Azure Microsoft Defender for Cloud security alert email notification is not set
Description
The alert notifications setting within an Azure Security Center contact configuration specifies whether email notifications for high severity alerts are sent to the security contact. Enabling this setting ensures that the designated contacts are promptly informed of high severity security alerts, allowing for a quicker response to potential security incidents.
Code Example
go
resource "azurerm_security_center_contact" "example" {
email = "[email protected]"
phone = "(555) 555-5555"
+ alert_notifications = true
alerts_to_admins = false # or true, depending on your organization's requirements
}Remediation
Terraform
- Resource: azurerm_security_center_contact
- Argument: alert_notifications
It is a best practice to have alert_notifications set to true to enhance the overall security posture and incident response capabilities of your Azure environment.
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0532 |
| Severity | LOW |
| IaC Type | arm |
| Frameworks | Terraform, |
| Checkov ID | CKV_AZURE_21 |