Mapping Microsoft Defender policies to their associated Managed Identities

Simon Magrin 6 Reputation points
2022-04-10T12:08:12.637+00:00

Hi,

Re: Microsoft Defender for Cloud,

When adding particular regulatory polices to a subscription, a Managed Identity is required and assigned to the targeted subscription.

The problem is, these Managed Identities that're created have obscure names, making it difficult to associate to anything. Concerning is these obscurely named Managed Identities are assigned Contributor access to the subscription.

Moreover, their properties within Enterprise applications such as their description cannot be edited to provide some meaningful internal description when trying to associate their purpose.

This can become difficult to manage once several of these policies/regulatory standards are applied to the subscription, requiring randomly named Managed Identities.

Is there any tips or advice to map/trace Managed Identities to their associated policies? Thanks

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,240 questions
{count} votes