search

Azure / azure-policy

Repository for Azure Resource Policy built-in definitions and samples
MIT License
1.47k stars 1.07k forks source link

Email notification for high severity alerts should be enabled: Validates that email notifications are off rather than on #1318

Closed mattias-fjellstrom closed 2 months ago

mattias-fjellstrom commented 2 months ago

This is a duplicate of #1312 but since it is closed without a proper resolution I am opening a new issue.

Details of the scenario you tried and the problem that is occurring

The rule Email notification for high severity alerts should be enabled in CIS 1.1.0 is broken. We have configured 100+ subscriptions correctly and since a few weeks back every subscription is listed as non-compliant with this policy.

Verbose logs showing the problem

N/A

Suggested solution to the issue

The suggested solution in #1312 is to replace the anyOf with allOf here https://github.com/Azure/azure-policy/blob/fb3a632a61e36f32a79875c50d75f3f72d8a6c36/built-in-policies/policyDefinitions/Security%20Center/ASC_Email_notification.json#L37

If policy is Guest Configuration - details about target node

N/A

mattias-fjellstrom commented 2 months ago

I've noticed that now all subscriptions are compliant again. The policy seems to have been updated.