Security Center setting 'All users with the following roles' is not set to 'Owner' Affecting Security Center service in Azure
Severity Framework
Snyk CCSS
Rule category
Monitoring / Settings
Is your enviroment affected by this misconfiguration?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsFrameworks
CIS-Azure
- Snyk ID SNYK-CC-00701
- credit Snyk Research Team
Description
Security Center alerts ensure that the appropriate individuals in an organization are notified via email when issues occur, speeding up time to remediation. Subscription owners should receive these alerts so they can triage and remediate issues appropriately.
How to fix?
Set the alertNotifications
and alertsToAdmins
attributes to On
.
Example Configuration
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [
{
"type": "Microsoft.Security/securityContacts",
"apiVersion": "2017-08-01-preview",
"name": "contact-allowed",
"location": "[resourceGroup().location]",
"properties": {
"email": "contact@example.com",
"alertNotifications": "On",
"alertsToAdmins": "On"
}
}
]
}