last sync: 2023-Sep-29 17:58:48 UTC

Azure Policy definition

Deploy export to Event Hub for Microsoft Defender for Cloud data

Source Azure Portal
Display name Deploy export to Event Hub for Microsoft Defender for Cloud data
Id cdfcce10-4578-4ecd-9703-530938e4abcb
Version 4.2.0
details on versioning
Category Security Center
Microsoft docs
Description Enable export to Event Hub of Microsoft Defender for Cloud data. This policy deploys an export to Event Hub configuration with your conditions and target Event Hub on the assigned scope. To deploy this policy on newly created subscriptions, open the Compliance tab, select the relevant non-compliant assignment and create a remediation task.
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Fixed
deployIfNotExists
RBAC role(s)
Role Name Role Id
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c
Rule aliases THEN-ExistenceCondition (3)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Security/automations/isEnabled Microsoft.Security automations properties.isEnabled false
Microsoft.Security/automations/sources[*] Microsoft.Security automations properties.sources[*] false
Microsoft.Security/automations/sources[*].eventSource Microsoft.Security automations properties.sources[*].eventSource false
Rule resource types IF (1)
Microsoft.Resources/subscriptions
THEN-Deployment (4)
Microsoft.Resources/deployments
Microsoft.Resources/resourceGroups
Microsoft.Security/assessments
Microsoft.Security/automations
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2023-04-25 17:42:14 change Minor (4.1.0 > 4.2.0)
2022-07-08 16:32:07 change Minor (4.0.1 > 4.1.0)
2022-06-24 19:15:47 change Patch (4.0.0 > 4.0.1)
2021-07-30 15:17:20 change Major (3.0.0 > 4.0.0)
2021-02-03 15:09:01 change Major (2.0.0 > 3.0.0)
2020-12-11 15:42:52 change Major (1.0.0 > 2.0.0)
2020-05-29 15:39:09 add cdfcce10-4578-4ecd-9703-530938e4abcb
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01