Access package approval workflows must have valid approvers
Why This Matters
Approval workflows that reference deleted or disabled users create security gaps and operational delays in the Entra ID Governance access package lifecycle. When an approver is no longer valid, requests may remain unapproved indefinitely, bypassing intended access controls and potentially exposing sensitive resources. IT administrators must ensure all approvers are active and functional to maintain a secure and efficient access management process.
What Aether365 Checks
This check verifies that all approval workflows in Entra ID access packages reference valid, active approvers who are not deleted or disabled. In the Aether365 dashboard, this appears under entra-id checks as ID AE.1109.