MEDIUM
Source
CloudSploit
ID
ensure-no-guest-user

Ensure No Guest User

Ensures that there are no guest users in the subscription

Guest users are usually users that are invited from outside the company structure, these users are not part of the onboarding/offboarding process and could be overlooked, causing security vulnerabilities.

Follow the appropriate remediation steps below to resolve the issue.

  1. Log in to the Microsoft Azure Management Console.

  2. Find the search bar at the top and search for Azure Active Directory. Step

  3. Select the “Azure Active Directory” and on the left navigation panel, select the “Users” under “Manage”.Step

  4. In the users list, look for users with “User type” as “Guest”. If there are “Guest” type users then those users are not part of the onboarding/offboarding process and are considered a security vulnerability. Such accounts must be deleted.Step

  5. Select all Users with “User type” as “Guest” and click “Delete User” on the top right.Step

  6. Click OK in the confirmation popup.Step

  7. Repeat step number 3 to 6 for all other directories.