Entra admin roles - CSAs

FaithOmbongi · FaithOmbongi · commit 6e3133c6fba6 · 2024-10-24T18:24:02.000+03:00
diff --git a/api-reference/beta/includes/rbac-for-apis/rbac-customsecurityattibutes-apis-definition-assignment-read.md b/api-reference/beta/includes/rbac-for-apis/rbac-customsecurityattibutes-apis-definition-assignment-read.md
@@ -3,11 +3,11 @@ author: CecilyK
 ms.topic: include
 ---
 
-In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. The following privileged roles are supported for this operation.
-
-+ Attribute Assignment Reader
-+ Attribute Definition Reader
-+ Attribute Assignment Administrator
-+ Attribute Definition Administrator
-
-By default, *Global Administrator* and other administrator roles don't have permissions to read, define, or assign custom security attributes.
+> [!IMPORTANT]
+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. The following privileged roles are supported for this operation.
+> - Attribute Assignment Reader
+> - Attribute Definition Reader
+> - Attribute Assignment Administrator
+> - Attribute Definition Administrator
+>
+> By default, *Global Administrator* and other administrator roles don't have permissions to read, define, or assign custom security attributes.
diff --git a/api-reference/beta/includes/rbac-for-apis/rbac-customsecurityattibutes-apis-write.md b/api-reference/beta/includes/rbac-for-apis/rbac-customsecurityattibutes-apis-write.md
@@ -3,6 +3,7 @@ author: CecilyK
 ms.topic: include
 ---
 
-In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. *Attribute Definition Administrator* is the only privileged role supported for this operation.
-
-By default, *Global Administrator* and other administrator roles don't have permissions to read, define, or assign custom security attributes.
+> [!IMPORTANT]
+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. *Attribute Definition Administrator* is the only privileged role supported for this operation.
+> 
+> By default, *Global Administrator* and other administrator roles don't have permissions to read, define, or assign custom security attributes.
diff --git a/api-reference/beta/includes/rbac-for-apis/rbac-customsecurityattibutes-audit-apis-read.md b/api-reference/beta/includes/rbac-for-apis/rbac-customsecurityattibutes-audit-apis-read.md
@@ -2,9 +2,10 @@
 author: rolyon
 ms.topic: include
 ---
-In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. The following privileged roles are supported for this operation.
 
-- Attribute Log Reader
-- Attribute Log Administrator
-
-By default, Global Administrator and other administrator roles do not have permissions to read custom security attribute audit logs.
+> [!IMPORTANT]
+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. The following privileged roles are supported for this operation.
+> - Attribute Log Reader
+> - Attribute Log Administrator
+> 
+> By default, Global Administrator and other administrator roles do not have permissions to read custom security attribute audit logs.
diff --git a/api-reference/v1.0/includes/rbac-for-apis/rbac-customsecurityattibutes-apis-definition-assignment-read.md b/api-reference/v1.0/includes/rbac-for-apis/rbac-customsecurityattibutes-apis-definition-assignment-read.md
@@ -3,11 +3,12 @@ author: CecilyK
 ms.topic: include
 ---
 
-In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. The following privileged roles are supported for this operation.
-
-+ Attribute Assignment Reader
-+ Attribute Definition Reader
-+ Attribute Assignment Administrator
-+ Attribute Definition Administrator
-
-By default, *Global Administrator* and other administrator roles don't have permissions to read, define, or assign custom security attributes.
+> [!IMPORTANT]
+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. The following privileged roles are supported for this operation.
+>
+> - Attribute Assignment Reader
+> - Attribute Definition Reader
+> - Attribute Assignment Administrator
+> - Attribute Definition Administrator
+>
+> By default, *Global Administrator* and other administrator roles don't have permissions to read, define, or assign custom security attributes.
diff --git a/api-reference/v1.0/includes/rbac-for-apis/rbac-customsecurityattibutes-apis-write.md b/api-reference/v1.0/includes/rbac-for-apis/rbac-customsecurityattibutes-apis-write.md
@@ -3,6 +3,7 @@ author: CecilyK
 ms.topic: include
 ---
 
-In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. *Attribute Definition Administrator* is the only privileged role supported for this operation.
-
-By default, *Global Administrator* and other administrator roles don't have permissions to read, define, or assign custom security attributes.
+> [!IMPORTANT]
+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. *Attribute Definition Administrator* is the only privileged role supported for this operation.
+> 
+> By default, *Global Administrator* and other administrator roles don't have permissions to read, define, or assign custom security attributes.
