Send notification emails for high severity alerts
Default Severity: medium
Explanation
It is recommended that at least one valid contact is configured for the security center. Microsoft will notify the security contact directly in the event of a security incident using email and require alerting to be turned on.
Possible Impact
The ability to react to high severity notifications could be delayed
Suggested Resolution
Set alert notifications to be on
Insecure Example
The following example will fail the azure-security-center-alert-on-severe-notifications check.
resource "azurerm_security_center_contact" "bad_example" {
email = "bad_example@example.com"
phone = "+1-555-555-5555"
alert_notifications = false
alerts_to_admins = false
}
Secure Example
The following example will pass the azure-security-center-alert-on-severe-notifications check.
resource "azurerm_security_center_contact" "good_example" {
email = "good_example@example.com"
phone = "+1-555-555-5555"
alert_notifications = true
alerts_to_admins = true
}