Entra Identity Governance¶
Success Criteria for Entra Identity Governance
Scenario / Phase | Task / Features | Success Criteria |
---|---|---|
Employee Lifecycle Automation | HR Provisioning | Configure or Demo Workday or SuccessFactors or API Driven provisioning with Basic mapping |
SaaS Apps provisioning Sample | Optional- Setup provisioning for 1 SaaS app with basic mapping | |
Lifecycle Workflows | At least one workflow per J/M/L scenario | |
Assign Employee Access to resources | Entitlement Management | At least one basic Access Package |
Entitlement Management | Create one Auto-assignment Policy | |
EM + Custom Extensions | Describe (or Demo) the use case and create an empty logic app | |
Access Recertification | Create at least one access review (Weekly , follow up after results) | |
Govern Guest and partner access to resources | Onboarding and Discovery | Navigate the Guests report and IGA dashboard |
Auto-assignment | Create an Access Package for guests, add an aut-assignment policy | |
EM + Custom Extensions | Describe (or Demo) the use case and create an empty logic app | |
Convert existing guests to Governed | Take a guest user , and assign it to an Access Package | |
Access Recertification | Create at least one access review (Weekly , follow up after results) | |
Govern Privileged Identities and their access | Discovery and insights | Navigate through PIM portal Discovery |
Microsoft Entra ID Roles | Setup and test PIM for at least one Entra ID Roles | |
Azure Roles | Setup and test PIM for at least one Azure role | |
PIM for Groups | Discover Groups to be used with PIM , Configure and test at least one group | |
Access Reviews + PIM | Create at least one access review (Weekly , follow up after results) | |
PIM + CA | Setup and PIM authentication Context and add one CA policy for PIM , Test result |
Next Steps:
- Compile a comprehensive report on POC results.
- Recommendations for full-scale implementation based on POC findings.
- Outline a timeline and resource plan for deployment.
- 1. Employee Lifecycle Automation
- 2. Assign Employee Access to Resources
- 3. Govern Guest and Partner Access
- 4. Govern Privileged Identities and Their Access
Govern Privileged Identities¶
Download Deck: Govern Privileged Identities and Their Access
- Intro - What is Privilege Identity Management? (slides 16-24)
- Discovery and Insights (slides 25-27)
- PIM for Entra ID Roles (slides 28-29)
- PIM for Azure roles (slides 30-32)
- PIM for Groups (slides 33-37)
- Access Reviews for PIM (slides 38-41)
- PIM + CA integration (slides 42-46)