Azure Security Center Device Group
This page shows how to write Terraform and Azure Resource Manager for Security Center Device Group and write them securely.
azurerm_iot_security_device_group (Terraform)
The Device Group in Security Center can be configured in Terraform with the resource name azurerm_iot_security_device_group
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
An example could not be found in GitHub.
Parameters
-
id
optional computed - string -
iothub_id
required - string -
name
required - string -
allow_rule
list block-
connection_to_ip_not_allowed
optional - set of string -
local_user_not_allowed
optional - set of string -
process_not_allowed
optional - set of string
-
-
range_rule
set block -
timeouts
single block
Explanation in Terraform Registry
Manages a Iot Security Device Group.
Tips: Best Practices for The Other Azure Security Center Resources
In addition to the azurerm_security_center_contact, Azure Security Center has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.
azurerm_security_center_contact
Ensure to enable alert notifications
It is better to configure at least one valid contact for the security center. Microsoft will inform you directly in the event of a security incident using emails.
azurerm_security_center_subscription_pricing
Ensure to enable alert notifications
It is better to enable Azure Defender, which is a cloud workload protection service for App Services. In addition, It is also able to analyze non-Azure resources, utilizing Azure Arc, including those on-premises and in both AWS and GCP.
Microsoft.Devices/iotHubs (Azure Resource Manager)
The iotHubs in Microsoft.Devices can be configured in Azure Resource Manager with the resource name Microsoft.Devices/iotHubs
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
"type": "Microsoft.Devices/IotHubs",
"apiVersion": "2020-03-01",
"name": "[variables('CameraIotHubName')]",
"location": "[parameters('Region')]",
"sku": {
"name": "S1",
"type": "Microsoft.Devices/IotHubs",
"name": "[parameters('hubName')]",
"location": "North Europe",
"sku": {
"name": "S1",
"tier": "Standard",
"type": "Microsoft.Devices/IotHubs",
"apiVersion": "2020-03-01",
"name": "[variables('CameraIotHubName')]",
"location": "[parameters('Region')]",
"sku": {
"name": "S1",
"type": "Microsoft.Devices/IotHubs",
"name": "[parameters('iotHubName')]",
"location": "[parameters('azureLocation')]",
"sku": {
"name": "S1",
"tier": "Standard",
"type": "Microsoft.Devices/IotHubs",
"apiVersion": "2018-04-01",
"name": "[parameters('iotHubName')]",
"location": "[parameters('location')]",
"properties": {
"eventHubEndpoints": {
"type": "Microsoft.Devices/IotHubs",
"name": "[parameters('resourceName')]",
"location": "[resourceGroup().location]",
"properties": {
"eventHubEndpoints": {
"events": {
"type": "Microsoft.Devices/IotHubs",
"apiVersion": "2018-04-01",
"name": "[parameters('iotHubName')]",
"location": "[parameters('location')]",
"properties": {
"eventHubEndpoints": {
"type": "Microsoft.Devices/IotHubs",
"name": "[variables('hubName')]",
"location": "[variables('location')]",
"sku": {
"name": "S1",
"tier": "Standard",
"type": "Microsoft.Devices/IotHubs",
"apiVersion": "2018-04-01",
"name": "[parameters('iotHubName')]",
"location": "[parameters('location')]",
"properties": {
"eventHubEndpoints": {
"type": "Microsoft.Devices/IotHubs",
"apiVersion": "2018-04-01",
"name": "[parameters('iotHubName')]",
"location": "[parameters('location')]",
"properties": {
"eventHubEndpoints": {