Security Center contact email is not set Affecting Security Center service in Azure

Severity Framework Snyk CCSS

Rule category Monitoring / Settings

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

CIS-Azure

Snyk ID SNYK-CC-00677
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

Setting the contact email ensures that the proper people are aware of any potential compromise.

How to fix?

Set the emails attribute to a valid email address.

Example Configuration

{
    "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
    "contentVersion": "1.0.0.0",
    "resources": [
    {
      "type": "Microsoft.Security/securityContacts",
      "apiVersion": "2020-01-01-preview",
      "name": "allow",
      "properties": {
        "alertNotifications": {
          "minimalSeverity": "Medium",
          "state": "On"
        },
        "emails": "contact@example.com",
        "notificationsByRole": {
          "roles": [ "AccountAdmin" ],
          "state": "On"
        },
        "phone": "+1-555-555-5555"
      }
    }
    ]
  }

ARM

Microsoft.Security securityContacts

Terraform

azurerm_security_center_contact

References

Quickstart: Configure email notifications for security alerts