last sync: 2020-Oct-26 14:19:03 UTC

Azure Policy

Email notification to subscription owner for high severity alerts should be enabled

Name Email notification to subscription owner for high severity alerts should be enabled
Id 0b15565f-aa9e-48ba-8619-45960f2c314d
Version 1.0.0
details on versioning
Category Security Center
Description Enable emailing security alerts to the subscription owner, in order to have them receive security alert emails from Microsoft. This ensures that they are aware of any potential security issues and can mitigate the risk in a timely fashion
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: AuditIfNotExists
Allowed: (AuditIfNotExists,Disabled)
Used RBAC Role none
History none
Used in Initiatives
Initiative DisplayName Initiative Id Initiative Category
[Deprecated]: DOD Impact Level 4 8d792a84-723c-4d92-a3c3-e4ed16a2d133 Regulatory Compliance
[Preview]: NIST SP 800-171 R2 03055927-78bd-4236-86c0-f36125a10dc9 Regulatory Compliance
CIS Microsoft Azure Foundations Benchmark 1.1.0 1a5bb27d-173f-493e-9568-eb56638dde4d Regulatory Compliance
Json
{
  "properties": {
    "displayName": "Email notification to subscription owner for high severity alerts should be enabled",
    "policyType": "BuiltIn",
    "mode": "All",
    "description": "Enable emailing security alerts to the subscription owner, in order to have them receive security alert emails from Microsoft. This ensures that they are aware of any potential security issues and can mitigate the risk in a timely fashion",
    "metadata": {
      "version": "1.0.0",
      "category": "Security Center"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "AuditIfNotExists",
          "Disabled"
        ],
        "defaultValue": "AuditIfNotExists"
      }
    },
    "policyRule": {
      "if": {
        "field": "type",
        "equals": "Microsoft.Resources/subscriptions"
      },
      "then": {
      "effect": "[parameters('effect')]",
        "details": {
          "type": "Microsoft.Security/securityContacts",
          "existenceCondition": {
            "field": "Microsoft.Security/securityContacts/alertsToAdmins",
            "notEquals": "Off"
          }
        }
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/0b15565f-aa9e-48ba-8619-45960f2c314d",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "0b15565f-aa9e-48ba-8619-45960f2c314d"
}