Pipeline: 2 Identity
Overview
This section covers security best practice recommendations for products in the Azure Identity services category.
Azure Product Category Page: https://azure.microsoft.com/en-us/products/category/identity
Many of the recommendations from this section are marked as "Manual" while the existing Azure CLI and Azure AD PowerShell support through the Azure AD Graph are being deprecated. It is now recommended to use the new Microsoft Graph PowerShell in replacement of Azure AD Graph for PowerShell and API level access. From a security posture standpoint, these recommendations are still very important and should not be discounted because they are "Manual." As automation capability is developed for this Benchmark, the related recommendations will be updated with the respective audit and remediation steps and changed to an "automated" assessment status.
If any problems are encountered running Azure CLI or PowerShell methodologies, please refer to the Introduction section of this Benchmark where you will find additional detail on permission and required cmdlets.
Run the pipeline
To run this pipeline from your terminal:
flowpipe pipeline run azure_cis.pipeline.cis_v300_2
Use this pipeline
To call this pipeline from your pipeline, use a step:
step "pipeline" "step_name" { pipeline = azure_cis.pipeline.cis_v300_2 }
Params
Name | Type | Required | Description | Default |
---|---|---|---|---|
database | connection.steampipe | Yes | Database connection string. | connection.steampipe.default |
notifier | notifier | Yes | The name of the notifier to use for sending notification messages. | notifier.default |
notification_level | string | Yes | The verbosity level of notification messages to send. Valid options are 'verbose', 'info', 'error'. | info |
Outputs
This pipeline has no outputs.