Ensure that all the external accounts that have write permissions to your Microsoft Azure subscription are monitored for review and audit purposes using the Azure Security Center service.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
As a best practice, external accounts with write privileges should be monitored, audited and eventually removed from your Azure subscription in order to prevent unauthorized access to your cloud resources. By monitoring and reviewing all the external accounts with write permissions using Azure Security Center, you can adhere to security best practices and enforce a strict access policy. This should reduce the risk of a compromised external account being used to gain access to the cloud resources deployed within your subscription. When monitoring of the privileged external accounts is enabled, Security Center service will flag these accounts so you can audit them and choose whether or not to proceed with their removal.
Audit
To determine if the monitoring of privileged external accounts is enabled within Azure Security Center settings, perform the following operations:
Remediation / Resolution
To start monitoring all the external accounts that have write permissions to your Microsoft Azure subscriptions, perform the following operations:
References
- Azure Official Documentation
- Monitor identity and access
- Azure security policies monitored by Security Center
- Working with security policies
- Azure Command Line Interface (CLI) Documentation
- az
- az account get-access-token
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.

You are auditing:
Monitor External Accounts with Write Permissions
Risk level: Medium