Azure Security Center Auto Provisioning
This page shows how to write Terraform and Azure Resource Manager for Security Center Auto Provisioning and write them securely.
azurerm_security_center_auto_provisioning (Terraform)
The Auto Provisioning in Security Center can be configured in Terraform with the resource name azurerm_security_center_auto_provisioning
. The following sections describe 10 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "azurerm_security_center_auto_provisioning" "auto_provisioning_setting" {
auto_provision = "On"
resource "azurerm_security_center_auto_provisioning" "example" {
auto_provision = "Off"
}
resource "azurerm_security_center_auto_provisioning" "main" {
count = var.enable_security_center_auto_provisioning == "On" ? 1 : 0
auto_provision = var.enable_security_center_auto_provisioning
}
resource "azurerm_security_center_auto_provisioning" "main" {
count = var.enable_security_center_auto_provisioning == "On" ? 1 : 0
auto_provision = var.enable_security_center_auto_provisioning
}
resource "azurerm_security_center_auto_provisioning" "sec_cen_auto_prov" {
count = var.sec_cen_auto_prov_enable == "On" ? 1 : 0
auto_provision = var.sec_cen_auto_prov_enable
}
resource "azurerm_security_center_auto_provisioning" "main" {
count = var.enable_security_center_auto_provisioning == "On" ? 1 : 0
auto_provision = var.enable_security_center_auto_provisioning
}
resource "azurerm_security_center_auto_provisioning" "example" {
auto_provision = "On"
}
resource "azurerm_security_center_auto_provisioning" "example" {
auto_provision = "On"
}
resource "azurerm_security_center_auto_provisioning" "example" {
auto_provision = "Off"
}
resource "azurerm_security_center_auto_provisioning" "example" {
auto_provision = "On"
}
Parameters
-
auto_provision
required - string -
id
optional computed - string -
timeouts
single block
Explanation in Terraform Registry
Enables or disables the Security Center Auto Provisioning feature for the subscription
NOTE: There is no resource name required, it will always be "default"
Tips: Best Practices for The Other Azure Security Center Resources
In addition to the azurerm_security_center_contact, Azure Security Center has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.
azurerm_security_center_contact
Ensure to enable alert notifications
It is better to configure at least one valid contact for the security center. Microsoft will inform you directly in the event of a security incident using emails.
azurerm_security_center_subscription_pricing
Ensure to enable alert notifications
It is better to enable Azure Defender, which is a cloud workload protection service for App Services. In addition, It is also able to analyze non-Azure resources, utilizing Azure Arc, including those on-premises and in both AWS and GCP.
Microsoft.Security/autoProvisioningSettings (Azure Resource Manager)
The autoProvisioningSettings in Microsoft.Security can be configured in Azure Resource Manager with the resource name Microsoft.Security/autoProvisioningSettings
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
"type": "Microsoft.Security/autoProvisioningSettings",
"deploymentScope": "subscription",
"existenceScope": "subscription",
"roleDefinitionIds": [
"/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635",
"/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c"
"type": "Microsoft.Security/autoProvisioningSettings",
"deploymentScope": "Subscription",
"roleDefinitionIds": [
"/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c"
],
"existenceCondition": {
"type": "Microsoft.Security/autoProvisioningSettings",
"apiVersion": "2017-08-01-preview",
"name": "default",
"properties": {
"autoProvision": "On"
}
"type": "Microsoft.Security/autoProvisioningSettings",
"properties": {
"autoProvision": "On"
}
}
},
"type": "Microsoft.Security/autoProvisioningSettings",
"properties": {
"autoProvision": "On"
}
}
},
"type": "Microsoft.Security/autoProvisioningSettings",
"existenceScope": "subscription",
"existenceCondition": {
"allof": [
{
"field": "Microsoft.Security/autoProvisioningSettings/autoProvision",
"type": "Microsoft.Security/autoProvisioningSettings",
"properties": {
"autoProvision": "On"
}
}
},
"type": "Microsoft.Security/autoProvisioningSettings",
"deploymentScope": "Subscription",
"roleDefinitionIds": [
"/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c"
],
"existenceCondition": {
"type": "Microsoft.Security/autoProvisioningSettings",
"properties": {
"autoProvision": "On"
}
}
},
"type": "Microsoft.Security/autoProvisioningSettings",
"properties": {
"autoProvision": "On"
}
}
},
Frequently asked questions
What is Azure Security Center Auto Provisioning?
Azure Security Center Auto Provisioning is a resource for Security Center of Microsoft Azure. Settings can be wrote in Terraform.
Where can I find the example code for the Azure Security Center Auto Provisioning?
For Terraform, the cloudquery/cq-provider-azure, iacsecurity/tool-compare and mennaammar/spoke-landingzone-vnet source code examples are useful. See the Terraform Example section for further details.
For Azure Resource Manager, the digitc1/AzLandingZonePublic, Sakariye2333/Sakariye2333 and tianderturpijn/ASC source code examples are useful. See the Azure Resource Manager Example section for further details.