Hello @MT,
Thank you for posting your query on Microsoft Q&A.
You can't directly target Microsoft Azure CLI via conditional access policy because it is not available in the cloud app picker list to target directly. This is due to its dependencies on other resource applications.
If you would like to target Microsoft Azure CLI, you need to target the resource application of Microsoft Azure CLI, which is the Windows Azure Service Management API. When you target the Windows Azure Service Management API application, the policy is enforced for tokens issued to a set of services dependent on this Azure management portal and API, services, or clients. Please refer to the following document for the list of applications that have this dependency:
Windows Azure Service Management API - Conditional Access
According to the document below, Cloud Shell sessions have a time limit of 20 minutes. As a result, any long-running non-interactive sessions are ended without warning:
Cloud Shell FAQ and Troubleshooting
Given the 20-minute time limitation for Cloud Shell sessions, it may not be necessary to have a conditional access policy with a sign-in frequency of 8 hours.
I hope this information is helpful. Please feel free to reach out if you have any further questions.
Please Accept the answer
if the information helped you. This will help us and others in the community as well.
Thanks,
Raja Pothuraju.