last sync: 2020-Aug-07 14:05:09 UTC

Azure Policy

Email notification to subscription owner for high severity alerts should be enabled

Policy DisplayName Email notification to subscription owner for high severity alerts should be enabled
Policy Id 0b15565f-aa9e-48ba-8619-45960f2c314d
Policy Category Security Center
Policy Description Enable emailing security alerts to the subscription owner, in order to have them receive security alert emails from Microsoft. This ensures that they are aware of any potential security issues and can mitigate the risk in a timely fashion
Policy Mode All
Policy Type BuiltIn
Policy in Preview FALSE
Policy Deprecated FALSE
Policy Effect Default: AuditIfNotExists
Allowed: (AuditIfNotExists,Disabled)
Roles used none
Policy Changes no changes
Used in Policy Initiative(s)
Initiative DisplayName Initiative Id
[Preview]: NIST SP 800-171 R2 03055927-78bd-4236-86c0-f36125a10dc9
CIS Microsoft Azure Foundations Benchmark 1.1.0 1a5bb27d-173f-493e-9568-eb56638dde4d
[Deprecated]: DOD Impact Level 4 8d792a84-723c-4d92-a3c3-e4ed16a2d133
Policy Rule
{
  "properties": {
    "displayName": "Email notification to subscription owner for high severity alerts should be enabled",
    "policyType": "BuiltIn",
    "mode": "All",
    "description": "Enable emailing security alerts to the subscription owner, in order to have them receive security alert emails from Microsoft. This ensures that they are aware of any potential security issues and can mitigate the risk in a timely fashion",
    "metadata": {
      "version": "1.0.0",
      "category": "Security Center"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "AuditIfNotExists",
          "Disabled"
        ],
        "defaultValue": "AuditIfNotExists"
      }
    },
    "policyRule": {
      "if": {
        "field": "type",
        "equals": "Microsoft.Resources/subscriptions"
      },
      "then": {
      "effect": "[parameters('effect')]",
        "details": {
          "type": "Microsoft.Security/securityContacts",
          "existenceCondition": {
            "field": "Microsoft.Security/securityContacts/alertsToAdmins",
            "notEquals": "Off"
          }
        }
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/0b15565f-aa9e-48ba-8619-45960f2c314d",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "0b15565f-aa9e-48ba-8619-45960f2c314d"
}