| Source | Azure Portal | ||||||
| Display name | Microsoft Managed Control 1300 - User Identification And Authentication | ||||||
| Id | 99deec7d-5526-472e-b07c-3645a792026a | ||||||
| Version | 1.0.1 Details on versioning |
||||||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||||||
| Category | Regulatory Compliance Microsoft Learn |
||||||
| Description | Microsoft implements this Identification and Authentication control | ||||||
| Additional metadata |
Name/Id: ACF1300 / Microsoft Managed Control 1300 Category: Identification and Authentication Title: User Identification And Authentication Ownership: Customer, Microsoft Description: The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users). Requirements: Azure uniquely identifies and authenticates users via Active Directory (AD) and smart cards. AD associates users to IDs and GUIDs and prevents the creation of a duplicate account. A user's account within each Azure domain maps his or her Microsoft corporate network (CorpNet) identifier, known as an alias, to the Azure domain for identification and authentication. Azure utilizes the Global Management Environment (GME) and Azure Management Environment (AME) domains for access to the Azure environment. Each domain is specific to the environment. As an example, John Doe's alias is jdoe, with accounts jdoe@redmond.gbl for access to CorpNet and jdoe@ame.gbl for access to Azure Commercial. Jumpboxes, Debug servers, Network Hop Boxes, and the SSL VPN are the approved mechanisms by which to gain access to Azure assets via internal network connectivity from CorpNet. A user authenticates to the Jumpbox, Debug server, Network Hop Box, or the SSL VPN with his or her smart card and PIN, then authenticates to the destination asset, with an approved JIT request necessary for elevated access. |
||||||
| Mode | Indexed | ||||||
| Type | Static | ||||||
| Preview | False | ||||||
| Deprecated | False | ||||||
| Effect | Fixed audit |
||||||
| RBAC role(s) | none | ||||||
| Rule aliases | none | ||||||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||||||
| Compliance | Not a Compliance control | ||||||
| Initiatives usage | none | ||||||
| History |
|
||||||
| JSON compare |
compare mode:
version left:
version right:
|
||||||
| JSON |
|