turbot/azure_compliance

Control: Guest accounts with read permissions on Azure resources should be removed

Description

External accounts with read privileges should be removed from your subscription in order to prevent unmonitored access.

Usage

Run the control in your terminal:

powerpipe control run azure_compliance.control.iam_external_user_with_read_permission

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run azure_compliance.control.iam_external_user_with_read_permission --share

SQL

This control uses a named query:

iam_external_user_with_read_permission

Tags