Update policy

PerfectThymeTech · Oct 7, 2024 · 97ee2ce · 97ee2ce
1 parent a4a0de0
commit 97ee2ce
Showing 1 changed file with 34 additions and 13 deletions.
diff --git a/code/definitions/root/AzurePolicyDefinitions/Dine-DefenderContacts.json b/code/definitions/root/AzurePolicyDefinitions/Dine-DefenderContacts.json
@@ -29,6 +29,19 @@
           "displayName": "Effect",
           "description": "Enable or disable the execution of the policy"
         }
+      },
+      "minimalSeverity": {
+        "type": "String",
+        "defaultValue": "High",
+        "allowedValues": [
+          "High",
+          "Medium",
+          "Low"
+        ],
+        "metadata": {
+          "displayName": "Minimal severity",
+          "description": "Defines the minimal alert severity which will be sent as email notifications"
+        }
       }
     },
     "policyRule": {
@@ -56,16 +69,12 @@
                 "contains": "[parameters('emailSecurityContact')]"
               },
               {
-                "field": "type",
-                "equals": "Microsoft.Security/securityContacts"
-              },
-              {
-                "field": "Microsoft.Security/securityContacts/alertNotifications",
-                "equals": "On"
+                "field": "Microsoft.Security/securityContacts/isEnabled",
+                "equals": true
               },
               {
-                "field": "Microsoft.Security/securityContacts/alertsToAdmins",
-                "equals": "On"
+                "field": "Microsoft.Security/securityContacts/notificationsSources[*].Alert.minimalSeverity",
+                "contains": "[parameters('minimalSeverity')]"
               }
             ]
           },
@@ -76,6 +85,9 @@
               "parameters": {
                 "emailSecurityContact": {
                   "value": "[parameters('emailSecurityContact')]"
+                },
+                "minimalSeverity": {
+                  "value": "[parameters('minimalSeverity')]"
                 }
               },
               "template": {
@@ -87,26 +99,35 @@
                     "metadata": {
                       "description": "Security contacts email address"
                     }
+                  },
+                  "minimalSeverity": {
+                    "type": "string",
+                    "metadata": {
+                      "description": "Minimal severity level reported"
+                    }
                   }
                 },
                 "variables": {},
                 "resources": [
                   {
                     "type": "Microsoft.Security/securityContacts",
                     "name": "default",
-                    "apiVersion": "2020-01-01-preview",
+                    "apiVersion": "2023-12-01-preview",
                     "properties": {
                       "emails": "[parameters('emailSecurityContact')]",
+                      "isEnabled": true,
                       "notificationsByRole": {
                         "state": "On",
                         "roles": [
                           "Owner"
                         ]
                       },
-                      "alertNotifications": {
-                        "state": "On",
-                        "minimalSeverity": "High"
-                      }
+                      "notificationsSources": [
+                        {
+                          "sourceType": "Alert",
+                          "minimalSeverity": "[parameters('minimalSeverity')]"
+                        }
+                      ]
                     }
                   }
                 ],