Control 1.18: Application-Level Authorization and Role-Based Access Control (RBAC)
Control ID: 1.18 Pillar: Security Regulatory Reference: FINRA 4511, SOX 302/404, GLBA 501(b), SEC Rule 17a-3/4 Last UI Verified: February 2026 Governance Levels: Baseline / Recommended / Regulated Last Verified: 2026-02-03
Agent 365 Architecture Update
Entra Agent ID supports role assignments for agent identities, enabling RBAC policies to apply to agents as first-class directory objects alongside human users. See Unified Agent Governance for agent identity and role assignment details.
Dynamics 365 Mailbox Access
Organizations using Dynamics 365 with server-side sync should review mailbox access permissions as part of their Dataverse RBAC audit. Periodic review of approved email addresses (PPAC → Environments → Settings → Users → Manage user in Dynamics 365) helps verify continued business justification. This is tracked as a candidate for a future dedicated control. See the SSPM Control Mapping for current coverage status.
Objective
Implement role-based access control for Power Platform and Copilot Studio ensuring users have only permissions necessary for their job functions, with separation of duties, least-privilege access, and documented role assignments.
Why This Matters for FSI
- SOX 302/404: Supports segregation of duties and internal control requirements
- GLBA 501(b): Enforces least-privilege access to customer information
- FINRA 4511: Provides access controls on books and records systems
- SEC 17a-3/4: Documents who has access to what systems for examination readiness
Control Description
This control establishes RBAC through a layered security model:
- Tenant-Level Roles - Power Platform Admin roles for global administration
- Environment-Level Roles - Security groups restrict environment access
- Dataverse Security Roles - Custom roles (Agent Publisher, Agent Viewer, Agent Tester) with specific privileges
- Record-Level Security - Row-level security, sharing rules, and column-level restrictions
- Privileged Identity Management - Just-in-time access for admin roles with approval workflows
- Access Reviews - Quarterly reviews to validate continued need for access
Key Configuration Points
Security Group and Role Configuration
- Create FSI security groups:
SG-PowerPlatform-Admins-Prod,SG-CopilotStudio-Makers-Prod,SG-CopilotStudio-Viewers-Prod - Create custom security roles:
FSI - Agent Publisher,FSI - Agent Viewer,FSI - Agent Tester - Assign roles to security groups (not individuals) for scalability
- Configure PIM for Dataverse System Admin role with 4-hour max activation and approval required
- Configure column-level security for sensitive fields (SSN, Account Balance, Credit Score)
- Establish quarterly access reviews with auto-removal for non-response
- Implement service principal credential rotation (90 days for Zone 3)
Agent Action Consent
- Require user consent before agent actions execute: In Copilot Studio, navigate to each agent's Actions and enable "Ask the user before running this action" for all actions. This prevents agents from performing unauthorized modifications or unintended operations without explicit user approval
- Use user-defined consent messages: Where available, configure consent prompts with clear descriptions of what the action will do rather than relying on AI-generated messages
Connected Agent Governance
- Restrict inter-agent connectivity: In Copilot Studio > Agent > Settings, under Connected Agents (Preview), disable "Let other agents connect to and use this one" by default. Enable only with documented approval and business justification
- Govern cross-agent trust boundaries: Agents serving distinct data sensitivity domains (e.g., customer-facing vs. internal) must not cross-invoke each other without explicit governance review. Connected agent access expands the attack surface and may enable unintended data sharing between agents
- Audit connected agent configurations: Review all agents with connected agent access enabled quarterly. Verify that cross-agent communication paths align with data classification requirements
Environment and Platform Admin Governance
- Define PPAC and environment admin roles: Assign Power Platform Admin Center administrative roles and environment-level System Administrator roles following the principle of least privilege. Limit System Administrator role to authorized users only
- Review admin role assignments: Audit admin roles quarterly to detect unauthorized privilege accumulation. Use PPAC > Environment > Settings > Users + Permissions > Users to review and manage role assignments
