Tuesday, March 1, 2022

Block file upload to SharePoint Online using Azure Conditional Access with custom policies

How can we restrict users uploading files with specific file name?

In this article I'll explain how to achieve that using Azure Conditional Access Policies and Defender for Cloud Apps policies

Steps in Conditional Access Policies

Step 01: Navigate to Azure AD and then to Security Section

Step 02: Navigate to Conditional Access Policies

Step 03: Create a new policy

Step 04: Assign Users. I've assigned all users

Step 05: Select SharePoint Online

Step 06: Navigate to Session section and select Use conditional access app control and use custom policy option

Then I will click on configure custom policy section. It will bring me to Microsoft Defender for Cloud Apps application.

Steps in Microsoft Defender for Cloud Apps

Step 01:  You can see SharePoint online in conditional access app control apps section, we created this in previous step in Azure AD

Step 02: Navigate to Control, Policies and create a new policy

Step 03: We will set Control file upload in Session control type drop down

Step 04: We will provide SharePoint Online as the Activity source

Step 05: Add a filter for the policy

Step 06: We will provide Block option in Actions section with a proper message

That's all we have to do. Let's try this out

No comments: