Unmanaged Attic Named Location [CHK-1108]
This check ensures that Attic IP addresses are solely controlled through the managed "[ATTIC] hosts" named location.
Rationale
Unmanaged named locations containing Attic IP addresses can disrupt the proper functioning of Attic. Centralizing Attic IP addresses in a single managed location improves security and simplifies access management.
Fix
An automated fix is available through Attic. This will be performed automatically on your environment as the change has no effect on your configuration. A ticket will be created but will be closed almost immediately.
Manual Steps:
- Navigate to the Azure portal.
- Search for Conditional Access.
- Click on Policies.
- Adjust the policies: remove the unmanaged named locations from the exclusion list.
- Add the "[ATTIC] hosts" named location to the exclusion list.
- Save.
- Click on named locations.
- Search for the mentioned named locations.
- Remove these named locations.
Impact
The "[ATTIC] hosts" named location replaces unmanaged named locations containing Attic IP addresses. This ensures that access from Attic IPs is controlled solely through the managed named location, ensuring the platform always has appropriate access to the Microsoft tenant.