Control: Microsoft Defender for Containers should be enabled
Description
Microsoft Defender for Containers provides hardening, vulnerability assessment and run-time protections for your Azure, hybrid, and multi-cloud Kubernetes environments.
Usage
Run the control in your terminal:
powerpipe control run azure_compliance.control.securitycenter_azure_defender_on_for_containersSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_compliance.control.securitycenter_azure_defender_on_for_containers --shareSQL
This control uses a named query:
select sub_pricing.id as resource, case when pricing_tier = 'Standard' then 'ok' else 'alarm' end as status, case when pricing_tier = 'Standard' then 'Azure Defender on for Containers.' else 'Azure Defender off for Containers.' end as reason , sub.display_name as subscriptionfrom azure_security_center_subscription_pricing sub_pricing right join azure_subscription sub on sub_pricing.subscription_id = sub.subscription_idwhere name = 'Containers';