Which compliance frameworks require ensure event grid uses azure ad authentication?

This security check is required by the following compliance frameworks: SOC 2, PCI-DSS, NIST 800-53.

MEDIUM

Ensure Event Grid uses Azure AD authentication

Event Grid should use Azure AD authentication instead of access keys for publishing.

Security Impact

Access keys are difficult to rotate and can be exposed in code or logs.

How to Remediate

Enable Azure AD authentication and disable local authentication using access keys.

Affected Resources

Microsoft.EventGrid/topics

Compliance Frameworks

SOC 2PCI-DSSNIST 800-53

How TigerGate Helps

TigerGate continuously monitors your Azure environment to detect and alert on this misconfiguration. Here's what our platform does for this specific check:

Continuous Scanning
Automatically scans all Azure Event Grid resources across your Azure subscriptions every hour
Instant Alerts
Get notified via Slack, email, or webhooks when this misconfiguration is detected
One-Click Remediation
Fix this issue directly from the TigerGate dashboard with our guided remediation
Compliance Evidence
Automatically collect audit evidence for SOC 2, PCI-DSS, NIST 800-53 compliance
Drift Detection
Get alerted if this configuration drifts back to an insecure state after remediation

Check Details

Check ID: azure-eventgrid-4
Service: Azure Event Grid
Category: Identity Management
Severity: MEDIUM

Automate This Check

TigerGate automatically scans your Azure environment for this and 160+ other security checks.

Start Free Trial

Related Azure Event Grid Checks

View all checks

azure-eventgrid-1medium

Ensure Event Grid topics use private endpoints

azure-eventgrid-2medium

Ensure Event Grid uses managed identity for authentication

azure-eventgrid-3medium

Ensure Event Grid has diagnostic logging enabled

azure-eventgrid-5medium

Ensure Event Grid topics have network access restrictions