v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Powerpipe Hub 
Hub
Mods
turbot/azure_compliance
Overview
13Dashboards
1311Controls
430Queries
2Variables
GitHub

Control: 2.12 Ensure Any of the ASC Default Policy Setting is Not Set to 'Disabled'

Description

None of the settings offered by ASC Default policy should be set to effect Disabled. A security policy defines the desired configuration of your workloads and helps ensure compliance with company or regulatory security requirements. ASC Default policy is associated with every subscription by default. ASC default policy assignment is set of security recommendations based on best practices.

Enabling recommendations in ASC default policy ensures that Azure security center provides ability to monitor all of the supported recommendations and allow automated action optionally for few of the supported recommendations.

Remediation

From Console

Perform the following action to check ASC Default policy is set to enabled:

  1. Navigate to Azure Policy
  2. On Policy "Overview" blade, Click on Policy ASC Default(<Subscription:Subscription_ID>)
  3. On "ASC Default" blade, Click on Edit Assignments
  4. In section PARAMETERS, configure the impacted setting to any other available value than Disabled or empty
  5. Click Save

Usage

Run the control in your terminal:

powerpipe control run azure_compliance.control.cis_v140_2_12

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run azure_compliance.control.cis_v140_2_12 --share

SQL

This control uses a named query:

securitycenter_asc_default_setting_not_disabled

Tags

category = Compliance
cis = true
cis_item_id = 2.12
cis_level = 1
cis_section_id = 2
cis_type = automated
cis_version = v1.4.0
plugin = azure
service = Azure/SecurityCenter