ASD's Blueprint for Secure Cloud

User settings

This page describes the configuration of user settings within Microsoft Entra ID associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

Estimated reading time: 2 minutes

Default user role permissions

ItemValue
User can register applicationNo
Restrict non-admin users from creating tenantsYes
Users can create security groupsNo

Guest user access

ItemValue
Guest user access restrictionsGuest user access is restricted to properties and memberships of their own directory objects (most restrictive)

Administration center

ItemValue
Restrict access to Microsoft Entra admin centreYes

LinkedIn account connections

ItemValue
Allow users to connect their work or school account with LinkedInNo

Show keep user signed in

ItemValue
Show keep user signed inYes

User features

Manage user feature settings

ItemValue
User can use preview features for My AppsNone
Administrators can access My StaffNone

Security & Governance

Design

Configuration

References

Do you have a suggestion on how the above page could be improved? Get in touch! ASD's Blueprint for Secure Cloud is an open source project, and we would love to get your input. Submit an issue on our GitHub, or send us an email at blueprint@asd.gov.au

Acknowledgement of Country icon

Acknowledgement of Country
We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.

Authorised by the Australian Government, Canberra