Skip to main content

azure_microsoft_defender_security_contact Resource

Use the azure_microsoft_defender_security_contact Chef InSpec audit resource to test the properties of a Microsoft Defender for Cloud Security Contact configuration.

Azure REST API Version, Endpoint, and HTTP Client Parameters

This resource interacts with API versions supported by the resource provider. The api_version can be defined as a resource parameter. If not provided, this resource uses the latest version. For more information, refer to the azure_generic_resource document.

Unless defined, this resource uses the azure_cloud global endpoint and default values for the HTTP client. For more information, refer to the resource pack README.

Install

This resource is available in the Chef InSpec Azure resource pack.

For information on configuring your Azure environment for Chef InSpec and creating an InSpec profile that uses the InSpec Azure resource pack, see the Chef InSpec documentation for the Azure cloud platform.

Syntax

describe azure_microsoft_defender_security_contact(name: 'SECURITY_CONTACT_NAME') do
  it { should exist }
end

Parameters

name
The name of the resource.

Properties

id
The ID of the resource.
name
The name of the resource.
type
The resource type.
properties.notificationsByRole.roles
Defines which RBAC roles will get email notifications from Microsoft Defender for Cloud.
properties.notificationsByRole.state
Defines whether to send email notifications from AMicrosoft Defender for Cloud to persons with specific RBAC roles on the subscription.
properties.emails
List of email addresses which will get notifications from Microsoft Defender for Cloud by the configurations defined in this security contact.
properties.phone
The security contact’s phone number.
properties.alertNotifications.state
Defines if email notifications will be sent about new security alerts.
properties.alertNotifications.minimalSeverity
Defines the minimal alert severity which will be sent as email notifications.

See the Azure documentation on Defender for Cloud Security Contact configuration for additional information. You may access any attribute in the response with the key names separated by dots (.).

Examples

Test if a name exists

describe azure_microsoft_defender_security_contact(name: 'SECURITY_CONTACT_NAME') do
  its('name') { should eq 'SECURITY_CONTACT_NAME' }
end

Test if a type exists

describe azure_microsoft_defender_security_contact(name: 'SECURITY_CONTACT_NAME') do
  its('type') { should eq 'Microsoft.Security/securityContacts' }
end

Test if a notification by role state exists

describe azure_microsoft_defender_security_contact(name: 'SECURITY_CONTACT_NAME') do
  its('properties.notificationsByRole.state') { should eq 'On' }
end

Matchers

For a full list of available matchers, see our Universal Matchers page.

This resource has the following special matchers.

exists

The control passes if the filter returns at least one result.

describe azure_microsoft_defender_security_contact(name: 'SECURITY_CONTACT_NAME') do
  it { should exist }
end

Use should_not if you expect zero matches.

describe azure_microsoft_defender_security_contact(name: 'SECURITY_CONTACT_NAME') do
  it { should exist }
end

Azure Permissions

Graph resources require specific privileges granted to your service principal. Please refer to the Microsoft Documentation for information on how to grant these permissions to your application.

Edit this page on GitHub

Thank you for your feedback!

×