Azure Access Reviews (存取權審核)
What are Azure Access Reviews
- Access Review to:
- Group Membership
- Applications
- Roles
- Available via the Azure Portal
- Set to review access on regular basis
- Reduce admin overhead and stay in control as much as possible
Licensing Needed- License
- Azure AD Premium P2
- Enterprise Mobility & Security (EMS) E5
- Who needs an Azure AD P2 or EMS E5
- Members/Guests who are reviewers
- Group owners performing the review
- All users performing a self-review
- Application owners
- Exceptions for settings up Access Reviews:
- Global Admins
- User Admins
- License
- Azure AD Premium P2
- Enterprise Mobility & Security (EMS) E5
- Who needs an Azure AD P2 or EMS E5
- Members/Guests who are reviewers
- Group owners performing the review
- All users performing a self-review
- Application owners
- Exceptions for settings up Access Reviews:
- Global Admins
- User Admins
What are the benefits
Reduce admin overhead!- Regular checks even in busy times
- Works for internal users AND guests
- Review the most important roles... Admin!
- Delegate to group/application owners as they should know who needs access
- Available using the Microsoft Graph APIs
Configure Access Reviews in Azure Portal
click Onboard
Duration: is deadline to review
ReviewersLicensing Needed- Group owners 群組擁有者才需要License
- Selected users 選定的使用者才需要License
- Members(self) 所有群組成員都需要License
click Onboard
Reviewers
Licensing Needed
- Group owners 群組擁有者才需要License
- Selected users 選定的使用者才需要License
- Members(self) 所有群組成員都需要License
Use Access Reviews
from a reviewer perspective
Login with Group owner
Reporting
Create an access review of groups and applications in Azure AD access reviews
沒有留言:
張貼留言