bridgecrewio / checkov

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
https://www.checkov.io/
Apache License 2.0
7.1k stars 1.12k forks source link

feat(arm): add CKV_AZURE_87 to ensure that Azure Defender is set to On for Key Vault #6418

Closed userrut closed 3 months ago

userrut commented 4 months ago

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[//]: # "

PR Title

Be aware that we use the title to create changelog automatically and therefore only allow specific prefixes
- break:    to indicate a breaking change, this supersedes any of the types
- feat:     to indicate new features or checks
- fix:      to indicate a bugfix or handling of edge cases of existing checks
- docs:     to indicate an update to our documentation
- chore:    to indicate adjustments to workflow files or dependency updates
- platform: to indicate a change needed for the platform
Additionally a scope is needs to be added to the prefix, which indicates the targeted framework, in doubt choose 'general'.
#    
Allowed prefixs:
ansible|argo|arm|azure|bicep|bitbucket|circleci|cloudformation|dockerfile|github|gha|gitlab|helm|kubernetes|kustomize|openapi|sast|sca|secrets|serverless|terraform|general|graph|terraform_plan|terraform_json
#
ex.
feat(terraform): add CKV_AWS_123 to ensure that VPC Endpoint Service is configured for Manual Acceptance

"

Description

Add a new policy to ensure that Azure Defender is set to On for Key Vault

Fixes # (issue)

New/Edited policies (Delete if not relevant)

Description

Include a description of what makes it a violation and any relevant external links.

Fix

How does someone fix the issue in code and/or in runtime?

Checklist: