Authentication | Tier 0 |
microsoft.directory/deletedItems/delete | Tenant Management | Tier 0 |
microsoft.directory/deletedItems/restore | Tenant Management | Tier 0 |
microsoft.directory/deviceLocalCredentials/password/read | Global Endpoint Local Admin | Tier 0 |
microsoft.directory/deviceManagementPolicies/basic/update | Global Endpoint Management | Tier 0 |
microsoft.directory/deviceRegistrationPolicy/basic/update | Global Endpoint Management | Tier 0 |
microsoft.directory/deviceTemplates/owners/read | Global Endpoint Management | Tier 0 |
microsoft.directory/deviceTemplates/owners/update | Global Endpoint Management | Tier 0 |
microsoft.directory/devices/allProperties/allTasks | Global Endpoint Management | Tier 0 |
microsoft.directory/devices/permissions/update | Global Endpoint Management | Tier 0 |
microsoft.directory/directoryRoleTemplates/allProperties/allTasks | Privileged IAM | Tier 0 |
microsoft.directory/directoryRoles/allProperties/allTasks | Privileged IAM | Tier 0 |
microsoft.directory/domains/allProperties/allTasks | Tenant Management | Tier 0 |
microsoft.directory/domains/federationConfiguration/basic/update | Authentication | Tier 0 |
microsoft.directory/domains/federationConfiguration/create | Authentication | Tier 0 |
microsoft.directory/domains/federationConfiguration/delete | Authentication | Tier 0 |
microsoft.directory/entitlementManagement/allProperties/allTasks | Entitlement Management | Tier 0 |
microsoft.directory/groupSettingTemplates/allProperties/allTasks | Group Management | Tier 0 |
microsoft.directory/groupSettings/allProperties/allTasks | Group Management | Tier 0 |
microsoft.directory/groups/allProperties/allTasks | Privileged IAM | Tier 0 |
microsoft.directory/groupsAssignableToRoles/allProperties/update | Privileged IAM | Tier 0 |
microsoft.directory/groupsAssignableToRoles/assignLicense | License Management | Tier 0 |
microsoft.directory/groupsAssignableToRoles/create | Privileged IAM | Tier 0 |
microsoft.directory/groupsAssignableToRoles/delete | Privileged IAM | Tier 0 |
microsoft.directory/groupsAssignableToRoles/reprocessLicenseAssignment | License Management | Tier 0 |
microsoft.directory/groupsAssignableToRoles/restore | Privileged IAM | Tier 0 |
microsoft.directory/hybridAuthenticationPolicy/allProperties/allTasks | Authentication | Tier 0 |
microsoft.directory/identityProtection/allProperties/allTasks | Identity Threat Detection and Response | Tier 0 |
microsoft.directory/lifecycleWorkflows/workflows/allProperties/allTasks | User Lifecycle and Provisioning Management | Tier 0 |
microsoft.directory/lockbox/requests/update | Tenant Management | Tier 0 |
microsoft.directory/loginOrganizationBranding/allProperties/allTasks | Tenant Management | Tier 0 |
microsoft.directory/multiTenantOrganization/basic/update | Multi Tenant Management | Tier 0 |
microsoft.directory/multiTenantOrganization/create | Multi Tenant Management | Tier 0 |
microsoft.directory/multiTenantOrganization/joinRequest/organizationDetails/update | Multi Tenant Management | Tier 0 |
microsoft.directory/multiTenantOrganization/tenants/create | Multi Tenant Management | Tier 0 |
microsoft.directory/multiTenantOrganization/tenants/delete | Multi Tenant Management | Tier 0 |
microsoft.directory/multiTenantOrganization/tenants/organizationDetails/update | Multi Tenant Management | Tier 0 |
microsoft.directory/namedLocations/basic/update | Conditional Access | Tier 0 |
microsoft.directory/namedLocations/create | Conditional Access | Tier 0 |
microsoft.directory/namedLocations/delete | Conditional Access | Tier 0 |
microsoft.directory/oAuth2PermissionGrants/allProperties/allTasks | Application and Workload Identity | Tier 0 |
microsoft.directory/onPremisesSynchronization/basic/update | Hybrid Identity Synchronization | Tier 0 |
microsoft.directory/organization/allProperties/allTasks | Tenant Management | Tier 0 |
microsoft.directory/passwordHashSync/allProperties/allTasks | Authentication | Tier 0 |
microsoft.directory/permissionGrantPolicies/basic/update | Application and Workload Identity | Tier 0 |
microsoft.directory/permissionGrantPolicies/create | Application and Workload Identity | Tier 0 |
microsoft.directory/permissionGrantPolicies/delete | Application and Workload Identity | Tier 0 |
microsoft.directory/policies/allProperties/allTasks | Conditional Access | Tier 0 |
microsoft.directory/resourceNamespaces/resourceActions/authenticationContext/update | Conditional Access | Tier 0 |
microsoft.directory/roleAssignments/allProperties/allTasks | Privileged IAM | Tier 0 |
