Activity: Creating a Conditional Access Policy
This activity will be to create a conditional access policy to restrict login for the scripts to the United Kingdom. If the login activity does not come from within UK, it will be blocked.
You could restrict this further to only allowing the IP address you are currently connecting to the Internet through or many other criteria available in the Conditional Access wizard.
- Open https://aad.portal.azure.com
- Navigate to Security blade on the left hand side.
- Click on Named locations
- Click on + Countries Location
- Enter a name (UK) and then search United Kingdon im the list below. Add a tick against the location then click Create. You should see a new item in the list of Named locations.
- Click on Conditional Access
- Click on New Policy
- Give the Policy a name.
- No settings in Users and Groups
- In Cloud apps or actions choose Select apps then search and select your Web App.
- Select Conditions, Locations, Exclude. Select UK, then select.
- Select Grant, then Block Access.
- On Enable policy select On.
You may see a message around disabling security defaults. For this activity do so, but if you were in an organisation discuss with the appropriate parties before doing so.