Skip to content

Latest commit

 

History

History
41 lines (28 loc) · 1.33 KB

azure-security-center-alert-on-severe-notifications.md

File metadata and controls

41 lines (28 loc) · 1.33 KB

Pattern: Disabled Azure security center alert notifications

Issue: -

Description

It is recommended that at least one valid contact is configured for the security center. Microsoft will notify the security contact directly in the event of a security incident using email and require alerting to be turned on.

Resolution: Set alert notifications to be on.

Examples

The following example will fail the azure-security-center-alert-on-severe-notifications check.

resource "azurerm_security_center_contact" "bad_example" {
	email = "bad_example@example.com"
	phone = "+1-555-555-5555"

	alert_notifications = false
	alerts_to_admins = false
}

The following example will pass the azure-security-center-alert-on-severe-notifications check.

resource "azurerm_security_center_contact" "good_example" {
	email = "good_example@example.com"
	phone = "+1-555-555-5555"

	alert_notifications = true
	alerts_to_admins = true
}

Further reading