steampipe plugin install azuread

Table: azuread_security_defaults_policy - Query Azure AD Security Defaults Policies using SQL

Security Defaults in Azure AD is a set of basic identity security mechanisms recommended by Microsoft. It provides a level of protection to organizations that may not have dedicated security and identity professionals on their IT staff. Security Defaults include requiring all users to register for Azure AD Multi-Factor Authentication, requiring administrators to perform multi-factor authentication, blocking legacy authentication protocols, and more.

Table Usage Guide

The azuread_security_defaults_policy table provides insights into the Security Defaults Policies within Azure Active Directory. As a security analyst, explore policy-specific details through this table, including the status of the policy and if it is enabled or not. Utilize it to monitor and manage your organization's basic identity security settings, ensuring that all users and administrators are adhering to recommended security practices.

Examples

Basic info

Explore which security policies are active within your Azure Active Directory. This can help in assessing your current security settings and identifying areas that might need reinforcement.

select
display_name,
id,
is_enabled
from
azuread_security_defaults_policy;
select
display_name,
id,
is_enabled
from
azuread_security_defaults_policy;

Schema for azuread_security_defaults_policy

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
descriptiontextDescription for this policy.
display_nametextDisplay name for this policy.
idtextIdentifier for this policy.
is_enabledbooleanIf set to true, Azure Active Directory security defaults is enabled for the tenant.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
tenant_idtext=, !=, ~~, ~~*, !~~, !~~*The Azure Tenant ID where the resource is located.
titletextTitle of the resource.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- azuread

You can pass the configuration to the command with the --config argument:

steampipe_export_azuread --config '<your_config>' azuread_security_defaults_policy