standard
turbot/azure_compliance

Trigger: Detect & correct Tenants with more than five IAM global administrator

Detect tenants with more than five IAM global administrator.

Query

with distinct_tenant as (
select
distinct tenant_id
from
azure_tenant
)
select
t.tenant_id as title,
(jsonb_array_length(member_ids)) :: text as global_administrator_count,
_ctx ->> 'connection_name' as conn
from
distinct_tenant as t,
azuread_directory_role as p
where
display_name = 'Global Administrator'
and jsonb_array_length(member_ids) > 5

Schedule

15m

Tags

category = Compliance
plugin = azure
service = Azure/IAM