Control: Ensure that Azure Defender is set to On for Container Registries
Description
Turning on Azure Defender enables threat detection for Container Registries, providing threat intelligence, anomaly detection, and behavior analytics in the Azure Security Center.
Usage
Run the control in your terminal:
powerpipe control run terraform_azure_compliance.control.securitycenter_azure_defender_on_for_containerregistrySnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run terraform_azure_compliance.control.securitycenter_azure_defender_on_for_containerregistry --shareSQL
This control uses a named query:
select address as resource, case when (attributes_std ->> 'resource_type') = 'ContainerRegistry' and (attributes_std ->> 'tier') = 'Standard' then 'ok' else 'skip' end status, split_part(address, '.', 2) || case when (attributes_std ->> 'resource_type') = 'ContainerRegistry' and (attributes_std ->> 'tier') = 'Standard' then ' Azure Defender on for Container Registry' else ' Azure Defender off for Container Registry' end || '.' reason , path || ':' || start_linefrom terraform_resourcewhere type = 'azurerm_security_center_subscription_pricing';