turbot/microsoft365_compliance

Query: azuread_third_party_application_not_allowed

Usage

powerpipe query microsoft365_compliance.query.azuread_third_party_application_not_allowed

SQL

select
tenant_id || '/' || id as resource,
case
when not (default_user_role_permissions -> 'allowedToCreateApps')::bool then 'ok'
else 'alarm'
end as status,
case
when not (default_user_role_permissions -> 'allowedToCreateApps')::bool then tenant_id || ' has third party integrated applications not allowed.'
else tenant_id || ' has third party integrated applications allowed.'
end as reason
, tenant_id as tenant_id
from
azuread_authorization_policy;

Controls

The query is being used by the following controls: