search

ssc-spc-ccoe-cei / azure-guardrails-solution-accelerator

This implementation automates reporting to verify compliance with GC Cloud Guardrails. SSC and TBS review the results. Cette mise en œuvre automatise la production de rapports afin de vérifier la conformité aux mesures de sécurité infonuagique du GC. SPC et SCT examinent les résultats.
Other
7 stars 4 forks source link

GR2 | Validation 8 | Existing Guest User Accounts (M) #142

Closed MathesonSho closed 1 week ago

MathesonSho commented 1 month ago

ItemName: Existing Guest User Accounts (M) ItemName FR: Comptes d'utilisateurs invités existants (M)

Description: This is an existing control reworded and is now required to be a default pass for all environments whether they use guest accounts or not. Current control is called “Remove Guest Accounts” new control name is “Existing Guest User Accounts (M)”. The control will list the guest user accounts for departments to verify their necessity overtime.

MathesonSho commented 2 weeks ago

Original Comment: Remove guest accounts from MS Entra ID or remove their permissions from the Azure Subscriptions.

New Comment: Review and validate list of guest users. Remove guest accounts according to departmental procedures and policies as needed.

New Comment FR: Examinez et validez la liste des utilisateurs invités. Supprimez les comptes d’invités selon les procédures et les politiques ministérielles, au besoin.

dutt0 commented 2 weeks ago

Additional column in the guest user table, where "True" for the guest account has at least one role assigned in a subscription and "False" for a guest account without any assigned role

dutt0 commented 1 week ago

Additional new comments: guestAssigned = This GUEST account has role assignment in the Azure subscriptions guestNotAssigned = This GUEST account does not have any role assignment in the Azure subscriptions

MathesonSho commented 1 week ago

EN: noGuestAccounts = There are currently no GUEST User Accounts in your tenant environment. guestAccountsNoPermission = There are GUEST User Accounts in the tenant environment and they do not have any permissions in the tenant's Azure subscription(s). guestAssigned = This GUEST User Account has a role assignment in the tenant's Azure subscriptions. guestNotAssigned = This GUEST User Account does not have any role assignment in the tenant's Azure subscription(s). existingGuestAccounts = Existing Guest User Accounts existingGuestAccountsComment = Review and validate the provided list of GUEST User Accounts. Remove GUEST User Accounts according to your departmental procedures and policies, as needed.

FR: noGuestAccounts = Il n’y a présentement aucun compte d’utilisateur invité dans votre environnement locataire. guestAccountsNoPermission = Il y a des comptes d’utilisateurs invités dans l’environnement locataire et ils n’ont aucune permission dans le(s) abonnement(s) Azure du locataire. guestAssigned = Ce compte d’utilisateur invité a une attribution de rôle dans le(s) abonnement(s) Azure du locataire. guestNotAssigned = Ce compte d’utilisateur invité n’a pas d’attribution de rôle dans les abonnement(s) Azure du locataire. existingGuestAccounts = Comptes d'utilisateurs invités existants existingGuestAccountsComment = Examinez et validez la liste fournie des comptes d’utilisateurs invités. Supprimez les comptes d’utilisateurs invités selon les procédures et les politiques ministérielles, au besoin.