2

I want to delegate the 'MFA activities' to a group of people, because it is very difficult for only one person (Global administrator) to do this job. However, I do not see any built-in role for delegating the MFA responsibilities using RBAC.

Can anyone help me with this or help me in creating a custom RBAC policy?

I have queried the roles using powershell, but I do not get anything useful.

$role_definition = Get-AzureRmRoleDefinition | Format-Table Name, Description
Manjunath Rao
  • 1,397
  • 4
  • 26
  • 42

1 Answers1

1

It is a role of Azure Active Directory instead of the subscription. You can assign Authentication Administrator role(Allowed to view, set and reset authentication method information for any non-admin user.) to the users.

enter image description here

Tony Ju
  • 14,891
  • 3
  • 17
  • 31