From 7162236a6b10a8d71e88fbc9192df48d3399ae1a Mon Sep 17 00:00:00 2001
From: Carlos Polop <carlospolop@gmail.com>
Date: Sat, 8 Feb 2025 19:54:20 +0100
Subject: [PATCH] fix

---
 .../azure-security/az-basic-information/README.md     | 11 +----------
 1 file changed, 1 insertion(+), 10 deletions(-)

diff --git a/src/pentesting-cloud/azure-security/az-basic-information/README.md b/src/pentesting-cloud/azure-security/az-basic-information/README.md
index 50247df25..5d6c5dd59 100644
--- a/src/pentesting-cloud/azure-security/az-basic-information/README.md
+++ b/src/pentesting-cloud/azure-security/az-basic-information/README.md
@@ -314,16 +314,7 @@ This elevation can be done at the end of the page: [https://portal.azure.com/#vi
 
 ### Assignments Conditions & MFA
 
-It’s possible to **establish some conditions when a role is assigned** to a principal. A common condition to add is to require MFA to access some role permissions:
-
-```bash
-az role assignment create \
-  --assignee <user-or-service-principal-id> \
-  --role <custom-role-id-or-name> \
-  --scope "/subscriptions/9291ff6e-6afb-430e-82a4-6f04b2d05c7f" \
-  --condition "PrincipalClaims['amr'] contains 'mfa'" \
-  --condition-version 2.0
-```
+According to **[the docs](https://learn.microsoft.com/en-us/azure/role-based-access-control/conditions-role-assignments-portal)**: Currently, conditions can be added to built-in or custom role assignments that have **blob storage data actions or queue storage data actions**.
 
 ### Deny Assignments