Skip to content

Latest commit

 

History

History
32 lines (25 loc) · 1.39 KB

README.md

File metadata and controls

32 lines (25 loc) · 1.39 KB

Conditional Access as Code

Introducing Conditional Access as Code. A fully automated solution to kick-start and maintain your Conditional Access deployment. The solution consists of three main components.

Policy repository

A collection of conditional access policies in JSON format which are divided into the following categories:

  • Admin protection
  • Application protection
  • Attack surface reduction
  • Base protection
  • Compliance
  • Data protection

Policy sets

Policy sets are based on the policies in the repository and form complete policy sets depending on company maturity and licensing:

  • Bare minimum
  • Device trust with AADP1
  • Device trust with AADP1 and AADP2
  • Device trust with AADP2
  • Network trust with AADP1
  • Network trust with AADP1 and AADP2
  • Network trust with AADP2
  • Your custom policy set

Automation solution

A script based automation solution to deploy and update policy sets in environments.

Together, these three components enable an extremely fast deployment of conditional access concepts and their long-term maintenance, e.g. in the form of source control.

Get started with the Quick-start wiki

Although I work for Microsoft, this is not an official recommendation, I exclude any liability and warranty. This is only a personal recommendation which has to be implemented with the utmost care and testing.