AzPolicyAdvertizer

last sync: 2024-Jul-26 18:17:39 UTC

[Deprecated]: MFA should be enabled for accounts with write permissions on your subscription

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

[Deprecated]: MFA should be enabled for accounts with write permissions on your subscription

9297c21d-2ed6-4474-b48f-163f75654ce3

Version

3.0.1-deprecated
Details on versioning

Category

Security Center
Microsoft Learn

Description

This policy definition is no longer the recommended way to achieve its intent. Instead of continuing to use this policy, we recommend you assign this replacement policy with policy ID 931e118d-50a1-4457-a5e4-78550e086c52. Learn more about policy definition deprecation at aka.ms/policydefdeprecation

Mode

All

Type

BuiltIn

Preview

False

Deprecated

True

Reference

Reference to 1 related Policy definition (taken from description)
Accounts with write permissions on Azure resources should be MFA enabled (931e118d-50a1-4457-a5e4-78550e086c52)

Effect

Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled

RBAC role(s)

none

Rule aliases

THEN-ExistenceCondition (1)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.Security/assessments/status.code	Microsoft.Security	assessments	properties.status.code	True		False

Rule resource types

IF (1)
Microsoft.Resources/subscriptions

Compliance

Not a Compliance control

Initiatives usage

none

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2023-05-01 17:41:52	change	Version remains equal, new suffix: deprecated (3.0.1 > 3.0.1-deprecated)
2022-09-23 16:35:49	change	Patch (3.0.0 > 3.0.1)
2021-01-05 16:06:49	change	Major (2.0.0 > 3.0.0)

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC