Do you use Entra Access Packages to give access to resources?

❌ Bad Example - Manually Requesting Access via Email

In the old-fashioned way, users would send an email to the SysAdmins requesting access to a specific resource. This method is prone to errors, lacks an audit trail, and can lead to security vulnerabilities.

✅ Good Example - Requesting Access via myaccess.microsoft.com

Instead of manually sending emails, users can request access through myaccess.microsoft.com, which provides a streamlined, auditable, and secure method.

1. Navigate to myaccess.microsoft.com
   :::good :::
2. Search for the desired resource or access package.

Figure: Search for the required resource

1. Request Access by selecting the appropriate access package and filling out any necessary details.
   
2. Wait for approval from the people responsible for the resource
   :::greybox If you require immediate access ping them on Teams :::

Steps to Create an Access Package

1. Open Azure Portal: Navigate to Entra ID | Identity Governance | Access packages.

Figure: Navigate to Azure portal | Access packages | New Access package

1. New Access Package: Click on + New access package.
2. Fill Details: Provide a name, description, and select the catalog for the access package.

Figure: Fill out the details and choose a catalog

1. Define Resources: Add the resources (applications, groups, SharePoint sites) that users will get access to when they request this package.

Figure: Add the required resources

1. Set Policies: Define who can request the package, approval workflows, duration of access, and other settings.

Figure: Choose the types of users that can request access

Figure: Choose policies that match the level of access

1. Review and Create: Ensure all details are correct and then create the access package.

Figure: Review the settings and create the policy