Microsoft Teams Azure AD Admin Role
Create a Microsoft Teams Azure AD Admin Role for organizations to have a more task oriented Security design around the service. Basically, the Global Admin is very privileged, and the Teams services is not something that a Global Admin, in large enterprises, really needs to management. An Admin role in Azure AD would allow the service management teams for Microsoft Teams to implement settings on the Teams services directly, and create, read, update, delete existing teams. This should be possible leveraging the Microsoft Graph.
I would also like to see some more RBAC roles for Teams. Generally speaking a fallback to manage anything with the Global Admin role is not a good idea. We have multiple teams that manage different aspects of Office 365. Our user facing support team has no way of accessing the teams admin center currently since the only supported roles are skype administrators or the Global Admin.
- Role with read only rights
- Role to manage External Sharing (Federation)
- Role to manage user and messaging policy
- An actual Role labeled Teams Administrator