I'm looking for advice on how to effectively manage unused enterprise applications in Azure. I've already restricted admin consent, but I'm wondering what the best way is to identify and remove applications that are no longer in use, apart from manually going through them all. Any tips or tools that could help streamline this process would be greatly appreciated!
4 Answers
You might want to pull some logs, but honestly, I found them to be kind of unreliable, so I had to double-check things anyway. A good approach is to make a list of the apps, disable them, and remove all users from those apps. Then give it a month; if no one complains or needs access to one you disabled, you can safely let it go. Setting a calendar reminder to tackle a few each day can make it feel less overwhelming.
There’s a specific report you can run that shows which applications grant the most access. I recommend starting there to target the highly permissive apps first, and you can probably skip the ones that are used for SSO to third-party services.
Consider labeling all the resources and tracking ownership. It should be the owner's responsibility to justify their app's existence. If they fail to do so within a specified time frame, say six months, it should be deleted. Also, automating the process to check for new enterprise apps and their assigned owners can help avoid clutter down the line. The initial task will be to identify and classify the existing applications—some you can ignore, and some you should track closely.
Oh, that report mention sounds intriguing! Any idea what it’s called?
Related Questions
How to Build a Custom GPT Journalist That Posts Directly to WordPress
Fix Not Being Able To Add New Categories With Intuitive Category Checklist For Wordpress
Get Real User IP Without Installing Cloudflare Apache Module
How to Get Total Line Count In Visual Studio 2013 Without Addons
Install and Configure PhpMyAdmin on Centos 7
How To Setup PostfixAdmin With Dovecot and Postfix Virtual Mailbox