Enterprise-Scale icon indicating copy to clipboard operation
Enterprise-Scale copied to clipboard
verified publisher icon Azure

Feature Request Extend all alz Polices with SecurityCenter MetaData

Open timmoh opened this issue 10 months ago • 1 comments

To use alz Policies also in the Defender for Cloud the SecurtiyCenter MetaData should be included in the alz policies. Enhance custom recommendations (legacy)

"metadata": {
  "securityCenter": {
    "RemediationDescription": "Custom description goes here",
    "Severity": "High"
    },

timmoh avatar Mar 13 '25 11:03 timmoh

@timmoh thanks for posting this request. I think as the documentation indicates this is a legacy feature, and rather the recommended approach should be using the native Recommendations feature in Defender for Cloud. Also, I don't think it would be particularly helpful as most ALZ policies are configured to DENY non-compliant deployment of resources.

However, I do think its a good idea to review the opportunity to introduce ALZ Recommendations in Defender for Cloud (native), but this will require some investigation, as there are already quite comprehensive standards like CIS Microsoft Azure Foundations Benchmark v2.0.0 - that are largely aligned with our policies..

Springstone avatar Mar 14 '25 08:03 Springstone