Ensure standard pricing tier is selected

Error: Standard pricing tier is not selected

Bridgecrew Policy ID: BC_AZR_GENERAL_9
Checkov Check ID: CKV_AZURE_19
Severity: MEDIUM

Standard pricing tier is not selected

Description

The standard pricing tier enables threat detection for networks and virtual machines and allows greater defense-in-depth. It provides threat intelligence, anomaly detection, and behavior analytics in the Azure Security Center. Threat detection is provided by the Microsoft Security Response Center (MSRC).

Fix - Runtime

Azure Portal

To change the policy using the Azure Portal, follow these steps:

  1. Log in to the Azure Portal at https://portal.azure.com.
  2. Navigate to the Azure Security Center.
  3. Select Security policy blade.
  4. To alter the the security policy for a subscription, click Edit Settings.
  5. Select Pricing tier blade.
  6. Select Standard.
  7. Select Save.

CLI Command

To set the Pricing Tier to Standard, use the following command:

az account get-access-token
--query
"{subscription:subscription,accessToken:accessToken}"
--out tsv | xargs -L1 bash -c 'curl -X PUT -H "Authorization: Bearer $1" -H "Content-Type:
application/json"
https://management.azure.com/subscriptions/$0/providers/Microsoft.Security/pr
icings/default?api-version=2017-08-01-preview -d@"input.json"'

Where input.json contains the Request body json data, detailed below.

{
 "id":
"/subscriptions/<Your_Subscription_Id>/providers/Microsoft.Security/pricings/
default",
 "name": "default",
 "type": "Microsoft.Security/pricings",
 "properties": {
 "pricingTier": "Standard"
 }
}

Fix - Buildtime

Terraform

  • Resource: azurerm_security_center_subscription_pricing
  • Argument: tier
resource "azurerm_security_center_subscription_pricing" "example" {
 -   tier = "Free"
 +   tier = "Standard"
}