Hero Banner

Secure Application Model

Learn and ask questions on how to implement secure application model

Visitor 1

CSP Tier 1 Support with Least Access Configured

Is there a way to provide support for a customer who can not grant Global Administrator rights over their tenant?  Is there any type of RBAC that can be put in place so a CSP can submit a request on behalf of that customer without opening gaps in their security posture?  


For license-based services like D365 or M365 the answer is no. For Azure subscriptions there might be some options. Generally it is expected from CSP Partner that they have a good security posture themselves for their management processes (Similar to how it is expected from Microsoft as cloud provider) - but this might be a larger discussion.


You can open an Advisory request to discuss on options for achieve a least privilege model and how customer can control your access as Partner - https://aka.ms/technicalservices or directly via https://aka.ms/tpdmsform (Choose any technology under "Azure" for CSP related questions since there is currently no matching coding available).



Kind regards, Janosch
Receive consultations via Technical Presales and Deployment Services team