Security Center contact email is not set Affecting Security Center service in Azure
Severity Framework
Snyk CCSS
Rule category
Monitoring / Settings
Is your enviroment affected by this misconfiguration?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsFrameworks
CIS-Azure
- Snyk ID SNYK-CC-00677
- credit Snyk Research Team
Description
Setting the contact email ensures that the proper people are aware of any potential compromise.
How to fix?
Set the emails
attribute to a valid email address.
Example Configuration
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"type": "Microsoft.Security/securityContacts",
"apiVersion": "2020-01-01-preview",
"name": "allow",
"properties": {
"alertNotifications": {
"minimalSeverity": "Medium",
"state": "On"
},
"emails": "contact@example.com",
"notificationsByRole": {
"roles": [ "AccountAdmin" ],
"state": "On"
},
"phone": "+1-555-555-5555"
}
}
]
}