microsoft.directory/roleDefinitions/allProperties/allTasks | Privileged IAM | Tier 0 |
microsoft.directory/scopedRoleMemberships/allProperties/allTasks | Privileged IAM | Tier 0 |
microsoft.directory/serviceAction/activateService | Tenant Management | Tier 0 |
microsoft.directory/serviceAction/disableDirectoryFeature | Tenant Management | Tier 0 |
microsoft.directory/serviceAction/enableDirectoryFeature | Tenant Management | Tier 0 |
microsoft.directory/servicePrincipalCreationPolicies/basic/update | Tenant Policy Management | Tier 0 |
microsoft.directory/servicePrincipalCreationPolicies/create | Tenant Policy Management | Tier 0 |
microsoft.directory/servicePrincipalCreationPolicies/delete | Tenant Policy Management | Tier 0 |
microsoft.directory/servicePrincipals/allProperties/allTasks | Application and Workload Identity | Tier 0 |
microsoft.directory/servicePrincipals/managePermissionGrantsForAll.microsoft-company-admin | Application and Workload Identity | Tier 0 |
microsoft.directory/servicePrincipals/synchronization.cloudTenantToCloudTenant/credentials/manage | User Lifecycle and Provisioning Management | Tier 0 |
microsoft.directory/servicePrincipals/synchronization.cloudTenantToCloudTenant/jobs/manage | User Lifecycle and Provisioning Management | Tier 0 |
microsoft.directory/servicePrincipals/synchronization.cloudTenantToCloudTenant/schema/manage | User Lifecycle and Provisioning Management | Tier 0 |
microsoft.directory/servicePrincipals/synchronization.cloudTenantToExternalSystem/credentials/manage | User Lifecycle and Provisioning Management | Tier 0 |
microsoft.directory/servicePrincipals/synchronization.cloudTenantToExternalSystem/jobs/manage | User Lifecycle and Provisioning Management | Tier 0 |
microsoft.directory/servicePrincipals/synchronization.cloudTenantToExternalSystem/schema/manage | User Lifecycle and Provisioning Management | Tier 0 |
microsoft.directory/users/allProperties/allTasks | Global User Management | Tier 0 |
microsoft.directory/users/authenticationMethods/basic/update | Global User Management | Tier 0 |
microsoft.directory/users/authenticationMethods/create | Global User Management | Tier 0 |
microsoft.directory/users/authenticationMethods/delete | Global User Management | Tier 0 |
microsoft.directory/users/convertExternalToInternalMemberUser | Global User Management | Tier 0 |
microsoft.directory/verifiableCredentials/configuration/allProperties/update | Verified ID | Tier 0 |
microsoft.directory/verifiableCredentials/configuration/contracts/allProperties/update | Verified ID | Tier 0 |
microsoft.directory/verifiableCredentials/configuration/contracts/cards/revoke | Verified ID | Tier 0 |
microsoft.directory/verifiableCredentials/configuration/contracts/create | Verified ID | Tier 0 |
microsoft.directory/verifiableCredentials/configuration/create | Verified ID | Tier 0 |
microsoft.directory/verifiableCredentials/configuration/delete | Verified ID | Tier 0 |
microsoft.intune/allEntities/allTasks | Global Endpoint Management | Tier 0 |
microsoft.networkAccess/allEntities/allProperties/allTasks | Global Secure Access Management | Tier 0 |
microsoft.office365.protectionCenter/allEntities/allProperties/allTasks | Global Security and Compliance Management | Tier 0 |
microsoft.office365.securityComplianceCenter/allEntities/allTasks | Global Security and Compliance Management | Tier 0 |
microsoft.permissionsManagement/allEntities/allProperties/allTasks | Cloud Infrastructure Entitlement Management | Tier 0 |
microsoft.windows.defenderAdvancedThreatProtection/allEntities/allTasks | Global Security and Compliance Management | Tier 0 |
microsoft.windows.updatesDeployments/allEntities/allProperties/allTasks | Global Endpoint Management | Tier 0 |
microsoft.azure.informationProtection/allEntities/allTasks | Microsoft Information Protection | Tier 1 |
microsoft.azure.serviceHealth/allEntities/allTasks | Support and Service Health | Tier 1 |
microsoft.azure.supportTickets/allEntities/allTasks | Support and Service Health | Tier 1 |
microsoft.backup/allEntities/allProperties/allTasks | Microsoft 365 Backup | Tier 1 |
microsoft.cloudPC/allEntities/allProperties/allTasks | User Virtual Endpoint Management | Tier 1 |
microsoft.commerce.billing/allEntities/allProperties/allTasks | Microsoft 365 Billing Management | Tier 1 |
microsoft.commerce.billing/purchases/standard/read | Microsoft 365 Billing Management | Tier 1 |
microsoft.directory/appConsent/appConsentRequests/allProperties/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/applications/synchronization/standard/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/auditLogs/allProperties/read | Security and Compliance | Tier 1 |
