ASD's Blueprint for Secure Cloud

Policies

This page describes the configuration of policies for conditional access within Microsoft Entra ID associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

Estimated reading time: 1 minute


BLOCK - Countries Not Allowed

This page describes the configuration of policies for conditional access within Microsoft Entra ID associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

BLOCK - Guest Access

This page describes the configuration of policies for conditional access within Microsoft Entra ID associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

BLOCK - High Risk Sign-Ins

This page describes the configuration of policies for conditional access within Microsoft Entra ID associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

BLOCK - Legacy Authentication

This page describes the configuration of policies for conditional access within Microsoft Entra ID associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

BLOCK - Unapproved Devices

This page describes the configuration of policies for conditional access within Microsoft Entra ID associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

BLOCK - Untrusted IPs

This page describes the configuration of policies for conditional access within Microsoft Entra ID associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

GRANT - Enforced MFA methods

This page describes the configuration of policies for conditional access within Microsoft Entra ID associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

GRANT - Guest Access

This page describes the configuration of policies for conditional access within Microsoft Entra ID associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

GRANT - Intune Enrolment

This page describes the configuration of policies for conditional access within Microsoft Entra ID associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

GRANT - iOS Device Access

This page describes the configuration of policies for conditional access within Microsoft Entra ID associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

GRANT - MFA registration

This page describes the configuration of policies for conditional access within Microsoft Entra ID associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

GRANT - Protected Location Access

This page describes the configuration of policies for conditional access within Microsoft Entra ID associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

GRANT - Require MFA for Risky Sign-ins

This page describes the configuration of policies for conditional access within Microsoft Entra ID associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

GRANT - Require password change for high-risk users

This page describes the configuration of policies for conditional access within Microsoft Entra ID associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

GRANT - Require phishing-resistant MFA for admins

This page describes the configuration of policies for conditional access within Microsoft Entra ID associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

GRANT - Terms of use

This page describes the configuration of policies for conditional access within Microsoft Entra ID associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

GRANT - Windows Device Access

This page describes the configuration of policies for conditional access within Microsoft Entra ID associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

SESSION - Admin Sign-in Frequency

This page describes the configuration of policies for conditional access within Microsoft Entra ID associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

SESSION - User Sign-in Frequency

This page describes the configuration of policies for conditional access within Microsoft Entra ID associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

Do you have a suggestion on how the above page could be improved? Get in touch! ASD's Blueprint for Secure Cloud is an open source project, and we would love to get your input. Submit an issue on our GitHub, or send us an email at blueprint@asd.gov.au

Acknowledgement of Country icon

Acknowledgement of Country
We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.

Authorised by the Australian Government, Canberra