Azure user has a large permissions gap

Set up the azure integration.

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

To mitigate the impact of credential exposure or compromise, role assignments should be scoped down to the least level of privilege needed to perform their responsibilities. This rule identifies when a user is assigned a role that has permissions that are more broad than what is regularly used. Datadog considers a permissions gap to be large when the number of unused permissions is greater than 40% of the total permissions count.

Rationale

By comparing what actions a user has performed in the last 15 days with what their roles permit, we can identify a permissions gap. This gap should be removed to mitigate the impact of a potential compromise.

Remediation

Datadog recommends reducing the permissions assigned to user to the minimum necessary for them to fulfill their duties. Azure activity logs provide a comprehensive view of user actions.