ben.carrasco/prowler
1
0
Fork 0
mirror of https://github.com/prowler-cloud/prowler.git synced 2026-04-15 00:57:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(docs): update Azure and M365 docs with needed permissions (#8075)

Browse Source
This commit is contained in:
Daniel Barranquero
2025-06-23 10:12:11 +02:00
committed by GitHub
parent 223aab8ece
commit eb5dbab86e
9 changed files with 67 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
docs/tutorials/azure/getting-started-azure.md
View File

@@ -90,11 +90,14 @@ A Service Principal is required to grant Prowler the necessary privileges.
Assign the following Microsoft Graph permissions:
- Domain.Read.All
- Directory.Read.All
- Policy.Read.All
- Policy.Read.All
- UserAuthenticationMethod.Read.All (optional, for MFA checks)
- UserAuthenticationMethod.Read.All (optional, for MFA checks)
???+ note
You can replace `Directory.Read.All` with `Domain.Read.All` that is a more restrictive permission but you won't be able to run the Entra checks related with DirectoryRoles and GetUsers.
1. Go to your App Registration > `API permissions`
@@ -107,7 +110,7 @@ Assign the following Microsoft Graph permissions:
3. Search and select:
- `Domain.Read.All`
- `Directory.Read.All`
- `Policy.Read.All`
- `UserAuthenticationMethod.Read.All`

BIN
docs/tutorials/azure/img/domain-permission.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 160 KiB

After

Width:  |  Height:  |  Size: 62 KiB