Control: Ensure that account 'Lockout threshold' is less than or equal to '10'
Description
The account lockout threshold determines how many failed login attempts are permitted prior to placing the account in a locked-out state and initiating a variable lockout duration.
Usage
Run the control in your terminal:
powerpipe control run azure_compliance.control.ad_account_lockout_threshold_max_10Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_compliance.control.ad_account_lockout_threshold_max_10 --shareSQL
This control uses a named query:
with distinct_tenant as ( select distinct tenant_id, display_name, subscription_id, _ctx from azure_tenant)select id as resource, case when (value)::int <= 10 then 'ok' else 'alarm' end as status, case when value is null then t.display_name || ' lockout threshold not configured.' else t.display_name || ' lockout threshold set to ' || value || '.' end as reason, t.tenant_id from distinct_tenant as t, azuread_directory_settingwhere name = 'LockoutThreshold';