Access management

Controlling access to Microsoft workloads involves implementing proper authentication, authorization, and auditing mechanisms that integrate with both Microsoft and AWS identity services. This focus area addresses how to establish centralized identity management, implement least privilege principles, and maintain comprehensive access monitoring across your Microsoft environment.

MSFTSEC02: How do you manage and regulate user access to your Microsoft workload environment?

To control access to your Microsoft workload, utilize the authentication and authorization tools provided by AWS, Microsoft, and trusted third-party vendors. Implement a least-privilege approach, verifying that users and systems have only the permissions necessary for their roles.

Best practices

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

MSFTSEC01-BP03 Develop a comprehensive software update strategy

MSFTSEC02-BP01 Align your Microsoft workload access with organizational identity strategy