Skip to main content

πŸ’Ό 6.2.3 Ensure that an exclusionary device code flow policy is considered (Manual)

  • Contextual name: πŸ’Ό 6.2.3 Ensure that an exclusionary device code flow policy is considered (Manual)
  • ID: /frameworks/cis-azure-v4.0.0/06/02/03
  • Located in: πŸ’Ό 6.2 Conditional Access

Description​

Conditional Access Policies can be used to prevent the Device code authentication flow. Device code flow should be permitted only for users that regularly perform duties that explicitly require the use of Device Code to authenticate, such as utilizing Azure with PowerShell.

Similar​

  • Sections
    • /frameworks/cis-azure-v3.0.0/02/02/03

Similar Sections (Take Policies From)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό CIS Azure v3.0.0 β†’ πŸ’Ό 2.2.3 Ensure that an exclusionary Device code flow policy is considered (Manual)1

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό CIS Azure v3.0.0 β†’ πŸ’Ό 2.2.3 Ensure that an exclusionary Device code flow policy is considered (Manual)1

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags

Policies (1)​

PolicyLogic CountFlags
πŸ“ Microsoft Entra ID Device Code Authentication Flow is not restricted 🟒🟒 x3