last sync: 2024-Jun-13 18:14:14 UTC

Microsoft Managed Control 1040 - Least Privilege | Review Of User Privileges | Regulatory Compliance - Access Control

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1040 - Least Privilege | Review Of User Privileges
Id 54205576-cec9-463f-ba44-b4b3f5d0a84c
Version 1.0.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Access Control control
Additional metadata Name/Id: ACF1040 / Microsoft Managed Control 1040
Category: Access Control
Title: Least Privilege | Review Of User Privileges - Reassign
Ownership: Customer, Microsoft
Description: The organization: Reassigns or removes privileges, if necessary, to correctly reflect organizational mission/business needs.
Requirements: Any user who no longer is in a role that requires access is removed as part of the review process, either by the manager identifying it as not required or due to lack of response from the manager.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC