Which compliance frameworks require ensure event grid uses managed identity for authentication?

This security check is required by the following compliance frameworks: SOC 2, PCI-DSS, NIST 800-53.

MEDIUM

Ensure Event Grid uses managed identity for authentication

Event Grid subscriptions should use managed identity to deliver events to endpoints.

Security Impact

Without managed identity, access keys must be stored in subscription configuration.

How to Remediate

Configure Event Grid subscriptions to use managed identity for event delivery.

Affected Resources

Microsoft.EventGrid/eventSubscriptions

Compliance Frameworks

SOC 2PCI-DSSNIST 800-53

How TigerGate Helps

TigerGate continuously monitors your Azure environment to detect and alert on this misconfiguration. Here's what our platform does for this specific check:

Continuous Scanning
Automatically scans all Azure Event Grid resources across your Azure subscriptions every hour
Instant Alerts
Get notified via Slack, email, or webhooks when this misconfiguration is detected
One-Click Remediation
Fix this issue directly from the TigerGate dashboard with our guided remediation
Compliance Evidence
Automatically collect audit evidence for SOC 2, PCI-DSS, NIST 800-53 compliance
Drift Detection
Get alerted if this configuration drifts back to an insecure state after remediation

Check Details

Check ID: azure-eventgrid-2
Service: Azure Event Grid
Category: Identity Management
Severity: MEDIUM

Automate This Check

TigerGate automatically scans your Azure environment for this and 160+ other security checks.

Start Free Trial

Related Azure Event Grid Checks

View all checks

azure-eventgrid-1medium

Ensure Event Grid topics use private endpoints

azure-eventgrid-3medium

Ensure Event Grid has diagnostic logging enabled

azure-eventgrid-4medium

Ensure Event Grid uses Azure AD authentication

azure-eventgrid-5medium

Ensure Event Grid topics have network access restrictions