Intelligent Assessment: Natural language Guardrails powered by AI →
Turbot Guardrails Hub 
Hub
Mods
Azure
41
Mods
165
Resource Types
2,377
Policies
1,193
Controls
103
Quick Actions
95
IAM

Policy: Azure > CIS v3.0 > 02 - Identity > 02.11 - Ensure That 'Notify all admins when other admins reset their password?' is set to 'Yes'

Configures auditing against a CIS Benchmark item.

Level: 1

Ensure that all Global Administrators are notified if any other administrator resets their password.

Administrator accounts are sensitive. Any password reset activity notification, when sent to all Administrators, ensures that all Global Administrators can passively confirm if such a reset is a common pattern within their group. For example, if all Administrators change their password every 30 days, any password reset activity before that may require administrator(s) to evaluate any unusual activity and confirm its origin.

Targets

This policy targets the following resource types:

Primary Policy

This policy is used with the following primary policy:

Policy Specification

Schema Type
string
Default
Per Azure > CIS v3.0 > 02 - Identity
Valid Values [YAML]
  • Per Azure > CIS v3.0 > 02 - Identity

  • Skip

  • Check: Benchmark using attestation

Category

In Your Workspace

Developers