Azure Security Center Setting
This page shows how to write Terraform and Azure Resource Manager for Security Center Setting and write them securely.
azurerm_security_center_setting (Terraform)
The Setting in Security Center can be configured in Terraform with the resource name azurerm_security_center_setting
. The following sections describe 10 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "azurerm_security_center_setting" "example" {
setting_name = "MCAS"
enabled = true
}
resource "azurerm_security_center_setting" "example" {
setting_name = "MCAS"
enabled = true
}
resource "azurerm_security_center_setting" "example" {
setting_name = "MCAS"
enabled = true
}
resource "azurerm_security_center_setting" "example" {
setting_name = "MCAS"
enabled = true
resource "azurerm_security_center_setting" "example" {
setting_name = "MCAS"
enabled = true
}
resource "azurerm_security_center_setting" "example" {
setting_name = "MCAS"
enabled = true
}
resource "azurerm_security_center_setting" "example" {
setting_name = "MCAS"
enabled = true
}
resource "azurerm_security_center_setting" "example" {
setting_name = "MCAS"
enabled = true
}
resource "azurerm_security_center_setting" "example" {
setting_name = "MCAS"
enabled = true
}
resource "azurerm_security_center_setting" "example" {
setting_name = "MCAS"
enabled = true
}
Parameters
-
enabled
required - bool -
id
optional computed - string -
setting_name
required - string -
timeouts
single block
Explanation in Terraform Registry
Manages the Data Access Settings for Azure Security Center.
NOTE: This resource requires the
Owner
permission on the Subscription.NOTE: Deletion of this resource does not change or reset the data access settings
Tips: Best Practices for The Other Azure Security Center Resources
In addition to the azurerm_security_center_contact, Azure Security Center has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.
azurerm_security_center_contact
Ensure to enable alert notifications
It is better to configure at least one valid contact for the security center. Microsoft will inform you directly in the event of a security incident using emails.
azurerm_security_center_subscription_pricing
Ensure to enable alert notifications
It is better to enable Azure Defender, which is a cloud workload protection service for App Services. In addition, It is also able to analyze non-Azure resources, utilizing Azure Arc, including those on-premises and in both AWS and GCP.
Microsoft.Security/settings (Azure Resource Manager)
The settings in Microsoft.Security can be configured in Azure Resource Manager with the resource name Microsoft.Security/settings
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
"type": "Microsoft.Security/settings",
"properties": {
"enabled": true
}
}
},
"type": "Microsoft.Security/settings",
"properties": {
"enabled": true
}
},
{
"type": "Microsoft.Security/settings",
"properties": {
"enabled": true
}
}
},
"type": "Microsoft.Security/settings",
"properties": {
"enabled": true
}
},
{
"type": "Microsoft.Security/settings",
"properties": {
"enabled": true
}
}
},
"type": "Microsoft.Security/settings",
"properties": {
"enabled": true
}
},
{
"type": "Microsoft.Security/settings",
"properties": {
"enabled": true
}
}
},
"type": "Microsoft.Security/settings",
"properties": {
"enabled": true
}
}
},
"type": "Microsoft.Security/settings",
"properties": {
"enabled": true
}
},
{
"type": "Microsoft.Security/settings",
"deploymentScope": "subscription",
"existenceScope": "subscription",
"name": "WDATP",
"roleDefinitionIds": [
"/providers/Microsoft.Authorization/roleDefinitions/fb1c8493-542b-48eb-b624-b4c8fea62acd"
Frequently asked questions
What is Azure Security Center Setting?
Azure Security Center Setting is a resource for Security Center of Microsoft Azure. Settings can be wrote in Terraform.
Where can I find the example code for the Azure Security Center Setting?
For Terraform, the saileshkaluva/terrarepo, sdigrase2/gitpractise and Aslamlatheef/terraform source code examples are useful. See the Terraform Example section for further details.
For Azure Resource Manager, the assing/alerts-extension, assing/alerts-extension and assing/alertExtension source code examples are useful. See the Azure Resource Manager Example section for further details.