last sync: 2024-Jun-24 18:15:26 UTC

Microsoft Managed Control 1039 - Least Privilege | Review Of User Privileges | Regulatory Compliance - Access Control

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1039 - Least Privilege | Review Of User Privileges
Id 3a7b9de4-a8a2-4672-914d-c5f6752aa7f9
Version 1.0.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Access Control control
Additional metadata Name/Id: ACF1039 / Microsoft Managed Control 1039
Category: Access Control
Title: Least Privilege | Review Of User Privileges - Review
Ownership: Customer, Microsoft
Description: The organization: Reviews at least annually the privileges assigned to all users to validate the need for such privileges; and
Requirements: Azure Security generates reports containing user privilege assignments to each service team at least quarterly. Service teams use this report to review user privileges for the various users and roles administering the service and validate the need for the assigned privileges.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC