standard
turbot/azure_compliance

Trigger: Detect & correct authorization policy allowing IAM users to register application

Detect authorization policy allowing IAM users to register application.

Query

with distinct_tenant as (
select
distinct tenant_id,
_ctx
from
azure_tenant
)
select
concat(a.id, ' [', t.tenant_id, ']') as title,
t.tenant_id,
a._ctx ->> 'connection_name' as conn
from
distinct_tenant as t,
azuread_authorization_policy as a
where
a.default_user_role_permissions ->> 'allowedToCreateApps' = 'true';

Schedule

15m

Tags

category = Compliance
plugin = azure
service = Azure/IAM