Control: Guest accounts with read permissions on Azure resources should be removed
Description
External accounts with read privileges should be removed from your subscription in order to prevent unmonitored access.
Usage
Run the control in your terminal:
powerpipe control run azure_compliance.control.iam_external_user_with_read_permission
Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_compliance.control.iam_external_user_with_read_permission --share
SQL
This control uses a named query:
iam_external_user_with_read_permission