search

Azure / Enterprise-Scale

The Azure Landing Zones (Enterprise-Scale) architecture provides prescriptive guidance coupled with Azure best practices, and it follows design principles across the critical design areas for organizations to define their Azure architecture
https://aka.ms/alz
MIT License
1.72k stars 978 forks source link

Deploy MDFC Security Contacts v1.0 vs v2.0 #1707

Closed SharmainePopov closed 4 months ago

SharmainePopov commented 4 months ago

The policy v1.0 was reporting false negative (showing non-compliance) for case where MDFC set value matched the required parameter value for minimum severity. The same policy was recently updated to v 2.0 and the issue seems to be fixed in initial testing. Woud like confirmation that the issue was in fact address in v 2.0

Steps to reproduce

  1. deploy policy and mdfc
  2. set email address and notification sev in MDFC correctly as per policy requirement
  3. review policy compliance

Repeat for each policy v 1.0 and v 2.0 Screenshots

Springstone commented 4 months ago

@SharmainePopov yes, we've fixed this issue due to API changes that weren't made public until recently. It should work as expected as we've updated the policy to comply with the new API requirements, and this has been confirmed through testing.

I'll close this issue, but please feel free to re-open or open a new issue if you find any issues.