Azure_IAM_18

Ensure that Users who can manage security groups is set to None

Description

Restrict security group management to administrators only.

Remediation

Perform the following in the Azure Console:

  1. Go to Azure Active Directory
  2. Go to Users and group
  3. Go to Group settings
  4. Set Users who can manage security groups to None

References:

  1. https://docs.microsoft.com/en-us/azure/active-directory/active-directory-accessmanagement-self-service-group-management#making-a-group-available-for-end-user-self-service

Service

IAM

Severity

High

Compliance

Mapping

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!