Security Operator
Type: Admin role
Membership in this role group is synchronized across services and managed centrally. This role group is not manageable through Microsoft Exchange or Security and Compliance Center (SCC). Members of this role group may include cross-service administrators that have access beyond Exchange and SCC. By default, this group is not assigned any roles. However, it will be a member of the 'Records Management' and 'Compliance Management' role groups in Exchange and 'Compliance Data Administrator' role group in SCC. It will inherit the permissions of these role groups.
| RoleGroup | Role | Role Description |
|---|---|---|
| Security Operator | Tenant AllowBlockList Manager | Lets people manage tenant allow block list settings. |
| Cmdlet | Role | Cmdlet Description |
|---|---|---|
| Get-ArcConfig | Tenant AllowBlockList Manager | |
| Get-TenantAllowBlockListItems | Tenant AllowBlockList Manager | You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see Find the permissions required to run any Exchange cmdlet (https://docs.microsoft.com/powershell/exchange/find-exchange-cmdlet-permissions). |
| Get-TenantAllowBlockListSpoofItems | Tenant AllowBlockList Manager | |
| New-TenantAllowBlockListItems | Tenant AllowBlockList Manager | You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see Find the permissions required to run any Exchange cmdlet (https://docs.microsoft.com/powershell/exchange/find-exchange-cmdlet-permissions). |
| New-TenantAllowBlockListSpoofItems | Tenant AllowBlockList Manager | |
| Remove-TenantAllowBlockListItems | Tenant AllowBlockList Manager | You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see Find the permissions required to run any Exchange cmdlet (https://docs.microsoft.com/powershell/exchange/find-exchange-cmdlet-permissions). |
| Remove-TenantAllowBlockListSpoofItems | Tenant AllowBlockList Manager | |
| Set-ArcConfig | Tenant AllowBlockList Manager | |
| Set-TenantAllowBlockListItems | Tenant AllowBlockList Manager | You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see Find the permissions required to run any Exchange cmdlet (https://docs.microsoft.com/powershell/exchange/find-exchange-cmdlet-permissions). |
| Set-TenantAllowBlockListSpoofItems | Tenant AllowBlockList Manager |