Skip to content

Azure Assessment Checklist

Manual Checks

Automated Checks:

  • CIS Benchmarks for configuring resources securely, i.e,
    • Public Storage Containers
    • Overly permissive Network Security Group rules
    • Lack of secret vault use and hardcoded secrets
  • IAM Misconfigurations
    • Check nested business groups


Useful URLs

  • (Azure)
  • (Entra ID formerly Azure AD)
  • (SharePoint Sites)
  • (Office365)
  • (Microsoft Teams)

Enumerate your permissions (The Lazy way)

  1. Checking logged in User's self permissions

    You can ask the relevant user to Log into the Azure portal -> Click on the User logo on the top right corner of the screen -> select the elipsis (...) -> select "My permissions". enter image description here This will list all the permissions that user has in the Azure portal.

  2. Checking Access Control (IAM) in the resource or resource group / subscription level.

    see : enter image description here

  3. Entra ID -> check your groups, check active assignments from the side blade