| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1010 - Account Management | ||
| Id | 784663a8-1eb0-418a-a98c-24d19bc1bb62 | ||
| Version | 1.0.0 Details on versioning |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Access Control control | ||
| Additional metadata |
Name/Id: ACF1010 / Microsoft Managed Control 1010 Category: Access Control Title: Account Management - Authorizations Ownership: Customer, Microsoft Description: The organization: Authorizes access to the information system based on: A valid access authorization; Intended system usage; and Other attributes as required by the organization or associated missions/business functions; Requirements: OneIdentity enables role-based access to Azure’s production network and supporting infrastructure in a secure manner that complies with least privilege policies and guidelines set by Microsoft. Access requests and modifications to Azure security groups and thus privileges in the Azure environment are approved based upon meeting criteria that determine the appropriateness of the requested role and is completed by an account approver based on rules defined in OneIdentity. Information system usage or need-to-know/need-to-share changes are managed by the owner of the service. The service owner and account approvers can request changes to the access of accounts on their service for AD accounts through OneIdentity. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|