forked from MicrosoftDocs/entra-docs
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathTOC.yml
416 lines (408 loc) · 19.6 KB
/
TOC.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
- name: Microsoft Entra ID Governance documentation
href: index.yml
- name: Overview
expanded: true
items:
- name: What is Identity Governance?
href: identity-governance-overview.md
- name: Scenarios
expanded: true
items:
- name: What are identity governance use cases?
href: scenarios/identity-governance-use-cases.md
- name: Understanding least privileged
href: scenarios/least-privileged.md
- name: Microsoft Entra ID Governance Deployment Introduction
href: ~/architecture/governance-deployment-intro.md
- name: Govern the employee and guest lifecycle
items:
- name: Govern the employee lifecycle
href: scenarios/govern-the-employee-lifecycle.md
- name: Plan new governance scenarios for business partners and external users
href: scenarios/govern-guest-lifecycle-new-project.md
- name: Microsoft Entra ID Governance deployment guide for employee lifecycle automation
href: ~/architecture/governance-deployment-employee-lifecycle.md
- name: Identity lifecycle management provisioning
href: what-is-provisioning.md
items:
- name: Provision to Microsoft Entra ID
items:
- name: Govern provisioning to Microsoft Entra ID using cloud sync
href: scenarios/provision-active-directory-to-entra-cloud-sync.md
- name: Govern provisioning to Microsoft Entra ID using connect sync
href: scenarios/provision-active-directory-to-entra-connect-sync.md
- name: Govern HR provisioning to Microsoft Entra ID
href: scenarios/provision-workday-to-entra.md
- name: Govern provisioning to Microsoft Entra ID using MIM
href: scenarios/provision-microsoft-identity-manager-to-entra.md
- name: Provision to Active Directory
items:
- name: Govern on-premises Active Directory based apps (Kerberos) using Microsoft Entra ID Governance
href: scenarios/provision-entra-to-active-directory-groups.md
- name: Govern provisioning to AD using Workday
href: scenarios/provision-workday-to-active-directory.md
- name: Govern provisioning to AD using MIM
href: scenarios/provision-microsoft-identity-manager-to-active-directory.md
- name: Provision to other directories and apps
items:
- name: Govern provisioning to LDAP based apps
href: scenarios/provision-ldap.md
- name: Govern provisioning to LDAP for Linux auth
href: ~/identity/app-provisioning/on-premises-ldap-connector-linux.md
- name: Govern provisioning to SQL based apps
href: scenarios/provision-sql.md
- name: Govern provisioning to SAP ECC
href: scenarios/provision-sap.md
- name: Govern provisioning to PowerShell based apps
href: ~/identity/app-provisioning/on-premises-powershell-connector.md
- name: Automate identity lifecycle management
href: scenarios/automate-identity-lifecycle.md
items:
- name: Automate workflow processes
items:
- name: Govern employee and guest on-boarding
href: tutorial-onboard-custom-workflow-portal.md
- name: Govern employee and guest off-boarding
href: tutorial-scheduled-leaver-portal.md
- name: Automate assignment policies
items:
- name: Govern external users through an approval process
href: entitlement-management-onboard-external-user.md
- name: Automate the review process
items:
- name: Govern auditing and access reviews for guest users
href: /graph/tutorial-accessreviews-m365group?toc=/entra/id-governance/toc.json&bc=/entra/id-governance/breadcrumb/toc.json
- name: Govern access to applications
items:
- name: Get started with governing application access
items:
- name: Govern access for applications in your environment
href: identity-governance-applications-prepare.md
- name: Define organizational policies for governing access
href: identity-governance-applications-define.md
- name: Integrating applications with Microsoft Entra ID
href: identity-governance-applications-integrate.md
- name: Deploying organizational policies for governing access
href: identity-governance-applications-deploy.md
- name: Connected applications
href: apps.md
- name: Govern application access
items:
- name: Automate identity governance tasks - PowerShell
href: identity-governance-automation.md
- name: Governing an application's existing users - PowerShell
href: identity-governance-applications-existing-users.md
- name: Governing a nonprovisionable application's users - PowerShell
