Azure group has access to a large number of resources

azure

Set up the azure integration.

이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

To mitigate the impact of credential exposure or compromise, role assignments should be scoped down to the least scope of access needed to perform their responsibilities. This rule identifies when a group is assigned a role that has overly broad access to resources within a tenant. Datadog considers access large when the number of resources a user has access to is greater that 40% of the total resource count of the tenant.

Rationale

By comparing the volume of resource a group can access with the total resources of a tenant, we can identify overly large access. This access should be more tightly scoped to limit the impact of a potential compromise.

Remediation

Datadog recommends reducing the scope of a role assigned to a group to the minimum necessary for the members to fulfill their duties. Azure Activity Logs provide a comprehensive view of actual resource interaction. These actions should be compared with the total scope allocated to the group and the role assignment’s scope adjusted more tightly to accord with necessary activity.

PREVIEWING: aliciascott/DOCS-9725-Cloudcraft