[CoE Starter Kit - QUESTION] How to Audit Apps Owned by Service Accounts

[medicineshow]

Does this question already exist in our backlog?

• [X] I have checked and confirm this is a new question.

What is your question?

How can we request information about an app if the owner is a service account with no email. Is there a way to give access to a user in the Developer Compliance Centre so that they can provide the application detail? And is it possible to direct the compliancy request email to these users?

What solution are you experiencing the issue with?

Governance

What solution version are you using?

August Release 2023

What app or flow are you having the issue with?

No response

What method are you using to get inventory and telemetry?

None

[manuelap-msft]

At the moment, there isn't a good way to achieve this with how the Compliance Process is built. However, we do have it on our backlog to add a "named" owner field for resources which can then be used in the compliance process https://github.com/microsoft/coe-starter-kit/issues/5645

However, that would mean an admin would have to manually update resources and set a named owner. Do you think that would work for you? If you have ideas on how you would like to manage this, let us know so we can take that into consideration when we implement this!

Thanks for the feedback!

[medicineshow]

Indeed that would be my suggestion or if it is possible to identify co-owners. This would still understandably be a manual task but it is a needed enhancement, especially as Microsoft get us to use service accounts as best practice. My workaround now is to identify a user who can provide the required info and send a template email to them to gather the responses.