In Azure, what permissions need to be added to Management Groups to allow Prisma Cloud to calculate net effective permissions?
In Azure, what permissions need to be added to Management Groups to allow Prisma Cloud to calculate net effective permissions?
To allow Prisma Cloud to calculate net effective permissions in Azure, the permission 'Microsoft.Management/managementGroups/descendants/read' needs to be added to Management Groups. This permission enables the read access to all descendants of the management groups, which is necessary for Prisma Cloud to evaluate effective permissions accurately.
https://docs.prismacloud.io/en/classic/cspm-admin-guide/prisma-cloud-iam-security/context-used-to-calculate-effective-permissions
B If your Azure deployment uses management groups, follow the steps below to manually add the Microsoft.Management/managementGroups/descendants/read permission: https://docs.prismacloud.io/en/classic/cspm-admin-guide/prisma-cloud-iam-security/context-used-to-calculate-effective-permissions