Control: Azure > CIS v2.0 > 01 - Identity and Access Management > 1.13 Ensure that 'Users can add gallery apps to My Apps' is set to 'No'
Configures auditing against a CIS Benchmark item.
Level: 1
Require administrators to provide consent for the apps before use.
Unless Azure Active Directory is running as an identity provider for third-party applications, do not allow users to use their identity outside of your cloud environment. User profiles contain private information such as phone numbers and email addresses which could then be sold off to other third parties without requiring any further consent from the user.
Resource Types
This control targets the following resource types:
Primary Policies
The following policies can be used to configure this control:
- 1.13 Ensure that 'Users can add gallery apps to My Apps' is set to 'No'
- 1.13 Ensure that 'Users can add gallery apps to My Apps' is set to 'No' > Attestation
Category
In Your Workspace
Developers
- tmod:@turbot/azure-cisv2-0#/control/types/r0113
- tmod:@turbot/cis#/control/categories/v070206
- turbot graphql controls --filter "controlTypeId:tmod:@turbot/azure-cisv2-0#/control/types/r0113"
Get Controls
Control Type URI
Category URI
GraphQL
CLI