Skip to content

fix: change azuread name to entraid #18

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Nov 24, 2024
Merged

fix: change azuread name to entraid #18

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions ...ls/aws/aws_sso_users_with_permission_assignments_are_required_to_have_MFA_on_AzureAD.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ Query:
ListOfTables:
- aws_identitystore_user
- aws_ssoadmin_account_assignment
- azuread_user_registration_details
- entraid_user_registration_details
Parameters: []
PrimaryTable: aws_identitystore_user
QueryToExecute: |
Expand All @@ -27,7 +27,7 @@ Query:
FROM
(aws_identitystore_user
CROSS JOIN jsonb_array_elements(external_ids) AS external_id) iden
INNER JOIN azuread_user_registration_details az
INNER JOIN entraid_user_registration_details az
ON az.id = value ->> 'Id'
WHERE
EXISTS (
Expand Down
6 changes: 3 additions & 3 deletions compliance/controls/azure/azure_ad_guest_user_reviewed_monthly.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ Query:
Engine: CloudQL-v0.0.1
ListOfTables:
- azure_tenant
- azuread_user
- entraid_user
Parameters: []
PrimaryTable: azuread_user
PrimaryTable: entraid_user
QueryToExecute: |
SELECT
u.display_name AS resource,
Expand All @@ -25,7 +25,7 @@ Query:
END AS reason,
t.tenant_id
FROM
azuread_user AS u
entraid_user AS u
LEFT JOIN
azure_tenant AS t ON t.tenant_id = u.tenant_id
WHERE
Expand Down
6 changes: 3 additions & 3 deletions compliance/controls/azure/azure_cis_v130_1_3.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ Query:
Engine: CloudQL-v0.0.1
ListOfTables:
- azure_tenant
- azuread_user
- entraid_user
Parameters: []
PrimaryTable: azuread_user
PrimaryTable: entraid_user
QueryToExecute: |
WITH distinct_tenant AS (
SELECT
Expand All @@ -33,7 +33,7 @@ Query:
END AS reason,
t.tenant_id
FROM
azuread_user AS u
entraid_user AS u
LEFT JOIN distinct_tenant AS t ON t.tenant_id = u.tenant_id
WHERE
u.user_type = 'Guest';
Expand Down
6 changes: 3 additions & 3 deletions compliance/controls/azure/azure_cis_v140_1_3.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ Query:
Engine: CloudQL-v0.0.1
ListOfTables:
- azure_tenant
- azuread_user
- entraid_user
Parameters: []
PrimaryTable: azuread_user
PrimaryTable: entraid_user
QueryToExecute: |
WITH distinct_tenant AS (
SELECT DISTINCT
Expand All @@ -33,7 +33,7 @@ Query:
END AS reason,
t.tenant_id
FROM
azuread_user AS u
entraid_user AS u
LEFT JOIN distinct_tenant AS t ON t.tenant_id = u.tenant_id
WHERE
u.user_type = 'Guest';
Expand Down
6 changes: 3 additions & 3 deletions compliance/controls/azure/azure_cis_v150_1_14.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ Query:
Engine: CloudQL-v0.0.1
ListOfTables:
- azure_tenant
- azuread_authorization_policy
- entraid_authorization_policy
Parameters: []
PrimaryTable: azuread_authorization_policy
PrimaryTable: entraid_authorization_policy
QueryToExecute: |
WITH distinct_tenant AS (
SELECT
Expand All @@ -33,7 +33,7 @@ Query:
t.tenant_id
FROM
distinct_tenant AS t,
azuread_authorization_policy AS a;
entraid_authorization_policy AS a;
Severity: low
Tags: {}
Title: 1.14 Ensure That ‘Users Can Register Applications’ Is Set to ‘No’
6 changes: 3 additions & 3 deletions compliance/controls/azure/azure_cis_v150_1_19.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ Query:
Engine: CloudQL-v0.0.1
ListOfTables:
- azure_tenant
- azuread_authorization_policy
- entraid_authorization_policy
Parameters: []
PrimaryTable: azuread_authorization_policy
PrimaryTable: entraid_authorization_policy
QueryToExecute: |
WITH distinct_tenant AS (
SELECT
Expand All @@ -33,7 +33,7 @@ Query:
t.tenant_id
FROM
distinct_tenant AS t,
azuread_authorization_policy AS a;
entraid_authorization_policy AS a;
Severity: low
Tags: {}
Title: 1.19 Ensure that 'Users can create security groups in Azure portals, API or PowerShell' is set to 'No'
6 changes: 3 additions & 3 deletions compliance/controls/azure/azure_cis_v150_1_2_6.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ Query:
Engine: CloudQL-v0.0.1
ListOfTables:
- azure_tenant
- azuread_conditional_access_policy
- entraid_conditional_access_policy
Parameters: []
PrimaryTable: azuread_conditional_access_policy
PrimaryTable: entraid_conditional_access_policy
QueryToExecute: |
WITH distinct_tenant AS (
SELECT
Expand All @@ -33,7 +33,7 @@ Query:
t.tenant_id
FROM
distinct_tenant AS t,
azuread_conditional_access_policy AS p;
entraid_conditional_access_policy AS p;
Severity: low
Tags: {}
Title: 1.2.6 Ensure Multi-factor Authentication is Required for Azure Management
6 changes: 3 additions & 3 deletions compliance/controls/azure/azure_cis_v150_1_4.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,10 @@ IntegrationType:
Query:
Engine: CloudQL-v0.0.1
ListOfTables:
- azuread_user
- entraid_user
- azure_tenant
Parameters: []
PrimaryTable: azuread_user
PrimaryTable: entraid_user
QueryToExecute: |
WITH distinct_tenant AS (
SELECT
Expand All @@ -33,7 +33,7 @@ Query:
END AS reason,
t.tenant_id
FROM
azuread_user AS u
entraid_user AS u
LEFT JOIN
distinct_tenant AS t ON t.tenant_id = u.tenant_id
WHERE
Expand Down
6 changes: 3 additions & 3 deletions compliance/controls/azure/azure_cis_v200_1_14.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ Query:
Engine: CloudQL-v0.0.1
ListOfTables:
- azure_tenant
- azuread_authorization_policy
- entraid_authorization_policy
Parameters: []
PrimaryTable: azuread_authorization_policy
PrimaryTable: entraid_authorization_policy
QueryToExecute: |
WITH distinct_tenant AS (
SELECT
Expand All @@ -33,7 +33,7 @@ Query:
t.tenant_id
FROM
distinct_tenant AS t,
azuread_authorization_policy AS a;
entraid_authorization_policy AS a;
Severity: low
Tags: {}
Title: 1.14 Ensure That 'Users Can Register Applications' Is Set to 'No'
6 changes: 3 additions & 3 deletions compliance/controls/azure/azure_cis_v200_1_19.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ Query:
Engine: CloudQL-v0.0.1
ListOfTables:
- azure_tenant
- azuread_authorization_policy
- entraid_authorization_policy
Parameters: []
PrimaryTable: azuread_authorization_policy
PrimaryTable: entraid_authorization_policy
QueryToExecute: |
WITH distinct_tenant AS (
SELECT DISTINCT
Expand All @@ -33,7 +33,7 @@ Query:
t.tenant_id
FROM
distinct_tenant AS t,
azuread_authorization_policy AS a;
entraid_authorization_policy AS a;
Severity: low
Tags: {}
Title: 1.19 Ensure that 'Users can create security groups in Azure portals, API or PowerShell' is set to 'No'
6 changes: 3 additions & 3 deletions compliance/controls/azure/azure_cis_v200_1_2_6.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ Query:
Engine: CloudQL-v0.0.1
ListOfTables:
- azure_tenant
- azuread_conditional_access_policy
- entraid_conditional_access_policy
Parameters: []
PrimaryTable: azuread_conditional_access_policy
PrimaryTable: entraid_conditional_access_policy
QueryToExecute: |
WITH distinct_tenant AS (
SELECT
Expand All @@ -33,7 +33,7 @@ Query:
t.tenant_id
FROM
distinct_tenant AS t,
azuread_conditional_access_policy AS p;
entraid_conditional_access_policy AS p;
Severity: low
Tags: {}
Title: 1.2.6 Ensure Multi-factor Authentication is Required for Azure Management
6 changes: 3 additions & 3 deletions compliance/controls/azure/azure_cis_v200_1_5.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ Query:
Engine: CloudQL-v0.0.1
ListOfTables:
- azure_tenant
- azuread_user
- entraid_user
Parameters: []
PrimaryTable: azuread_user
PrimaryTable: entraid_user
QueryToExecute: |
WITH distinct_tenant AS (
SELECT
Expand All @@ -33,7 +33,7 @@ Query:
END AS reason,
t.tenant_id
FROM
azuread_user AS u
entraid_user AS u
LEFT JOIN distinct_tenant AS t ON t.tenant_id = u.tenant_id
WHERE
u.user_type = 'Guest';
Expand Down
6 changes: 3 additions & 3 deletions compliance/controls/azure/azure_cis_v210_1_13.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ Query:
Engine: CloudQL-v0.0.1
ListOfTables:
- azure_tenant
- azuread_authorization_policy
