Conditional Access Automation¶
Version: v1.2.2 | Status: live | Domain: Access & Identity | Tier: 2
Automated deployment and compliance monitoring of Entra ID Conditional Access policies for Microsoft 365 AI workloads (Copilot Studio, Agent Builder, M365 Copilot).
Mapped Controls¶
Prerequisites¶
| Role | Requirement |
|---|---|
power-platform-admin |
Power Platform admin tenant role for Dataverse environment and solution setup. |
security-admin |
Conditional Access Administrator or Security Administrator for policy creation and review. |
m365-admin |
Application Administrator for service principal registration and Graph permission consent. |
global-reader |
Global Reader for read-only audit and report validation. |
Verification¶
Confirm the compliance scan populates fsi_capolicyvalidationhistories and fsi_capolicyviolations, with active baselines in fsi_capolicybaselines.
Documentation¶
| Document |
|---|
| Compliance Monitoring |
| Dataverse Schema |
| Deployment Guide |
| Evidence Export |
| Policy Templates |
| Prerequisites |
| Schema |
| Troubleshooting |
View source on GitHub { .md-button }