Skip to main content

azure_microsoft_defender_security_contact resource

Use the azure_microsoft_defender_security_contact Chef InSpec audit resource to test the properties of a Microsoft Defender for Cloud Security Contact configuration.

Azure REST API version, endpoint, and HTTP client parameters

This resource interacts with API versions supported by the resource provider. You can specify the api_version as a resource parameter to use a specific version of the Azure REST API. If you don’t specify an API version, this resource uses the latest version available. For more information about API versioning, see the azure_generic_resource.

By default, this resource uses the azure_cloud global endpoint and default HTTP client settings. You can override these settings if you need to connect to a different Azure environment (such as Azure Government or Azure China). For more information about configuration options, see the resource pack README.

Syntax

describe azure_microsoft_defender_security_contact(name: 'SECURITY_CONTACT_NAME') do
  it { should exist }
end

Parameters

name
The name of the resource.

Properties

id
The ID of the resource.
name
The name of the resource.
type
The resource type.
properties.notificationsByRole.roles
Defines which RBAC roles will get email notifications from Microsoft Defender for Cloud.
properties.notificationsByRole.state
Defines whether to send email notifications from AMicrosoft Defender for Cloud to persons with specific RBAC roles on the subscription.
properties.emails
List of email addresses which will get notifications from Microsoft Defender for Cloud by the configurations defined in this security contact.
properties.phone
The security contact’s phone number.
properties.alertNotifications.state
Defines if email notifications will be sent about new security alerts.
properties.alertNotifications.minimalSeverity
Defines the minimal alert severity which will be sent as email notifications.

See the Azure documentation on Defender for Cloud Security Contact configuration for additional information. You may access any attribute in the response with the key names separated by dots (.).

Examples

Test if a name exists:

describe azure_microsoft_defender_security_contact(name: 'SECURITY_CONTACT_NAME') do
  its('name') { should eq 'SECURITY_CONTACT_NAME' }
end

Test if a type exists:

describe azure_microsoft_defender_security_contact(name: 'SECURITY_CONTACT_NAME') do
  its('type') { should eq 'Microsoft.Security/securityContacts' }
end

Test if a notification by role state exists:

describe azure_microsoft_defender_security_contact(name: 'SECURITY_CONTACT_NAME') do
  its('properties.notificationsByRole.state') { should eq 'On' }
end

Matchers

For a full list of available matchers, see our Universal Matchers page.

This resource has the following special matchers.

exists

The control passes if the filter returns at least one result.

describe azure_microsoft_defender_security_contact(name: 'SECURITY_CONTACT_NAME') do
  it { should exist }
end

Use should_not if you expect zero matches.

describe azure_microsoft_defender_security_contact(name: 'SECURITY_CONTACT_NAME') do
  it { should exist }
end

Azure permissions

Graph resources require specific privileges granted to your service principal. Please refer to the Microsoft Documentation for information on how to grant these permissions to your application.

Thank you for your feedback!

×