Which Azure service can be configured to automatically revoke permissions if not verified by a manager?

Azure Active Directory access reviews enable organizations to manage and streamline access to applications and resources by allowing periodic reviews of user permissions. This service is particularly designed for situations where permissions need to be validated, particularly for users who have not recently been granted a specific set of permissions. When an access review is conducted, it prompts a designated manager or reviewer to either confirm or revoke access for a user based on current job roles and responsibilities.

The ability to automatically revoke permissions if they are not verified by a manager is a crucial feature of access reviews. This ensures that users only retain access to resources as long as it is needed and authorized, thereby enhancing security and compliance within an organization. This automatic revocation process helps organizations adhere to the principle of least privilege, ensuring that users have only the permissions necessary for their roles.

In contrast, Azure Automation scripts are more focused on automating administrative tasks and workflows, while Azure Key Vault audits are primarily concerned with monitoring and logging access to cryptographic keys and secrets. Azure Information Protection policies are used to classify and protect documents and emails but do not specifically address the management of user access permissions.