How Can I Set Up Alerts for Azure Access Management Changes?

0
8
Asked By CuriousCat92 On

Hey everyone, I'm looking for advice on how to set up alerts whenever someone uses the "Access management for Azure Resources" feature, especially when the slider for granting permissions to manage access across all Azure subscriptions is flipped. I understand this option can let users bypass existing Privileged Identity Management (PIM) policies, making it a sort of emergency access method, but I want to ensure it triggers an email notification when changes are made.

3 Answers

Answered By TechGuru44 On

It's good that you want to monitor that! From my experience, every time that slider is flipped, Azure logs a 'Microsoft.Authorization/roleAssignments/write' event. You can route the Activity Log to Log Analytics and set up an Azure Monitor alert for this specific operation. This way, you'll get notified via email or SMS when anyone uses that feature. If setting up this kind of alert feels too complex, you might want to reconsider if you really need that emergency access method at all.

Answered By NetworkNerd29 On

Honestly, giving out GA access is risky business. I get you're looking to monitor things now, but once you drop that key, keeping an eye on usage is a must. Just make sure you have the right alerts set up from the start!

Answered By CloudWhisperer88 On

I see your concern about monitoring. Just a heads-up, while you want to keep track of those actions, always remember that the Global Administrator role is powerful, and giving someone that access means a lot. It's fair to want an alert on such critical actions, though. PIM and RBAC policies are there to prevent misuse, so keeping tabs on when those are bypassed is definitely justified!

Related Questions

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.