| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1033 - Separation Of Duties | ||
| Id | 48540f01-fc11-411a-b160-42807c68896e | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Access Control control | ||
| Additional metadata |
Name/Id: ACF1033 / Microsoft Managed Control 1033 Category: Access Control Title: Separation of Duties - Role Definition Ownership: Customer, Microsoft Description: The organization: Defines information system access authorizations to support separation of duties. Requirements: Azure enforces separation of duties within the environment through role-based security groups defined in AD, through JIT access, and through emergency access account alerting. Each user is a member of a certain security group or set of security groups that enforces access to the system based on the appropriate roles associated with that security group. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|