azuread_account_provisioning_activity_report_reviewedazuread_admin_consent_workflow_enabledazuread_admin_user_mfa_enabledazuread_administrative_account_on_premises_sync_disabledazuread_all_user_mfa_enabledazuread_audit_log_search_enabledazuread_authentication_method_microsoft_authenticator_mfa_fatigue_protectionazuread_authentication_method_restrict_insecure_methodsazuread_authorization_policy_accessing_company_data_not_allowedazuread_conditional_access_block_device_code_flowazuread_conditional_access_block_signin_risk_medium_highazuread_conditional_access_require_managed_device_for_authenticationazuread_conditional_access_require_managed_device_register_security_infoazuread_conditional_access_signin_frequency_intune_every_timeazuread_dynamic_group_for_guest_userazuread_global_admin_range_restrictedazuread_group_not_publicazuread_guest_user_access_reviews_configuredazuread_guest_user_infoazuread_legacy_authentication_disabledazuread_microsoft_azure_management_limited_to_administrative_rolesazuread_password_protection_enabledazuread_privileged_roles_access_reviews_configuredazuread_risky_sign_ins_reportazuread_security_default_disabledazuread_signin_frequency_policyazuread_signin_risk_policyazuread_third_party_application_not_allowedazuread_user_password_not_set_to_expireazuread_user_risk_policyazuread_user_sspr_enabledmicrosoft365_calendar_sharing_disabledmicrosoft365_sharepoint_external_content_sharing_restrictedmicrosoft365_sharepoint_external_sharing_managed_by_domain_whitelist_or_blacklistmicrosoft365_sharepoint_resharing_by_external_users_disabledmicrosoft_user_mfa_capable
Queries in Microsoft 365 Compliance
The Microsoft 365 Compliance mod includes 36 queries:
- azuread_account_provisioning_activity_report_reviewed
- azuread_admin_consent_workflow_enabled
- azuread_admin_user_mfa_enabled
- azuread_administrative_account_on_premises_sync_disabled
- azuread_all_user_mfa_enabled
- azuread_audit_log_search_enabled
- azuread_authentication_method_microsoft_authenticator_mfa_fatigue_protection
- azuread_authentication_method_restrict_insecure_methods
- azuread_authorization_policy_accessing_company_data_not_allowed
- azuread_conditional_access_block_device_code_flow
- azuread_conditional_access_block_signin_risk_medium_high
- azuread_conditional_access_require_managed_device_for_authentication
- azuread_conditional_access_require_managed_device_register_security_info
- azuread_conditional_access_signin_frequency_intune_every_time
- azuread_dynamic_group_for_guest_user
- azuread_global_admin_range_restricted
- azuread_group_not_public
- azuread_guest_user_access_reviews_configured
- azuread_guest_user_info
- azuread_legacy_authentication_disabled
- azuread_microsoft_azure_management_limited_to_administrative_roles
- azuread_password_protection_enabled
- azuread_privileged_roles_access_reviews_configured
- azuread_risky_sign_ins_report
- azuread_security_default_disabled
- azuread_signin_frequency_policy
- azuread_signin_risk_policy
- azuread_third_party_application_not_allowed
- azuread_user_password_not_set_to_expire
- azuread_user_risk_policy
- azuread_user_sspr_enabled
- microsoft365_calendar_sharing_disabled
- microsoft365_sharepoint_external_content_sharing_restricted
- microsoft365_sharepoint_external_sharing_managed_by_domain_whitelist_or_blacklist
- microsoft365_sharepoint_resharing_by_external_users_disabled
- microsoft_user_mfa_capable