What Permissions required for Managing Tags?

Vijay Borkar (VBCloudboy)
2 min readAug 14, 2023

--

Photo by Markus Winkler on Unsplash

Recently, In one of my customer conversation across Microsoft Defender for Endpoint (MDE), Interestingly they asked me few questions…

  1. Vijay, What role is required for the following actions: (a) Managing (crud) Manual Tags across all devices & (b) Managing (crud) Rule-based Tags that impact all devices
  2. Is there a way to add explicit permissions for tag management

With a screenshot to share more clarity on the above question’s…

When I looked back at the traditional RBAC for MDE, their I see “manage device tags” embedded within the Alerts investigation permission. I don’t see anything finer-grained in terms of manual vs. rule-based tags — my assumption is that this permission should be covering both.

To Further explore, I visited few of the sites to get more deeper understanding on the customer queries

--

--

Vijay Borkar (VBCloudboy)

Assisting Microsoft partners in elevating their technical capabilities in AI, Analytics, and Cybersecurity.