Microsoft Entra Permissions Management
Reimagine secure access with Microsoft Entra
Discover, remediate, and monitor permission risks for any identity or resource
Microsoft Entra Permissions Management is a cloud infrastructure entitlement management (CIEM) product that provides comprehensive visibility and control over permissions for any identity and any resource in Microsoft Azure, Amazon Web Services (AWS) and Google Cloud Platform (GCP).
Be more efficient
Save up to 60 percent by using Microsoft Security rather than multiple point solutions.1
Navigate multicloud with an integrated CIEM solution
Discover how Permissions Management helps you improve your security posture by ensuring the principle of least privilege across identities and resources in your IaaS infrastructure.
2023 State of Cloud Permissions Risks Report

More from the Microsoft Entra family of products
Unify your multicloud identity and access solutions to secure access for a connected world.

Microsoft Entra Verified ID
Create, issue, and verify privacy-respecting decentralized identity credentials with an identity verification solution that helps you enable more secure interactions with anyone or anything.

Azure Active Directory
Safeguard your organization with the Microsoft Entra identity and access management solution that connects people to their apps, devices, and data.

Microsoft Entra Workload Identities
Manage and secure identities for digital workloads, such as apps and services. Control their access to cloud resources with risk-based policies and enforcement of least-privileged access.

Microsoft Entra Identity Governance
Simplify operations, meet regulatory requirements, and consolidate multiple point solutions with a complete solution across on-premises and cloud-based user directories.
Additional resources
Video
Permissions Management overview video
Learn how to help secure multicloud permissions with Permissions Management.
Documentation
Dive deeper into the product
Get technical details on capabilities and deployment guidance for Permissions Management.
Glossary
Key Permissions Management Terms
Learn more about Permissions Management Terms and their Impact in Multicloud Environments.
Blog
Stay up to date
Get product news, configuration guidance, product instructions, and tips.
Frequently asked questions
Microsoft Entra Permissions Management is a cloud infrastructure entitlement management (CIEM) solution that provides comprehensive visibility into permissions assigned to all user and workload identities, actions, and resources across cloud infrastructures and identity providers. It detects, right-sizes, and monitors unused and excessive permissions and enables Zero Trust security through least privilege access in Azure, AWS, and GCP.
Cloud infrastructure entitlement management (CIEM) is the next generation of solutions for managing permissions. CIEM provides visibility into all actions performed by all identities, enforces the principle of least privilege, and continuously monitors for permission risks across multiple clouds.
Cloud permissions give identities the ability to perform an action on a resource across AWS, Azure, or GCP.
When building and supporting a Zero Trust foundation, the principle of least privilege is one of the essential pillars to lay this foundation. Maintaining least privilege means that identities are provisioned with the least privileges they need to complete their day-to-day operations. Considering the explosion of permissions and identities across cloud infrastructures, enforcing the principle of least privilege manually has become almost impossible.
Permissions Management currently supports the three major public clouds: Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure.