2020年9月26日 星期六

Azure Access Reviews (存取權審核)

Azure Access Reviews (存取權審核)


What are Azure Access Reviews

  • Access Review to:
    • Group Membership
    • Applications
    • Roles
  • Available via the Azure Portal
  • Set to review access on regular basis
  • Reduce admin overhead and stay in control as much as possible

Licensing Needed
  • License
    • Azure AD Premium P2
    • Enterprise Mobility & Security (EMS) E5
  • Who needs an Azure AD P2 or EMS E5
    • Members/Guests who are reviewers
    • Group owners performing the review
    • All users performing a self-review
    • Application owners
  • Exceptions for settings up Access Reviews:
    • Global Admins
    • User Admins

What are the benefits

    Reduce admin overhead!
  • Regular checks even in busy times
  • Works for internal users AND guests
  • Review the most important roles... Admin!
  • Delegate to group/application owners as they should know who needs access
  • Available using the Microsoft Graph APIs

Configure Access Reviews in Azure Portal


click Onboard

Duration: is deadline to review


Reviewers
Licensing Needed
  • Group owners 群組擁有者才需要License
  • Selected users 選定的使用者才需要License
  • Members(self) 所有群組成員都需要License




Use Access Reviews

from a reviewer perspective
Login with Group owner




may change decision


Reporting







Reference:
Create an access review of groups and applications in Azure AD access reviews

沒有留言:

Copy or Backup Command - robocopy

  robocopy D:\Backup E:\Backup /MIR /MT:100 /LOG+:C:\Logs\robocopy.log /MIR  鏡像目錄樹(包含 空的子目錄 ), 確保目標目錄與來源目錄完全相符,並比對刪除目標中不存在於來源中的任何檔案或目錄, /MT:...