| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1041 - Least Privilege | Privilege Levels For Code Execution | ||
| Id | b3d8d15b-627a-4219-8c96-4d16f788888b | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Access Control control | ||
| Additional metadata |
Name/Id: ACF1041 / Microsoft Managed Control 1041 Category: Access Control Title: Least Privilege | Privilege Levels For Code Execution Ownership: Customer, Microsoft Description: The information system prevents any software except software explicitly documented from executing at higher privilege levels than users executing the software. Requirements: Software execution at a higher privilege level than users executing the software is not possible for servers and network devices. Azure only permits administrator access to server who by default have code execution privileges. These users have full access to the system, preventing users being indirectly provided greater privileges than assigned by Microsoft. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|