Risk Level: High
Cloud Entity: AD Authorization Policy
CloudGuard Rule ID: D9.AZU.IAM.40
Covered by Spectral: No
Category: Active Directory
ADAuthorizationPolicy should have allowInvitesFrom='adminsAndGuestInviters'
- From Azure Home select the Portal Menu.
- Select Azure Active Directory.
- In the navigation panel, select Users.
- Under All users, select User settings to access Azure Active Directory user settings.
- On the 'User settings' configuration page, under 'External users', click 'Manage external collaboration settings'.
- Now, under 'Guest invite Settings' select 'Only users assigned to specific admin roles can invite guest users'.
- Click Save.
Note: Please note that at this point of time, there is no Azure CLI or other API commands available to programmatically conduct security configuration for this recommendation.
Represents a policy that can control Azure Active Directory authorization settings.
- Azure CIS Foundations v. 1.2.0
- Azure CIS Foundations v. 1.3.0
- Azure CIS Foundations v. 1.3.1
- Azure CIS Foundations v. 1.4.0
- Azure CIS Foundations v. 1.5.0
- Azure CIS Foundations v.2.0
- Azure CloudGuard Best Practices
- Azure NIST 800-53 Rev 5
- CloudGuard Azure All Rules Ruleset
Updated 3 months ago