Tag Archives: InfoProtection

Updated Announcement: Microsoft Purview – New Purview Agent Deployment Role

Posted on by

Microsoft Purview introduces a new Purview Agent Deployment role added to several built-in role groups, allowing analysts to deploy and manage Purview agents without admin help. Rollout starts late February 2026, improving onboarding and agent use while maintaining existing data access and compliance controls.

Microsoft introducing a new Microsoft Purview Role-Based Access Control (RBAC) role—Purview Agent Deployment—and adding it to several existing built‑in Purview role groups. This enhancement empowers analysts who work with Purview agents to deploy and manage them directly, without requiring administrator involvement. The change streamlines onboarding and supports broader adoption of Purview’s AI‑powered agent capabilities.

This update corresponds to Roadmap ID 551147.

Rollout Timeline

  • General Availability (Worldwide): Begins late February 2026
  • Expected Completion: Mid‑March 2026

Who is affected

  • Administrators managing Purview role groups
  • Analysts deploying or working with Microsoft Purview agents

What’s changing

The new Purview Agent Deployment role will be added to the following built‑in role groups:

  • Compliance Administrator
  • Data Security Management
  • Information Protection
  • Information Protection Analysts
  • Information Protection Investigators
  • Insider Risk Management
  • Insider Risk Management Analyst
  • Insider Risk Management Investigator
  • Purview Agent Management

The Purview Agent Management role group will continue to include the Purview Content Analyst role and retain access to Posture agent capabilities.

Capabilities enabled

Users assigned to these role groups will be able to deploy, use, and manage Purview agents end‑to‑end, including:

  • Data Loss Prevention (DLP) — Data Security Triage Agent
  • Insider Risk Management (IRM) — Data Security Triage Agent
  • Data Security Posture Management (DSPM) — Posture Agent
  • Future Purview agents as they are released

Important:

  • No default data access permissions are modified.
  • No new visibility into customer content is introduced.
  • Organizations can optionally enforce separation of responsibilities by using custom role groups.