-
Notifications
You must be signed in to change notification settings - Fork 1.1k
/
ASC_Register_To_Azure_Security_Center_DINE.json
71 lines (71 loc) · 2.47 KB
/
ASC_Register_To_Azure_Security_Center_DINE.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
{
"properties": {
"displayName": "Enable Microsoft Defender for Cloud on your subscription",
"policyType": "BuiltIn",
"mode": "All",
"description": "Identifies existing subscriptions that aren't monitored by Microsoft Defender for Cloud and protects them with Defender for Cloud's free features.\nSubscriptions already monitored will be considered compliant.\nTo register newly created subscriptions, open the compliance tab, select the relevant non-compliant assignment, and create a remediation task.",
"metadata": {
"version": "1.0.1",
"category": "Security Center"
},
"version": "1.0.1",
"parameters": {},
"policyRule": {
"if": {
"field": "type",
"equals": "Microsoft.Resources/subscriptions"
},
"then": {
"effect": "deployIfNotExists",
"details": {
"type": "Microsoft.Security/pricings",
"name": "VirtualMachines",
"deploymentScope": "subscription",
"existenceScope": "subscription",
"roleDefinitionIds": [
"/providers/Microsoft.Authorization/roleDefinitions/fb1c8493-542b-48eb-b624-b4c8fea62acd"
],
"existenceCondition": {
"anyof": [
{
"field": "microsoft.security/pricings/pricingTier",
"equals": "standard"
},
{
"field": "microsoft.security/pricings/pricingTier",
"equals": "free"
}
]
},
"deployment": {
"location": "westeurope",
"properties": {
"mode": "incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"variables": {},
"resources": [
{
"type": "Microsoft.Security/pricings",
"apiVersion": "2018-06-01",
"name": "VirtualMachines",
"properties": {
"pricingTier": "free"
}
}
],
"outputs": {}
}
}
}
}
}
},
"versions": [
"1.0.1"
]
},
"id": "/providers/Microsoft.Authorization/policyDefinitions/ac076320-ddcf-4066-b451-6154267e8ad2",
"name": "ac076320-ddcf-4066-b451-6154267e8ad2"
}