Share via

How to stop an Access review instance? We tried to stop, but the option was greyed out. Moreover why not we have a bin to recover the deleted access review at the tenant level and also at the Microsoft side.

Naseem Sulthana Shaik 0 Reputation points
2023-09-26T06:12:23.74+00:00

I have set up a Azure Access review in our tenant for guest account cleanup activity. But then when I realize I wanted to stop the Access review because all the guest accounts are being deactivated slowly. I could not stop the instance which was in "Applying" state. So I deleted the Access review series. But still the guest accounts continue to deactivate. I guess the action got applied to all the guest users and it will continue to deactivate the guest accounts though we deleted the access review policy. At the moment we are manually monitoring the deactivated list, reactivating them every one hour. Ideally Microsoft should have a control from their end to either restore the access review or stop or reset the instance.

Microsoft Security | Microsoft Entra | Microsoft Entra ID
Microsoft Security | Microsoft Entra | Other

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Akhilesh Vallamkonda 15,320 Reputation points Microsoft External Staff Moderator
    2023-09-28T09:31:21.72+00:00

    Hi @Naseem Sulthana Shaik

    Thank you for reaching out.

    I understand that your concerns regarding Guest account cleanup activity using Microsoft access review, Stop an Access review instance and the option for recovery for the deleted access review.

    In the guest account cleanup activity yes, you are correct, the created access review series action is got applied. If the access review is already completed or stopped, you won’t be able to restart.

    Reference: https://learn.microsoft.com/en-us/graph/api/accessreviewinstance-stop?view=graph-rest-1.0&tabs=http
    https://learn.microsoft.com/en-us/azure/active-directory/governance/complete-access-review

    In the process to stop the access review the STOP button is greyed out it could be because of the access review is already completed or the access review has already been stopped.

    The option to recover the deleted access review is currently not available in the Microsoft Entra ID. because delete access review is type of hard delete.

    Reference: https://learn.microsoft.com/en-us/azure/active-directory/architecture/recover-from-deletions#audit-log
    How ever you can share your feedback on recovery of access review via https://feedback.azure.com/d365community/forum/22920db1-ad25-ec11-b6e6-000d3a4f0789 which is closely monitored by our product team.

    Let me know if you have any further questions feel free to post back.

    Thanks
    Akhilesh.

    1 person found this answer helpful.
    0 comments
  2. Naseem Sulthana Shaik 0 Reputation points
    2023-10-02T08:10:40.36+00:00

    Thanks Akhilesh. I have posted my feedback over the provided link.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.