locked
Azure role assignment Alerts RRS feed

  • Question

  • how to configure the alert when someone changes any roles in azure for the user.

    For example if currently my user is Global Admin now somebody changed him to som other admin

    So how we can configure that alert whenever there is a change in any role

    Wednesday, July 3, 2019 1:05 PM

Answers

  • Hi Anshika,

    Sorry for the late reply!

    Your screenshot is showing an empty value under subscription. You need to have a subscription assigned to the tenant in order to use the alerts. 

    Let me know if you have further questions.

    You can also email me at AzCommunity@microsoft.com, if you would like.


    Please take a moment to "Mark as Answer" and/or "Vote as Helpful" wherever applicable. Thanks!

    • Marked as answer by Anshika123 Wednesday, July 10, 2019 3:25 PM
    Monday, July 8, 2019 11:07 PM
    Owner
  • Hi Anshika,

    Did you see the message Vasil posted about enabling Privileged Identity Management on the tenant to receive these alerts automatically? 

    I have it enabled on my tenant and get these emails any time a role is assigned, like he said.

    You just add it from "All Services." https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-getting-started

    Azure AD Privileged Identity Management in All services


    Please take a moment to "Mark as Answer" and/or "Vote as Helpful" wherever applicable. Thanks!

    • Marked as answer by Anshika123 Wednesday, July 10, 2019 9:50 AM
    Tuesday, July 9, 2019 11:16 PM
    Owner
  • I should also note that the email alerts give you a weekly digest of all PIM activities, so you'll see assignments made both in PIM and outside of PIM.

    


    Please take a moment to "Mark as Answer" and/or "Vote as Helpful" wherever applicable. Thanks!

    • Marked as answer by Anshika123 Wednesday, July 10, 2019 9:50 AM
    Tuesday, July 9, 2019 11:30 PM
    Owner

All replies

  • Hi Anshika,

    The easiest way is to create an alert rule that will let you know if new roles are assigned to users in your subscription. 

    From the Azure portal, go to Monitor > Alerts > New Alert Rule > Create Alert. There you can specify that you want to be alerted when a role changes for a user. The document says, "For example . . . you might want to get notified if any new roles are assigned to a user in your subscription."

    You can also use Privileged Identity Management to configure alerts on role changes. https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-how-to-configure-security-alerts

    Hope this helps and let me know if you have questions!


    Please take a moment to "Mark as Answer" and/or "Vote as Helpful" wherever applicable. Thanks!

    Wednesday, July 3, 2019 11:22 PM
    Owner
  • Hi thanks for your reply,

    I tried to create alert rule but it is just loading nothing coming up, can you provide a screenshot or sample 

    and if i am trying from PIM which rule needs to be selected as my requirement only to get notified for alerts so if there is any sample rule with screenshot.


    • Edited by Anshika123 Thursday, July 4, 2019 12:14 PM
    Thursday, July 4, 2019 12:10 PM
  • any1 can help me on this?

    Monday, July 8, 2019 3:03 PM
  • Hi Anshika,

    Sorry for the late reply!

    Your screenshot is showing an empty value under subscription. You need to have a subscription assigned to the tenant in order to use the alerts. 

    Let me know if you have further questions.

    You can also email me at AzCommunity@microsoft.com, if you would like.


    Please take a moment to "Mark as Answer" and/or "Vote as Helpful" wherever applicable. Thanks!

    • Marked as answer by Anshika123 Wednesday, July 10, 2019 3:25 PM
    Monday, July 8, 2019 11:07 PM
    Owner
  • I really appreciate your response, i have sent you an email

    Tuesday, July 9, 2019 9:56 AM
  • Hi Anshika,

    Did you see the message Vasil posted about enabling Privileged Identity Management on the tenant to receive these alerts automatically? 

    I have it enabled on my tenant and get these emails any time a role is assigned, like he said.

    You just add it from "All Services." https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-getting-started

    Azure AD Privileged Identity Management in All services


    Please take a moment to "Mark as Answer" and/or "Vote as Helpful" wherever applicable. Thanks!

    • Marked as answer by Anshika123 Wednesday, July 10, 2019 9:50 AM
    Tuesday, July 9, 2019 11:16 PM
    Owner
  • I should also note that the email alerts give you a weekly digest of all PIM activities, so you'll see assignments made both in PIM and outside of PIM.

    


    Please take a moment to "Mark as Answer" and/or "Vote as Helpful" wherever applicable. Thanks!

    • Marked as answer by Anshika123 Wednesday, July 10, 2019 9:50 AM
    Tuesday, July 9, 2019 11:30 PM
    Owner
  • It worked thank you:)
    Wednesday, July 10, 2019 3:25 PM
  • Glad it worked :) 

    Please take a moment to "Mark as Answer" and/or "Vote as Helpful" wherever applicable. Thanks!

    • Marked as answer by Anshika123 Thursday, July 18, 2019 10:14 AM
    • Unmarked as answer by Anshika123 Thursday, July 18, 2019 10:14 AM
    Wednesday, July 10, 2019 6:48 PM
    Owner