- Limit admin count per environment: Follow PPAC security recommendations to maintain fewer than 10 administrators per environment. Excessive admin assignments increase risk of unauthorized configuration changes
Zone-Specific Requirements
| Zone | Requirement | Rationale |
|---|---|---|
| Zone 1 (Personal) | Standard roles; self-service; annual review; PIM not required | Low risk, minimal oversight |
| Zone 2 (Team) | Team-based roles via groups; semi-annual review; PIM for admin roles; manager approval | Team data requires accountability |
| Zone 3 (Enterprise) | Custom least-privilege roles; quarterly review; mandatory PIM; multi-level approval; all changes to SIEM | Customer-facing requires strictest controls |
Roles & Responsibilities
| Role | Responsibility |
|---|---|
| Power Platform Admin | Configure environment security roles, manage team assignments |
| Entra Global Admin | Create security groups, configure PIM |
| Compliance Officer | Review role assignments, validate audit evidence |
| AI Governance Lead | Define role requirements, approve role changes |
Related Controls
| Control | Relationship |
|---|---|
| 2.1 - Managed Environments | Environment structure enables role segmentation |
| 1.11 - Conditional Access | CA policies complement RBAC (Conditional Access Automation) |
| 1.23 - Step-Up Authentication | Conditional Access for Agent ID (Public Preview) — enables CA policies scoped to Agentic User identities for agent-specific RBAC enforcement |
| 2.8 - Access Control | Strategic SoD policies |
| Agent Sharing Access Restriction Detector | Restricts agent sharing to zone-based access policies (complements UASD) |
| 1.7 - Audit Logging | Role changes captured in audit log |
Automated Compliance: Conditional Access Automation
For automated deployment and compliance scanning of Conditional Access policies supporting application-level authorization and RBAC enforcement, see the Conditional Access Automation solution.
Capabilities:
- Automated deployment of CA policies enforcing role-based access for AI workloads
- Zone-specific policy templates for app consent and authorization controls
- Daily compliance scanning of CA policy drift affecting RBAC enforcement
- Teams adaptive card alerts when authorization policies are weakened or disabled
- SHA-256 evidence export with integrity hashing for FINRA/SEC examination support
Deployable Solution: conditional-access-automation provides PowerShell deployment scripts, Azure Automation runbook wrappers, and Power Automate flow definitions.
Implementation Playbooks
Step-by-Step Implementation
This control has detailed playbooks for implementation, automation, testing, and troubleshooting:
- Portal Walkthrough — Step-by-step portal configuration
- PowerShell Setup — Automation scripts
- Verification & Testing — Test cases and evidence collection
- Troubleshooting — Common issues and resolutions
Advanced Implementation: Configuration Hardening Baseline
This control is covered by the Configuration Hardening Baseline, which consolidates SSPM-detectable settings across all 7 mapped controls into a single reviewable checklist with automation classification and evidence export procedures.
Verification Criteria
Confirm control effectiveness by verifying:
- Users in
FSI - Agent Viewerrole cannot create or modify agents (read-only) - Users must activate PIM to access Dataverse System Admin in production
- Security role assignments export shows all assignments documented
- Access review completes with attestation for each role
- Service principal credential rotation completes within 90-day window
- All agent actions have "Ask the user before running this action" enabled (Copilot Studio > Agent > Actions)
- No agents have "Let other agents connect to and use this one" enabled without documented approval
- Environment admin count is below 10 per environment (PPAC > Environment > Users + Permissions)
- All System Administrator role assignments are documented and justified
Additional Resources
- Microsoft Learn: Security Roles in Power Platform
- Microsoft Learn: Create Security Roles
- Microsoft Learn: Privileged Identity Management
- Microsoft Learn: Column-Level Security
Agent-Level RBAC via Entra Agent ID
Note: Agent ID features are preview documentation and may change.
Microsoft Entra Agent ID extends RBAC concepts to AI agents:
- Microsoft Learn: Microsoft Entra Agent ID - Agent identity management for RBAC integration
- Microsoft Learn: Agent Identities for AI Agents - Agent-level access control configuration
Updated: February 2026 | Version: v1.3 | UI Verification Status: Current