last sync: 2022-Jun-28 16:32:57 UTC

Azure Policy definition

Deploy export to Event Hub for Microsoft Defender for Cloud data

Name Deploy export to Event Hub for Microsoft Defender for Cloud data
Azure Portal
Id cdfcce10-4578-4ecd-9703-530938e4abcb
Version 4.0.1
details on versioning
Category Security Center
Microsoft docs
Description Enable export to Event Hub of Microsoft Defender for Cloud data. This policy deploys an export to Event Hub configuration with your conditions and target Event Hub on the assigned scope. To deploy this policy on newly created subscriptions, open the Compliance tab, select the relevant non-compliant assignment and create a remediation task.
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Fixed: deployIfNotExists
Used RBAC Role
Role Name Role Id
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c
Rule Aliases THEN-ExistenceCondition (3)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Security/automations/isEnabled Microsoft.Security automations properties.isEnabled false
Microsoft.Security/automations/sources[*] Microsoft.Security automations properties.sources[*] false
Microsoft.Security/automations/sources[*].eventSource Microsoft.Security automations properties.sources[*].eventSource false
Rule ResourceTypes IF (1)
Microsoft.Resources/subscriptions
THEN-Deployment (4)
Microsoft.Resources/deployments
Microsoft.Resources/resourceGroups
Microsoft.Security/assessments
Microsoft.Security/automations
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-06-24 19:15:47 change Patch (4.0.0 > 4.0.1) *changes on text case sensitivity are not tracked
2021-07-30 15:17:20 change Major (3.0.0 > 4.0.0)
2021-02-03 15:09:01 change Major (2.0.0 > 3.0.0)
2020-12-11 15:42:52 change Major (1.0.0 > 2.0.0)
2020-05-29 15:39:09 add cdfcce10-4578-4ecd-9703-530938e4abcb
Used in Initiatives none
JSON Changes

JSON