Entra Permissions Management

Wes Miller analyzes and writes about Microsoft’s security, identity management, and systems management technologies. Before joining Directions on Microsoft, Wes... more

Entra Permissions Management (formally Microsoft Entra Permissions Management) was an Azure-hosted service designed to help customers discover, remediate, and monitor user and workload identities to ensure that permissions have not been applied overly broadly. The service was intended to help multicloud customers assess the state of permissions whether resources are running in AWS, Google Cloud Platform (GCP), or Microsoft Azure. The product has left support as of Sept. 2025.

Service Overview

Entra Permissions Management was based on CloudKnox technologies acquired by Microsoft in 2021. The service was briefly known as CloudKnox Permissions Management (CPM).

The service was intended to help discover and assess the permissions in place and used across all three of the most popular clouds and remediate when permissions have been applied more broadly than needed. The service included machine learning–based anomaly alerts and reporting.

Entra Permissions Management supported both user identities and workload identities. (The latter are used by VMs, containers, applications, etc.)

Atlas Members have full access

Get access to this and thousands of other unbiased analyses, roadmaps, decision kits, infographics, reference guides, and more, all included with membership. Comprehensive access to the most in-depth and unbiased expertise for Microsoft enterprise decision-making is waiting.

Membership Options

Already have an account? Login Now