Azurecloud~30 mins

Multi-factor authentication in Azure - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Enable Multi-factor Authentication in Azure

📖 Scenario: You are an IT administrator for a small company. You want to improve security by requiring users to verify their identity with a second step when signing in. This is called Multi-factor Authentication (MFA). You will configure MFA settings in Azure Active Directory.

🎯 Goal: Set up Multi-factor Authentication in Azure by creating a conditional access policy that requires MFA for all users when accessing cloud apps.

📋 What You'll Learn

Create a conditional access policy named RequireMFA

Target all users in the policy

Apply the policy to all cloud applications

Require multi-factor authentication as the access control

💡 Why This Matters

🌍 Real World

Multi-factor authentication helps protect company data by adding a second step to user sign-in, reducing the risk of unauthorized access.

💼 Career

IT administrators and cloud engineers often configure conditional access policies to enforce security standards in organizations.

Progress0 / 4 steps

Create the conditional access policy dictionary

Create a dictionary called conditional_access_policy with the key name set to 'RequireMFA' and the key state set to 'enabled'.

Azure

# Your code here

Need a hint?

Use a Python dictionary with keys 'name' and 'state'.

Add user and application targets

Add the keys users and applications to conditional_access_policy. Set users to a dictionary with key include and value a list containing the string 'AllUsers'. Set applications to a dictionary with key include and value a list containing the string 'AllCloudApps'.

Azure

conditional_access_policy = {
    'name': 'RequireMFA',
    'state': 'enabled'
}
# Your code here

Need a hint?

Use nested dictionaries for 'users' and 'applications' keys.

Add access controls to require MFA

Add the key grantControls to conditional_access_policy. Set it to a dictionary with key operator set to 'OR' and key builtInControls set to a list containing the string 'mfa'.

Azure

conditional_access_policy = {
    'name': 'RequireMFA',
    'state': 'enabled',
    'users': {
        'include': ['AllUsers']
    },
    'applications': {
        'include': ['AllCloudApps']
    }
}
# Your code here

Need a hint?

Use a dictionary with keys 'operator' and 'builtInControls' for grantControls.

Complete the policy with session controls

Add the key sessionControls to conditional_access_policy and set it to an empty dictionary {} to complete the policy structure.

Azure

conditional_access_policy = {
    'name': 'RequireMFA',
    'state': 'enabled',
    'users': {
        'include': ['AllUsers']
    },
    'applications': {
        'include': ['AllCloudApps']
    },
    'grantControls': {
        'operator': 'OR',
        'builtInControls': ['mfa']
    }
}
# Your code here

Need a hint?

Set 'sessionControls' to an empty dictionary to finish the policy.