href: identity-governance-applications-not-provisioned-users.md
- name: Manage access to SAP applications
href: sap.md
- name: Using Entra Private Access with Entitlement Management
href: scenarios/entitlement-management-private-access.md
- name: Migrations
items:
- name: Transform your cloud posture
href: ../architecture/road-to-the-cloud-posture.md
- name: Migrate an organizational role model
href: identity-governance-organizational-roles.md
- name: Microsoft Entra Connect sync to cloud sync migrations
items:
- name: Migrate Microsoft Entra Connect Sync group writeback V2 to Microsoft Entra Cloud Sync
href: ~/identity/hybrid/cloud-sync/migrate-group-writeback.md
- name: Microsoft Identity Manager migrations
items:
- name: Migrate IAM scenarios to Microsoft Entra ID
href: /microsoft-identity-manager/migrate-entra-id
- name: Migrate from SAP IDM
items:
- name: Migrate from SAP IDM
href: scenarios/migrate-from-sap-idm.md
- name: Author SAP ECC 7 Template for ECMA2Host
href: scenarios/sap-template.md
- name: Deploy SAP NetWeaver AS ABAP 7
href: scenarios/deploy-sap-netweaver.md
- name: Tutorials
expanded: true
items:
- name: Entitlement Management
items:
- name: Manage access to resources
href: entitlement-management-access-package-first.md
- name: Manage access to resources - Microsoft Graph
href: /graph/tutorial-access-package-api?toc=/entra/id-governance/toc.json&bc=/entra/id-governance/breadcrumb/toc.json
- name: Manage access to resources - PowerShell
href: /powershell/microsoftgraph/tutorial-entitlement-management
- name: Manage the lifecycle of your group-based licenses in Microsoft Entra ID
href: entitlement-management-group-licenses.md
- name: Create an access package for an application - PowerShell
href: entitlement-management-access-package-create-app.md
- name: Automated ServiceNow Ticket Creation Integration
href: entitlement-management-ticketed-provisioning.md
- name: Automated Teams Messaging Integration
href: entitlement-management-custom-teams-extension.md
- name: Customized entitlement reports in Azure Data Explorer
href: custom-entitlement-report-with-adx-and-entra-id.md
- name: Access Reviews
items:
- name: Review access to Microsoft 365 groups - Microsoft Graph
href: /graph/tutorial-accessreviews-m365group?toc=/entra/id-governance/toc.json&bc=/entra/id-governance/breadcrumb/toc.json
- name: Review access for guest users - Microsoft Graph
href: /graph/tutorial-accessreviews-m365group?toc=/entra/id-governance/toc.json&bc=/entra/id-governance/breadcrumb/toc.json
- name: Review access to security groups - Microsoft Graph
href: /graph/tutorial-accessreviews-securitygroup?toc=/entra/id-governance/toc.json&bc=/entra/id-governance/breadcrumb/toc.json
- name: Review access to privileged roles - Microsoft Graph
href: /graph/tutorial-accessreviews-roleassignments?toc=/entra/id-governance/toc.json&bc=/entra/id-governance/breadcrumb/toc.json
- name: Lifecycle Workflows
items:
- name: Automate employee onboarding tasks - Microsoft Graph
href: /graph/tutorial-lifecycle-workflows-onboard-custom-workflow?toc=/azure/active-directory/governance/toc.json&bc=/azure/active-directory/governance/breadcrumb/toc.json
- name: Offboarding employees in real-time - Microsoft Entra admin center
href: tutorial-offboard-custom-workflow-portal.md
- name: Offboarding employees in real-time - Microsoft Graph
href: /graph/tutorial-lifecycle-workflows-offboard-custom-workflow?toc=/entra/id-governance/toc.json&bc=/entra/id-governance/breadcrumb/toc.json
- name: Automate employee offboarding tasks - Microsoft Graph
href: /graph/tutorial-lifecycle-workflows-scheduled-leaver?toc=/entra/id-governance/toc.json&bc=/entra/id-governance/breadcrumb/toc.json
- name: Automate employee mover tasks - Microsoft Entra admin center
href: tutorial-mover-custom-workflow-portal.md
- name: Concepts
expanded: true
items:
- name: Entitlement management
items:
- name: What is entitlement management?
href: entitlement-management-overview.md
- name: Delegation and roles
href: entitlement-management-delegate.md
- name: Request process and emails
href: entitlement-management-process.md
- name: Onboard external users
href: entitlement-management-onboard.md
- name: Access reviews
items:
- name: What are access reviews?
href: access-reviews-overview.md
- name: What is the My Access portal?
