2020年9月26日 星期六

Azure Access Reviews (存取權審核)

Azure Access Reviews (存取權審核)


What are Azure Access Reviews

  • Access Review to:
    • Group Membership
    • Applications
    • Roles
  • Available via the Azure Portal
  • Set to review access on regular basis
  • Reduce admin overhead and stay in control as much as possible

Licensing Needed
  • License
    • Azure AD Premium P2
    • Enterprise Mobility & Security (EMS) E5
  • Who needs an Azure AD P2 or EMS E5
    • Members/Guests who are reviewers
    • Group owners performing the review
    • All users performing a self-review
    • Application owners
  • Exceptions for settings up Access Reviews:
    • Global Admins
    • User Admins

What are the benefits

    Reduce admin overhead!
  • Regular checks even in busy times
  • Works for internal users AND guests
  • Review the most important roles... Admin!
  • Delegate to group/application owners as they should know who needs access
  • Available using the Microsoft Graph APIs

Configure Access Reviews in Azure Portal


click Onboard

Duration: is deadline to review


Reviewers
Licensing Needed
  • Group owners 群組擁有者才需要License
  • Selected users 選定的使用者才需要License
  • Members(self) 所有群組成員都需要License




Use Access Reviews

from a reviewer perspective
Login with Group owner




may change decision


Reporting







Reference:
Create an access review of groups and applications in Azure AD access reviews

沒有留言:

SQL Server Planning, Pricing and License

  Server-CALs授權模式 1.需購買的量應該是所有終端用戶的電腦 例如:一台Data warehouse主機 與 一台Web報表主機,但公司有50人或電腦會連進Web報表主機開啟報表,則應該每一台用戶端電腦都需要有CALs授權,Data warehouse主機購買Ser...