question

simon-magrin avatar image
0 Votes"
simon-magrin asked tbgangav-MSFT edited

Mapping Microsoft Defender policies to their associated Managed Identities

Hi,

Re: Microsoft Defender for Cloud,

When adding particular regulatory polices to a subscription, a Managed Identity is required and assigned to the targeted subscription.

The problem is, these Managed Identities that're created have obscure names, making it difficult to associate to anything. Concerning is these obscurely named Managed Identities are assigned Contributor access to the subscription.

Moreover, their properties within Enterprise applications such as their description cannot be edited to provide some meaningful internal description when trying to associate their purpose.

This can become difficult to manage once several of these policies/regulatory standards are applied to the subscription, requiring randomly named Managed Identities.

Is there any tips or advice to map/trace Managed Identities to their associated policies? Thanks

[1]: /answers/storage/attachments/191568-mdfc-mi.png

[2]: /answers/storage/attachments/191569-2022-04-10-21-42-03-settings-microsoft-azure.png

azure-security-center
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @simon-magrin,

Thanks for your question! Apart from naming conventions and querying by PrincipalID I am not certain what the recommended approach for this is, so I have reached out to the product team to ask for the best practices and will get back with my findings.


1 Vote 1 ·
simon-magrin avatar image simon-magrin MarileeTurscak-MSFT ·

Hi @MarileeTurscak-MSFT for your reply and looking forward to any further updates.

There's some small snippet of info that this Managed Identity belongs to a Policy but there's no direct/clear mapping that I was hoping for:

192584-2022-04-13-17-38-54-clipboard.png


0 Votes 0 ·

0 Answers