What Changed
Microsoft removed the explicit SecurityAdmin tenant permission requirement from the A365 Observability Data Connector. The connector now only lists GlobalAdmin as a required permission for deployment and operation.
Security Impact
Despite the removal of the explicit SecurityAdmin requirement, this change does not reduce the privilege level required to deploy the connector. GlobalAdmin is the highest privilege role available in Azure AD and already encompasses all SecurityAdmin capabilities. The effective privilege requirement remains at the highest possible level.
Environments deploying this connector should be aware that GlobalAdmin access is still required for deployment.
No operational impact to existing deployments — the connector will continue functioning normally.
Affected Files
Solutions/A365 Observability/Data Connectors/A365_DataConnectorDefinition.json
(packaging artefacts: 3.0.0.zip, ReleaseNotes.md, mainTemplate.json)