Enterprise-Scale icon indicating copy to clipboard operation
Enterprise-Scale copied to clipboard
verified publisher icon Azure

Updating exemption for securityContacts to reflect the expected, as of both MCSB and what the policy deploys

Open JonasCordsen opened this issue 11 months ago • 6 comments

Updating exemption for securityContacts to reflect the expected, as of both MCSB and what the policy deploys

Overview/Summary

The securityContacts does not evaluate if the notificationsByRole is set, so if previous settings had been made, this policy would be compliant, but he audit from MCSB would be non-compliant

This PR fixes/adds/changes/removes

  1. Adding an existenceCondition to ensure that notificationsByRole state is on and that in contains the role Owner

Breaking Changes

  1. None

Testing Evidence

Adding the definition to my own branch, and ensuring the when to non-compliant and that a remediation of the policy caused the subscriptions to become compliant

Testing URLs

The below URLs can be updated where the placeholders are, look for {YOUR GITHUB BRANCH NAME HERE - Remove Curly Brackets Also} & {YOUR GITHUB BRANCH NAME HERE - Remove Curly Brackets Also}, to allow you to test your portal deployment experience.

Please also replace the curly brackets on the placeholders {}

Azure Public

Deploy To Azure

Azure US Gov (Fairfax)

Deploy To Azure

As part of this Pull Request I have

  • [x] Checked for duplicate Pull Requests
  • [x] Associated it with relevant issues, for tracking and closure.
  • [x] Ensured my code/branch is up-to-date with the latest changes in the main branch
  • [x] Performed testing and provided evidence.
  • [x] Ensured contribution guidance is followed.
  • [x] Updated relevant and associated documentation.
  • [x] Updated the "What's New?" wiki page (located: /docs/wiki/whats-new.md)

JonasCordsen avatar Feb 06 '25 12:02 JonasCordsen

@Springstone Hey, j just updated with a another linter so it follows what you require, so need a new review :)

JonasCordsen avatar Feb 08 '25 16:02 JonasCordsen

@jtracey93, @Springstone Hello Jack and Sacha, hoping to get this reviewed when possible, can one of you maybe take a look? Or for at start letting the linters run? xD

JonasCordsen avatar Feb 28 '25 07:02 JonasCordsen

@Springstone and/or @jtracey93

Any change that one of you can take a look at this PR? :)

JonasCordsen avatar Jul 03 '25 10:07 JonasCordsen

@JonasCordsen apologies for the delay in getting back to you. A lot of change is impacting our focus. There are additional changes required to this policy for it to be effective, so will review soonest. Also ensure any changes are documented in What's New please.

Springstone avatar Jul 23 '25 11:07 Springstone

Hello @Springstone Thank you for getting back to me. I completely understand that there are a lot of demands on your time :)

If there is anything I can do or change in this, please let me know I will gladly make the required change to help speeding this change up

JonasCordsen avatar Jul 28 '25 06:07 JonasCordsen