Dedicated admin role for Azure Information Protection
Create an Azure Portal admin role that allows full access only to AIP
James Cradock commented
Can you please also ensure that the AIP admin also has the ability to pull down the RMS Admin and Usage logs.
This has now moved to a Committed feature :)
This is a MUST for larger customers!!
Large organizations have a **** lot of different admins. A dedicated AIP rolle would be very handy for further delegation.
Keith Potter commented
Security Admin is not ideal as it allows for configuration within the Security & Compliance Center, Identity Protection, and PIM. A role dedicated only to AIP config would be highly appreciated.
Jens Lorenz commented
Currently, the Security Admin role can configure AIP via the new portal, so no GA permissions are necessary. I think Security Admin ist OK. A dedicated role may be convenient for further delegation.