Skip to content

[RULE] List Guest and Disabled accounts with Read and/or Write access to Azure subscriptionΒ #3239

New issue
New issue
Open
Feature
Open
[RULE] List Guest and Disabled accounts with Read and/or Write access to Azure subscription#3239
Feature
Labels
feature: in-flight-exportIssues that related to exporting resource data for in-flight analysis.pillar: operational-execellenceAligned to the Operational Excellence pillar.
@Leandroesc

Description

@Leandroesc
Leandroesc
opened on Feb 3, 2025

Existing rule

No response

Suggested rule

Exporting the list of current disabled and guest accounts with read or write access to resources using the Export-AzRuleData script will help customers understand that there are current security risks opened without proper governance in place. These risks are highlighted in Azure Advisor as high severity

Pillar

Operational Excellence

Additional context

This risk could be added to the security pillar in WAF, however as it's an operations activity, it could be also added to the operational excellence pillar.
https://learn.microsoft.com/en-us/azure/defender-for-cloud/managing-and-responding-alerts

Metadata

Metadata

Assignees

No one assigned

    Labels

    feature: in-flight-exportIssues that related to exporting resource data for in-flight analysis.pillar: operational-execellenceAligned to the Operational Excellence pillar.

    Type

    Feature

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions