AzPolicyAdvertizer

last sync: 2024-Sep-18 17:50:24 UTC

[Preview]: Managed Identity Federated Credentials should be from allowed issuer types

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

[Preview]: Managed Identity Federated Credentials should be from allowed issuer types

2571b7c3-3056-4a61-b00a-9bc5232234f5

Version

1.0.0-preview
Details on versioning

Versioning

Versions supported for Versioning: 1
1.0.0-preview
Built-in Versioning [Preview]

Category

Managed Identity
Microsoft Learn

Description

This policy limits whether Managed Identities can use federated credentials, which common issuer types are allowed, and provides a list of allowed issuer exceptions.

Mode

All

Type

BuiltIn

Preview

True

Deprecated

False

Effect

Default
Audit
Allowed
Audit, Disabled, Deny

RBAC role(s)

none

Rule aliases

IF (1)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/issuer	Microsoft.ManagedIdentity	userAssignedIdentities/federatedIdentityCredentials	properties.issuer	True		False

Rule resource types

IF (1)
Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials

Compliance

Not a Compliance control

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type
[Preview]: Managed Identity Federated Credentials should be of approved types from approved federation sources	5e4ee281-95a3-442a-bb2a-5ef68cf5181a	Managed Identity	Preview	BuiltIn

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2023-04-06 17:42:16	add	2571b7c3-3056-4a61-b00a-9bc5232234f5

JSON compare

n/a

JSON

api-version=2021-06-01
EPAC