Control types for @turbot/azure-activedirectory
- Azure > Active Directory > Application > CMDB
- Azure > Active Directory > Application > Discovery
- Azure > Active Directory > Client Secret > Active
- Azure > Active Directory > Client Secret > Approved
- Azure > Active Directory > Client Secret > CMDB
- Azure > Active Directory > Client Secret > Discovery
- Azure > Active Directory > Custom Domain > Approved
- Azure > Active Directory > Custom Domain > CMDB
- Azure > Active Directory > Custom Domain > Discovery
- Azure > Active Directory > Directory > CMDB
- Azure > Active Directory > Directory > Discovery
- Azure > Active Directory > Group > CMDB
- Azure > Active Directory > Group > Discovery
- Azure > Active Directory > Service Principal > CMDB
- Azure > Active Directory > Service Principal > Discovery
- Azure > Active Directory > User > Approved
- Azure > Active Directory > User > CMDB
- Azure > Active Directory > User > Discovery
- Azure > Turbot > Directory Event Poller
Azure > Active Directory > Application > CMDB
Record and synchronize details for the Azure Active Directory application into the CMDB.
The CMDB control is
responsible for populating and updating all the attributes for that
resource type in the Turbot CMDB.
Note: If CMDB is set to Skip for a resource, then it will not be added
to the CMDB, and no controls that target it will run.
tmod:@turbot/azure-activedirectory#/control/types/applicationCmdb
Azure > Active Directory > Application > Discovery
Discover all Azure Active Directory application resources and add them to the CMDB.
The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.
tmod:@turbot/azure-activedirectory#/control/types/applicationDiscovery
Azure > Active Directory > Client Secret > Active
The Active control determines whether the resource is in active use. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.
The Active control checks the status of all defined Active policies for the
resource (`Azure > Active Directory > Client Secret > Active > *`) and
raises an alarm. Each Active sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.
See [Active](https://turbot.com/v5/docs/concepts/guardrails/active) for more information.
tmod:@turbot/azure-activedirectory#/control/types/clientSecretActive
Azure > Active Directory > Client Secret > Approved
Take an action when an Azure Active Directory client secret is not approved based on Azure > Active Directory > Client Secret > Approved > * policies
.
The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm.
See Approved for more information.
tmod:@turbot/azure-activedirectory#/control/types/clientSecretApproved
Azure > Active Directory > Client Secret > CMDB
Record and synchronize details for the Azure Active Directory client secret into the CMDB.
The CMDB control is
responsible for populating and updating all the attributes for that
resource type in the Turbot CMDB.
Note: If CMDB is set to Skip for a resource, then it will not be added
to the CMDB, and no controls that target it will run.
This control will automatically re-run every 24 hours because Azure does not currently support real-time events for this resource type.
tmod:@turbot/azure-activedirectory#/control/types/clientSecretCmdb
Azure > Active Directory > Client Secret > Discovery
Discover all Azure Active Directory client secret resources and add them to the CMDB.
The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.
This control will automatically re-run every 24 hours because Azure does not currently support real-time events for this resource type.
tmod:@turbot/azure-activedirectory#/control/types/clientSecretDiscovery
Azure > Active Directory > Custom Domain > Approved
The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm.
See [Approved](https://turbot.com/v5/docs/concepts/guardrails/approved) for more information.
tmod:@turbot/azure-activedirectory#/control/types/customDomainApproved
Azure > Active Directory > Custom Domain > CMDB
Record and synchronize details for the Azure Active Directory custom domain into the CMDB.
The CMDB control is
responsible for populating and updating all the attributes for that
resource type in the Turbot CMDB.
Note: If CMDB is set to Skip for a resource, then it will not be added
to the CMDB, and no controls that target it will run.
This control will automatically re-run every 24 hours because Azure does not currently support real-time events for this resource type.
tmod:@turbot/azure-activedirectory#/control/types/customDomainCmdb
Azure > Active Directory > Custom Domain > Discovery
Discover all Azure Active Directory custom domain resources and add them to the CMDB.
The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.
This control will automatically re-run every 24 hours because Azure does not currently support real-time events for this resource type.
tmod:@turbot/azure-activedirectory#/control/types/customDomainDiscovery
Azure > Active Directory > Directory > CMDB
Record and synchronize details for the Azure active directory user into the CMDB.
The CMDB control is
responsible for populating and updating all the attributes for that
resource type in the Turbot CMDB.
Note that if CMDB is set to Skip for a resource, then it will not be added
to the CMDB, and no controls that target it will run.
tmod:@turbot/azure-activedirectory#/control/types/directoryCmdb
Azure > Active Directory > Directory > Discovery
Discover all Azure active directory resources and add them to the CMDB.
The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.
tmod:@turbot/azure-activedirectory#/control/types/directoryDiscovery
Azure > Active Directory > Group > CMDB
Record and synchronize details for the Azure active directory group into the CMDB.
The CMDB control is
responsible for populating and updating all the attributes for that
resource type in the Turbot CMDB.
Note that if CMDB is set to Skip for a resource, then it will not be added
to the CMDB, and no controls that target it will run.
tmod:@turbot/azure-activedirectory#/control/types/groupCmdb
Azure > Active Directory > Group > Discovery
Discover all Azure active directory group resources and add them to the CMDB.
The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.
tmod:@turbot/azure-activedirectory#/control/types/groupDiscovery
Azure > Active Directory > Service Principal > CMDB
Record and synchronize details for the Azure Active Directory service principal into the CMDB.
The CMDB control is
responsible for populating and updating all the attributes for that
resource type in the Turbot CMDB.
Note: If CMDB is set to Skip for a resource, then it will not be added
to the CMDB, and no controls that target it will run.
tmod:@turbot/azure-activedirectory#/control/types/servicePrincipalCmdb
Azure > Active Directory > Service Principal > Discovery
Discover all Azure Active Directory service principal resources and add them to the CMDB.
The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.
tmod:@turbot/azure-activedirectory#/control/types/servicePrincipalDiscovery
Azure > Active Directory > User > Approved
Take an action when an Azure Active Directory user is not approved based on Azure > Active Directory > User > Approved > * policies
.
The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.
For any enforcement actions that specify if new
, e.g., Enforce: Delete unapproved if new
, this control will only take the enforcement actions for resources created within the last 60 minutes.
See Approved for more information.
tmod:@turbot/azure-activedirectory#/control/types/userApproved
Azure > Active Directory > User > CMDB
Record and synchronize details for the Azure active directory user into the CMDB.
The CMDB control is
responsible for populating and updating all the attributes for that
resource type in the Turbot CMDB.
Note that if CMDB is set to Skip for a resource, then it will not be added
to the CMDB, and no controls that target it will run.
tmod:@turbot/azure-activedirectory#/control/types/userCmdb
Azure > Active Directory > User > Discovery
Discover all Azure active directory user resources and add them to the CMDB.
The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.
tmod:@turbot/azure-activedirectory#/control/types/userDiscovery
Azure > Turbot > Directory Event Poller
The Turbot Azure Directory Poller control will query the Activity Log for relevant events on a schedule, and forward them to the router for processing.
tmod:@turbot/azure-activedirectory#/control/types/eventPoller