Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Cloud scopes and unified RBAC (Azure portal view)
Full lifecycle management (creation, membership, advanced filtering) is performed in the Microsoft Defender portal. In the Azure portal you can still:
- View Azure RBAC assignments at subscription / resource group levels
- Manage classic Azure access for platform resources
For end-to-end cloud scopes and unified RBAC administration, use the Defender portal.
Note
Understanding Permissions in Defender vs. Azure
Defender uses uRBAC (Unified Role-Based Access Control), which is separate from Azure RBAC.
- Azure RBAC controls access at the Azure resource level (subscriptions, resource groups).
- uRBAC provides finer-grained permissions within the Defender portal, letting you assign roles for specific security actions and cloud scopes across Defender solutions.
This means permissions in Defender are tailored for security tasks and do not depend on Azure RBAC roles.
Important: Users will require two separate permissions: their existing Azure RBAC permissions as well as an additional uRBAC role. In addition to the existing Azure RBAC permissions, you must provide users with a new uRBAC role in order to grant them access to the new portal.