<  Back to rules search

Azure Policy Assignment Created

azure

Classification:

compliance

Set up the azure integration.

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Goal

Detect when an Azure policy assignment has been created.

Strategy

Monitor Azure activity logs and detect when the @evt.name is equal to MICROSOFT.AUTHORIZATION/POLICYASSIGNMENTS/WRITE and @evt.outcome is equal to Success.

Triage and response

  1. Inspect the policy assignment and determine if an unsolicited change was made on any Azure resources.