href: my-access-portal-overview.md
- name: Enable multi-stage reviews
href: using-multi-stage-reviews.md
- name: Manage access with reviews
href: manage-access-review.md
- name: Manage users excluded from Conditional Access
href: conditional-access-exclusion.md
- name: Review recommendations for access reviews
href: review-recommendations-access-reviews.md
- name: Review and remove users from external organizations
href: access-reviews-external-users.md
- name: Lifecycle Workflows
items:
- name: What are Lifecycle Workflows?
href: what-are-lifecycle-workflows.md
- name: Understanding Lifecycle Workflows
href: understanding-lifecycle-workflows.md
- name: Templates
href: lifecycle-workflow-templates.md
- name: Built-in tasks
href: lifecycle-workflow-tasks.md
- name: Custom Task Extension
href: lifecycle-workflow-extensibility.md
- name: Versioning
href: lifecycle-workflow-versioning.md
- name: Workflow Audit logs
href: lifecycle-workflow-audits.md
- name: Workflow History
href: lifecycle-workflow-history.md
- name: Synced AD DS users
href: lifecycle-workflow-on-premises.md
- name: Workflow Insights
href: lifecycle-workflow-insights.md
- name: How-to guides
expanded: true
items:
- name: Entitlement management
items:
- name: Common scenarios
href: entitlement-management-scenarios.md
- name: Administrators
items:
- name: Delegate to catalog creators
href: entitlement-management-delegate-catalog.md
- name: Add a connected organization
href: entitlement-management-organization.md
- name: Govern access for external users
href: entitlement-management-external-users.md
- name: View reports and logs
href: entitlement-management-reports.md
- name: Archive logs and reporting
href: entitlement-management-logs-and-reporting.md
- name: Troubleshoot
href: entitlement-management-troubleshoot.md
- name: Catalog owners
items:
- name: Create a catalog of resources
href: entitlement-management-catalog-create.md
- name: Create a custom extension (logic apps) for catalogs
href: entitlement-management-logic-apps-integration.md
- name: Delegate to access package managers
href: entitlement-management-delegate-managers.md
- name: Set up group writeback
href: entitlement-management-group-writeback.md
- name: Access package managers and Access package assignment managers
items:
- name: Create a new access package
href: entitlement-management-access-package-create.md
- name: Share access package link
href: entitlement-management-access-package-settings.md
- name: Change resource roles
href: entitlement-management-access-package-resources.md
- name: Change request settings
href: entitlement-management-access-package-request-policy.md
- name: Configure verified ID settings
href: entitlement-management-verified-id-settings.md
- name: Change approval settings
href: entitlement-management-access-package-approval-policy.md
- name: Change lifecycle settings
href: entitlement-management-access-package-lifecycle-policy.md
- name: Configure automatic assignment
href: entitlement-management-access-package-auto-assignment-policy.md
- name: Configure separation of duties
href: entitlement-management-access-package-incompatible.md
- name: View and remove requests
href: entitlement-management-access-package-requests.md
- name: Reprocess requests
href: entitlement-management-reprocess-access-package-requests.md
- name: Request on behalf of users (Preview)
href: entitlement-management-request-behalf.md
- name: View, add, and remove assignments
href: entitlement-management-access-package-assignments.md
- name: Convert users to governed
href: entitlement-management-access-package-manage-lifecycle.md
- name: Reprocess assignments
href: entitlement-management-reprocess-access-package-assignments.md
- name: Hide or delete
href: entitlement-management-access-package-edit.md
- name: Assign Microsoft Entra Roles (Preview)
href: entitlement-management-roles.md
- name: Suggested access packages in MyAccess (Preview)
href: entitlement-management-suggested-access-packages.md
- name: Approvers
items:
- name: Approve requests
href: entitlement-management-request-approve.md
- name: Requestors
items:
- name: Request access
href: entitlement-management-request-access.md
- name: Access reviews
items:
- name: Plan access review deployment
href: deploy-access-reviews.md
- name: Create access review history report
href: access-reviews-downloadable-review-history.md
- name: Configure the scope - Microsoft Graph
