turbot/azure_compliance

Query: iam_conditional_access_mfa_enabled

Usage

powerpipe query azure_compliance.query.iam_conditional_access_mfa_enabled

SQL

with distinct_tenant as (
select
distinct tenant_id,
subscription_id,
_ctx
from
azure_tenant
)
select
p.id as resource,
case
when p.built_in_controls @> '["mfa"]' then 'ok'
else 'alarm'
end as status,
case
when p.built_in_controls @> '["mfa"]' then p.display_name || ' MFA enabled.'
else p.display_name || ' MFA disabled.'
end as reason,
t.tenant_id
from
distinct_tenant as t,
azuread_conditional_access_policy as p;

Controls

The query is being used by the following controls: