Control types for @turbot/azure-activedirectory
- Azure > Active Directory > Application > CMDB
- Azure > Active Directory > Application > Discovery
- Azure > Active Directory > Client Secret > Active
- Azure > Active Directory > Client Secret > Approved
- Azure > Active Directory > Client Secret > CMDB
- Azure > Active Directory > Client Secret > Discovery
- Azure > Active Directory > Custom Domain > Approved
- Azure > Active Directory > Custom Domain > CMDB
- Azure > Active Directory > Custom Domain > Discovery
- Azure > Active Directory > Directory > CMDB
- Azure > Active Directory > Directory > Discovery
- Azure > Active Directory > Group > CMDB
- Azure > Active Directory > Group > Discovery
- Azure > Active Directory > Service Principal > CMDB
- Azure > Active Directory > Service Principal > Discovery
- Azure > Active Directory > User > Approved
- Azure > Active Directory > User > CMDB
- Azure > Active Directory > User > Discovery
- Azure > Turbot > Directory Event Poller
Azure > Active Directory > Application > CMDB
Record and synchronize details for the Azure Active Directory application into the CMDB.
The CMDB control is responsible for populating and updating all the attributes for that resource type in the Turbot CMDB.
Note: If CMDB is set to Skip for a resource, then it will not be added to the CMDB, and no controls that target it will run.
Azure > Active Directory > Application > Discovery
Discover all Azure Active Directory application resources and add them to the CMDB.
The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.
Azure > Active Directory > Client Secret > Active
The Active control determines whether the resource is in active use. When running an automated compliance environment, it's common to end up with a wide range of alarms that are difficult and time consuming to clear. The Active control brings automated, well-defined control to this process.
The Active control checks the status of all defined Active policies for the
resource (Azure > Active Directory > Client Secret > Active > *
) and
raises an alarm. Each Active sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.
See Active for more information.
Azure > Active Directory > Client Secret > Approved
Take an action when an Azure Active Directory client secret is not approved based on Azure > Active Directory > Client Secret > Approved > * policies
.
The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm.
See Approved for more information.
Azure > Active Directory > Client Secret > CMDB
Record and synchronize details for the Azure Active Directory client secret into the CMDB.
The CMDB control is responsible for populating and updating all the attributes for that resource type in the Turbot CMDB.
Note: If CMDB is set to Skip for a resource, then it will not be added to the CMDB, and no controls that target it will run.
This control will automatically re-run every 24 hours because Azure does not currently support real-time events for this resource type.
Azure > Active Directory > Client Secret > Discovery
Discover all Azure Active Directory client secret resources and add them to the CMDB.
The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.
This control will automatically re-run every 24 hours because Azure does not currently support real-time events for this resource type.
Azure > Active Directory > Custom Domain > Approved
The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm.
See Approved for more information.
Azure > Active Directory > Custom Domain > CMDB
Record and synchronize details for the Azure Active Directory custom domain into the CMDB.
The CMDB control is responsible for populating and updating all the attributes for that resource type in the Turbot CMDB.
Note: If CMDB is set to Skip for a resource, then it will not be added to the CMDB, and no controls that target it will run.
This control will automatically re-run every 24 hours because Azure does not currently support real-time events for this resource type.
Azure > Active Directory > Custom Domain > Discovery
Discover all Azure Active Directory custom domain resources and add them to the CMDB.
The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.
This control will automatically re-run every 24 hours because Azure does not currently support real-time events for this resource type.
Azure > Active Directory > Directory > CMDB
Record and synchronize details for the Azure active directory user into the CMDB.
The CMDB control is responsible for populating and updating all the attributes for that resource type in the Turbot CMDB.
Note that if CMDB is set to Skip for a resource, then it will not be added to the CMDB, and no controls that target it will run.
Azure > Active Directory > Directory > Discovery
Discover all Azure active directory resources and add them to the CMDB.
The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.
Azure > Active Directory > Group > CMDB
Record and synchronize details for the Azure active directory group into the CMDB.
The CMDB control is responsible for populating and updating all the attributes for that resource type in the Turbot CMDB.
Note that if CMDB is set to Skip for a resource, then it will not be added to the CMDB, and no controls that target it will run.
Azure > Active Directory > Group > Discovery
Discover all Azure active directory group resources and add them to the CMDB.
The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.
Azure > Active Directory > Service Principal > CMDB
Record and synchronize details for the Azure Active Directory service principal into the CMDB.
The CMDB control is responsible for populating and updating all the attributes for that resource type in the Turbot CMDB.
Note: If CMDB is set to Skip for a resource, then it will not be added to the CMDB, and no controls that target it will run.
Azure > Active Directory > Service Principal > Discovery
Discover all Azure Active Directory service principal resources and add them to the CMDB.
The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.
Azure > Active Directory > User > Approved
Take an action when a Azure active directory user is not approved based on Azure > Active Directory > User > Approved > * policies
.
The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.
See Approved for more information.
Azure > Active Directory > User > CMDB
Record and synchronize details for the Azure active directory user into the CMDB.
The CMDB control is responsible for populating and updating all the attributes for that resource type in the Turbot CMDB.
Note that if CMDB is set to Skip for a resource, then it will not be added to the CMDB, and no controls that target it will run.
Azure > Active Directory > User > Discovery
Discover all Azure active directory user resources and add them to the CMDB.
The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.
Azure > Turbot > Directory Event Poller
The Turbot Azure Directory Poller control will query the Activity Log for relevant events on a schedule, and forward them to the router for processing.