microsoft.directory/bulkJobs/standard/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/connectorGroups/allProperties/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/connectors/allProperties/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/crossTenantAccessPolicy/allowedCloudEndpoints/update | Cross Tenant Partner Management | Tier 1 |
microsoft.directory/crossTenantAccessPolicy/default/crossCloudMeetings/update | Cross Tenant Partner Management | Tier 1 |
microsoft.directory/crossTenantAccessPolicy/default/standard/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/crossTenantAccessPolicy/partners/create | Cross Tenant Partner Management | Tier 1 |
microsoft.directory/crossTenantAccessPolicy/partners/crossCloudMeetings/update | Cross Tenant Partner Management | Tier 1 |
microsoft.directory/crossTenantAccessPolicy/partners/identitySynchronization/standard/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/crossTenantAccessPolicy/partners/standard/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/crossTenantAccessPolicy/partners/templates/multiTenantOrganizationIdentitySynchronization/standard/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/crossTenantAccessPolicy/partners/templates/multiTenantOrganizationPartnerConfiguration/standard/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/crossTenantAccessPolicy/standard/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/deviceManagementPolicies/standard/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/deviceRegistrationPolicy/standard/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/domains/federationConfiguration/standard/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/externalUserProfiles/basic/update | Teams | Tier 1 |
microsoft.directory/externalUserProfiles/delete | Teams | Tier 1 |
microsoft.directory/externalUserProfiles/standard/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/multiTenantOrganization/joinRequest/standard/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/multiTenantOrganization/tenants/organizationDetails/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/namedLocations/standard/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/onPremisesSynchronization/standard/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/pendingExternalUserProfiles/basic/update | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/pendingExternalUserProfiles/create | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/pendingExternalUserProfiles/delete | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/pendingExternalUserProfiles/standard/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/permissionGrantPolicies/standard/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/privilegedIdentityManagement/allProperties/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/provisioningLogs/allProperties/read | Security and Compliance | Tier 1 |
microsoft.directory/serviceAction/getAvailableExtentionProperties | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/servicePrincipalCreationPolicies/standard/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/servicePrincipals/synchronization/standard/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/signInReports/allProperties/read | Security and Compliance | Tier 1 |
microsoft.directory/subscribedSkus/allProperties/allTasks | Microsoft 365 Billing Management | Tier 1 |
microsoft.directory/users/authenticationMethods/standard/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/verifiableCredentials/configuration/allProperties/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/verifiableCredentials/configuration/contracts/allProperties/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.directory/verifiableCredentials/configuration/contracts/cards/allProperties/read | Tenant Configuration (Reader) | Tier 1 |
microsoft.dynamics365/allEntities/allTasks | Dynamics 365 | Tier 1 |
microsoft.edge/allEntities/allProperties/allTasks | User Virtual Endpoint Management | Tier 1 |
microsoft.flow/allEntities/allTasks | Business Apps Management | Tier 1 |
microsoft.graph.dataConnect/allEntities/allProperties/allTasks | Microsoft 365 Platform Operations | Tier 1 |
microsoft.hardware.support/shippingAddress/allProperties/allTasks | User Hardware Management | Tier 1 |
microsoft.hardware.support/shippingStatus/allProperties/read | User Hardware Management | Tier 1 |
