Change tracking for Conditional Access Policies
Support some kind of change tracking or auditing in regards to changes made for Conditional Access Policies?
Peter Selch Dahl
shared this idea
10 comments
-
KjetilEVRY
commented
I think something is coming soon. Until then, you could use Azure Monitor and create alerts by using this query:
AuditLogs | where OperationName contains "Policy"Not optimal, but better than nothing
-
Anonymous
commented
This has to be done asap, how can this be justified not being done already?
-
Naveen B N
commented
This feature is really required for security governance purpose, hope fully we can find the way for achieving this.
-
David Hughes
commented
I'm trying to set-up a Conditional Access Alert for this and cannot find anything in there that would help with notification of changes etc. to CAP's.
As part of our security we need to track what was modified, by whom, and to what effect the modification was, i.e. if someone was added / removed to / from an exclude list. If the CAP itself was altered.
Does anyone know when we'll be able to log them? -
Christopher Parker
commented
I'ma be honest, folks, the fact that this is still sitting on user voice "planned" after two years is deeply, deeply disturbing.
-
Torsten Egebirk
commented
It's crusial for orgs to able able to track changes in CA's
-
Minh Trieu
commented
Considering that this is a security tool, its really important that we have audit logs for this product.
-
Danny
commented
I can see the status is now planned! As soon as you can please :)
-
Max
commented
+1 on this one - Audit logs for conditional access should be a priority considering the impact conditional access can have.
-
Adam Dickinson
commented
Absolutely - given CA is a security component in Azure, I would say being able to audit who changed WHAT from WHERE would be a given for being recorded.
Yet beyond who and when, I can see no detail to prove what settings were changed which could impact the ability of CA to protect identity/data.