Auto provisioning of Microsoft Defender for Containers is disabled Affecting Security Center service in Azure

Severity Framework Snyk CCSS

Rule category Monitoring / Settings

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

Snyk ID SNYK-CC-00799
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

Disabling auto provisioning for Microsoft Defender for Containers may lead to a lack of security monitoring and threat protection for containerized workloads.

How to fix?

Set tier to Standard and resource_type to Containers.

Example Configuration

resource "azurerm_security_center_subscription_pricing" "allowed" {
  tier          = "Standard"
  resource_type = "Containers"
}

Terraform

azurerm_security_center_subscription_pricing

References

What is Microsoft Defender for Cloud?