microsoft.hardware.support/warrantyClaims/allProperties/allTasks | User Hardware Management | Tier 1 |
microsoft.healthPlatform/allEntities/allProperties/allTasks | Microsoft Dragon | Tier 1 |
microsoft.insights/allEntities/allProperties/allTasks | Microsoft Viva | Tier 1 |
microsoft.microsoft365.organizationalData/allEntities/allProperties/allTasks | Microsoft 365 Platform Operations | Tier 1 |
microsoft.networkAccess/trafficLogs/standard/read | Security and Compliance | Tier 1 |
microsoft.office365.complianceManager/allEntities/allTasks | Security and Compliance | Tier 1 |
microsoft.office365.copilot/allEntities/allProperties/allTasks | Microsoft Copilot | Tier 1 |
microsoft.office365.desktopAnalytics/allEntities/allTasks | Microsoft 365 Support Operations | Tier 1 |
microsoft.office365.exchange/allEntities/basic/allTasks | Microsoft Exchange Online | Tier 1 |
microsoft.office365.fileStorageContainers/allEntities/allProperties/allTasks | Microsoft SharePoint | Tier 1 |
microsoft.office365.knowledge/contentUnderstanding/allProperties/allTasks | Microsoft 365 Platform Operations | Tier 1 |
microsoft.office365.knowledge/contentUnderstanding/analytics/allProperties/read | Microsoft 365 Platform Operations | Tier 1 |
microsoft.office365.knowledge/knowledgeNetwork/allProperties/allTasks | Microsoft 365 Platform Operations | Tier 1 |
microsoft.office365.knowledge/knowledgeNetwork/topicVisibility/allProperties/allTasks | Microsoft 365 Platform Operations | Tier 1 |
microsoft.office365.knowledge/learningSources/allProperties/allTasks | Microsoft 365 Platform Operations | Tier 1 |
microsoft.office365.lockbox/allEntities/allTasks | Security and Compliance | Tier 1 |
microsoft.office365.messageCenter/messages/read | Microsoft 365 Support Operations | Tier 1 |
microsoft.office365.messageCenter/securityMessages/read | Support and Service Health | Tier 1 |
microsoft.office365.migrations/allEntities/allProperties/allTasks | Microsoft 365 Platform Operations | Tier 1 |
microsoft.office365.network/performance/allProperties/read | Microsoft 365 Support Operations | Tier 1 |
microsoft.office365.organizationalMessages/allEntities/allProperties/allTasks | Microsoft 365 Platform Operations | Tier 1 |
microsoft.office365.search/content/manage | Microsoft 365 Support Operations | Tier 1 |
microsoft.office365.serviceHealth/allEntities/allTasks | Microsoft 365 Support Operations | Tier 1 |
microsoft.office365.sharePoint/allEntities/allTasks | Microsoft SharePoint | Tier 1 |
microsoft.office365.sharePointAdvancedManagement/allEntities/allProperties/allTasks | Microsoft SharePoint | Tier 1 |
microsoft.office365.skypeForBusiness/allEntities/allTasks | Teams | Tier 1 |
microsoft.office365.supportTickets/allEntities/allTasks | Microsoft 365 Support Operations | Tier 1 |
microsoft.office365.usageReports/allEntities/allProperties/read | Microsoft 365 Support Operations | Tier 1 |
microsoft.office365.userCommunication/allEntities/allTasks | Microsoft 365 Platform Operations | Tier 1 |
microsoft.office365.webPortal/allEntities/standard/read | Microsoft 365 Support Operations | Tier 1 |
microsoft.office365.yammer/allEntities/allProperties/allTasks | Yammer | Tier 1 |
microsoft.peopleAdmin/organization/allProperties/update | Microsoft People | Tier 1 |
microsoft.powerApps.powerBI/allEntities/allTasks | Business Apps Management | Tier 1 |
microsoft.powerApps/allEntities/allTasks | Business Apps Management | Tier 1 |
microsoft.teams/allEntities/allProperties/allTasks | Teams | Tier 1 |
microsoft.virtualVisits/allEntities/allProperties/allTasks | Virtual Visits | Tier 1 |
microsoft.viva.glint/allEntities/allProperties/allTasks | Microsoft Viva | Tier 1 |
microsoft.viva.goals/allEntities/allProperties/allTasks | Microsoft Viva | Tier 1 |
microsoft.viva.pulse/allEntities/allProperties/allTasks | Microsoft Viva | Tier 1 |
microsoft.directory/multiTenantOrganization/standard/read | Default member, Guest user | Tier 2 |
microsoft.directory/multiTenantOrganization/tenants/standard/read | Default member, Guest user | Tier 2 |
microsoft.directory/tenantManagement/tenants/create | Default member | Tier 2 |
microsoft.people/users/photo/read | Default member | Tier 2 |
microsoft.people/users/photo/update | Default member | Tier 2 |
microsoft.peopleAdmin/organization/allProperties/read | Default member | Tier 2 |
254 de 254 role actions
PowerShell
Get-MgRoleManagementDirectoryRoleDefinition ` -UnifiedRoleDefinitionId "62e90394-69f5-4237-9190-012177145e10"
Microsoft Graph
GET https://graph.microsoft.com/v1.0/ roleManagement/directory/ roleDefinitions/62e90394-69f5-4237-9190-012177145e10