Skip to main content

Templates

Templates define which controls Driftmark evaluates during a snapshot.

Why templates exist

Templates let you:
  • standardize the scope of monitoring
  • reuse the same control set across multiple tenants
  • align required Graph permissions with the selected controls
  • update audit scope without editing each tenant by hand

Creating a template

From the Microsoft integrations area, create a new template and configure:
  • name
  • description
  • version
  • enabled controls

Enabled controls

Controls are grouped around areas such as:
  • organization information
  • directory information
  • identity and access
  • applications
  • security settings
  • identity governance
  • privileged identity management
Each control also documents its required Microsoft Graph application permissions.

Required API permissions

The template editor calculates the required application permissions based on currently enabled controls. This is meant to help you:
  • provision the app registration correctly
  • verify admin consent requirements
  • understand why a connection might fail to capture a given area

Assigning templates to tenants

Templates are selected on the tenant detail page. A tenant must have a selected template before snapshots can run successfully.

Scope changes

Template changes only affect future snapshots. Existing snapshots are historical records and are not retroactively modified.