href: /graph/accessreviews-scope-concept?toc=/entra/id-governance/toc.json&bc=/entra/id-governance/breadcrumb/toc.json
- name: Assign reviewers - Microsoft Graph
href: /graph/accessreviews-reviewers-concept?toc=/entra/id-governance/toc.json&bc=/entra/id-governance/breadcrumb/toc.json
- name: Access packages
items:
- name: Create an access review
href: entitlement-management-access-reviews-create.md
- name: Review access
href: self-access-review.md
- name: Groups and apps
items:
- name: Prepare for an app access review
href: access-reviews-application-preparation.md
- name: Create an access review
href: create-access-review.md
- name: Review access
href: perform-access-review.md
- name: Review access for yourself
href: review-your-access.md
- name: Complete an access review
href: complete-access-review.md
- name: Microsoft Entra roles and Azure resource roles
items:
- name: Create an access review
href: ~/id-governance/privileged-identity-management/pim-create-roles-and-resource-roles-review.md?toc=/entra/id-governance/toc.json&bc=/entra/id-governance/breadcrumb/toc.json
- name: Perform an access review
href: ~/id-governance/privileged-identity-management/pim-perform-roles-and-resource-roles-review.md?toc=/entra/id-governance/toc.json&bc=/entra/id-governance/breadcrumb/toc.json
- name: Complete an access review
href: ~/id-governance/privileged-identity-management/pim-complete-roles-and-resource-roles-review.md?toc=/entra/id-governance/toc.json&bc=/entra/id-governance/breadcrumb/toc.json
- name: Microsoft Entra PIM for Groups
items:
- name: Create an access review
href: create-access-review-pim-for-groups.md
- name: Lifecycle Workflows
items:
- name: Deployment
href: lifecycle-workflows-deployment.md
- name: Create
items:
- name: Create a Lifecycle Workflow
href: create-lifecycle-workflow.md
- name: Trigger Logic Apps based on custom task extensions
href: trigger-custom-task.md
- name: Manage
items:
- name: Synchronize attributes
href: how-to-lifecycle-workflow-sync-attributes.md
- name: Manage workflow properties
href: manage-workflow-properties.md
- name: Manage workflow versions
href: manage-workflow-tasks.md
- name: Using custom security attributes
href: manage-workflow-custom-security-attribute.md
- name: Run a workflow on-demand
href: on-demand-workflow.md
- name: Customize emails
href: customize-workflow-email.md
- name: Check the status of a workflow
href: check-status-workflow.md
- name: Download workflow history reports
href: download-workflow-history.md
- name: Check execution user scope
href: check-workflow-execution-scope.md
- name: Customize the schedule of workflows
href: customize-workflow-schedule.md
- name: Manage synced AD DS users
href: manage-workflow-on-premises.md
- name: Check Workflow Insights
href: manage-workflow-insights.md
- name: Delete
items:
- name: Delete a Lifecycle workflow
href: delete-lifecycle-workflow.md
- name: Reference
expanded: true
items:
- name: Identity Governance Dashboard
href: governance-dashboard.md
- name: Identity Governance service limits
href: governance-service-limits.md
- name: Licensing fundamentals
href: licensing-fundamentals.md
- name: Services and integration partners
href: services-and-integration-partners.md
- name: Best practices for securing ID Governance
href: best-practices-secure-id-governance.md
- name: Securing custom extension extensibility to Azure Logic Apps
href: custom-extension-security.md
- name: Identity Governance - PowerShell
href: /powershell/module/microsoft.graph.identity.governance/?viewFallbackFrom=graph-powershell-beta&preserve-view=true&view=graph-powershell-1.0
- name: Access reviews - Microsoft Graph API
href: /graph/api/resources/accessreviewsv2-overview
- name: Entitlement management - Microsoft Graph API
href: /graph/api/resources/entitlementmanagement-overview
- name: Custom Alerts
href: governance-custom-alerts.md
- name: Lifecycle Workflows
items:
- name: Lifecycle Workflows - Microsoft Graph API
href: /graph/api/resources/identitygovernance-lifecycleworkflows-overview
- name: Lifecycle Workflows - FAQs
href: workflows-faqs.md
- name: Set EmployeeLeaveDateTime for leaver workflows
href: /graph/tutorial-lifecycle-workflows-set-employeeleavedatetime?toc=/entra/id-governance/toc.json&bc=/entra/id-governance/breadcrumb/toc.json
- name: Preparing user accounts for Lifecycle workflows tutorials
href: tutorial-prepare-user-accounts.md
- name: Configure a Logic App for Lifecycle Workflow use
href: configure-logic-app-lifecycle-workflows.md