MFA for Azure roles

1. Bakgrunn

Dette er den første CA regeln som blev laget langt før MFA-prosjektet.

2. Fremgangsmåte

2.1 Directory Roles

Application administrator
Billing administrator
Conditional access administrator
Exchange administrator
Global administrator
Groups administrator
Helpdesk administrator
Intune administrator
License administrator
Privileged role administrator
Reports reader
Security administrator
Security reader
Service support administrator
SharePoint administrator
Teams administrator
User administrator
 

2.2 Conditional Access policy

MFA for Azure roles

  • Assignments
    • Users or workload identities
      • Included
        • Se directory roles over
    • Cloud apps or actions
      • None
    • Conditions
      • Client apps 
        • Browser
        • Mobile apps and desktop clients
  • Access controls
    • Grant
      • Grant Access - Require MFA
    • Session
      • Default (90 days)

 

Publisert 31. mars 2022 11:03 - Sist endret 31. mars 2022 11:03