- entraid_authorization_policy
Parameters: []
PrimaryTable: azuread_authorization_policy
PrimaryTable: entraid_authorization_policy
QueryToExecute: |
WITH distinct_tenant AS (
SELECT DISTINCT
Expand All @@ -33,7 +33,7 @@ Query:
t.tenant_id
FROM
distinct_tenant AS t,
azuread_authorization_policy AS a;
entraid_authorization_policy AS a;
Severity: low
Tags: {}
Title: 1.13 Ensure That 'Users Can Register Applications' Is Set to 'No'
6 changes: 3 additions & 3 deletions compliance/controls/azure/azure_cis_v210_1_18.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ Query:
Engine: CloudQL-v0.0.1
ListOfTables:
- azure_tenant
- azuread_authorization_policy
- entraid_authorization_policy
Parameters: []
PrimaryTable: azuread_authorization_policy
PrimaryTable: entraid_authorization_policy
QueryToExecute: |
WITH distinct_tenant AS (
SELECT
Expand All @@ -33,7 +33,7 @@ Query:
t.tenant_id
FROM
distinct_tenant AS t,
azuread_authorization_policy AS a;
entraid_authorization_policy AS a;
Severity: low
Tags: {}
Title: 1.18 Ensure that 'Users can create security groups in Azure portals, API or PowerShell' is set to 'No'
6 changes: 3 additions & 3 deletions compliance/controls/azure/azure_cis_v210_1_25.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ Query:
Engine: CloudQL-v0.0.1
ListOfTables:
- azure_tenant
- azuread_directory_role
- entraid_directory_role
Parameters: []
PrimaryTable: azuread_directory_role
PrimaryTable: entraid_directory_role
QueryToExecute: |
WITH distinct_tenant AS (
SELECT
Expand All @@ -33,7 +33,7 @@ Query:
t.tenant_id
FROM
distinct_tenant AS t,
azuread_directory_role
entraid_directory_role
WHERE
display_name = 'Global Administrator'
Severity: low
Expand Down
6 changes: 3 additions & 3 deletions compliance/controls/azure/azure_cis_v210_1_2_6.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ Query:
Engine: CloudQL-v0.0.1
ListOfTables:
- azure_tenant
- azuread_conditional_access_policy
- entraid_conditional_access_policy
Parameters: []
PrimaryTable: azuread_conditional_access_policy
PrimaryTable: entraid_conditional_access_policy
QueryToExecute: |
WITH distinct_tenant AS (
SELECT
Expand All @@ -33,7 +33,7 @@ Query:
t.tenant_id
FROM
distinct_tenant AS t,
azuread_conditional_access_policy AS p;
entraid_conditional_access_policy AS p;
Severity: low
Tags: {}
Title: 1.2.6 Ensure Multifactor Authentication is Required for Windows Azure Service Management API
10 changes: 5 additions & 5 deletions compliance/controls/azure/azure_cis_v210_1_2_7.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,19 +5,19 @@ IntegrationType:
Query:
Engine: CloudQL-v0.0.1
ListOfTables:
- azuread_user
- entraid_user
- azure_role_assignment
- azure_role_definition
- azuread_conditional_access_policy
- entraid_conditional_access_policy
Parameters: []
PrimaryTable: azuread_conditional_access_policy
PrimaryTable: entraid_conditional_access_policy
QueryToExecute: |
WITH distinct_tenant AS (
SELECT
u.id,
tenant_id
FROM
azuread_user AS u
entraid_user AS u
LEFT JOIN azure_role_assignment AS a ON a.principal_id = u.id
LEFT JOIN azure_role_definition AS d ON d.id = a.role_definition_id
WHERE
Expand All @@ -39,7 +39,7 @@ Query:
t.tenant_id
FROM
distinct_tenant AS t,
azuread_conditional_access_policy AS p;
entraid_conditional_access_policy AS p;
Severity: low
Tags: {}
Title: 1.2.7 Ensure Multifactor Authentication is Required to access Microsoft Admin Portals
6 changes: 3 additions & 3 deletions compliance/controls/azure/azure_cis_v210_1_4.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ Query:
Engine: CloudQL-v0.0.1
ListOfTables:
- azure_tenant
- azuread_user
- entraid_user
Parameters: []
PrimaryTable: azuread_user
PrimaryTable: entraid_user
QueryToExecute: |
WITH distinct_tenant AS (
SELECT
Expand All @@ -33,7 +33,7 @@ Query:
END AS reason,
t.tenant_id
FROM
azuread_user AS u
entraid_user AS u
LEFT JOIN distinct_tenant AS t ON t.tenant_id = u.tenant_id
WHERE
u.user_type = 'Guest';
Expand Down
Loading