github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/azure/securitycenter/enable_standard_subscription.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/azure/securitycenter/enable_standard_subscription.go (about)

     1  package securitycenter
     2  
     3  import (
     4  	"github.com/khulnasoft-lab/defsec/internal/rules"
     5  	"github.com/khulnasoft-lab/defsec/pkg/providers"
     6  	"github.com/khulnasoft-lab/defsec/pkg/providers/azure/securitycenter"
     7  	"github.com/khulnasoft-lab/defsec/pkg/scan"
     8  	"github.com/khulnasoft-lab/defsec/pkg/severity"
     9  	"github.com/khulnasoft-lab/defsec/pkg/state"
    10  )
    11  
    12  var CheckEnableStandardSubscription = rules.Register(
    13  	scan.Rule{
    14  		AVDID:      "AVD-AZU-0045",
    15  		Provider:   providers.AzureProvider,
    16  		Service:    "security-center",
    17  		ShortCode:  "enable-standard-subscription",
    18  		Summary:    "Enable the standard security center subscription tier",
    19  		Impact:     "Using free subscription does not enable Azure Defender for the resource type",
    20  		Resolution: "Enable standard subscription tier to benefit from Azure Defender",
    21  		Explanation: `To benefit from Azure Defender you should use the Standard subscription tier.
    22  			
    23  			Enabling Azure Defender extends the capabilities of the free mode to workloads running in private and other public clouds, providing unified security management and threat protection across your hybrid cloud workloads.`,
    24  		Links: []string{
    25  			"https://docs.microsoft.com/en-us/azure/security-center/security-center-pricing",
    26  		},
    27  		Terraform: &scan.EngineMetadata{
    28  			GoodExamples:        terraformEnableStandardSubscriptionGoodExamples,
    29  			BadExamples:         terraformEnableStandardSubscriptionBadExamples,
    30  			Links:               terraformEnableStandardSubscriptionLinks,
    31  			RemediationMarkdown: terraformEnableStandardSubscriptionRemediationMarkdown,
    32  		},
    33  		Severity: severity.Low,
    34  	},
    35  	func(s *state.State) (results scan.Results) {
    36  		for _, sub := range s.Azure.SecurityCenter.Subscriptions {
    37  			if sub.Metadata.IsUnmanaged() {
    38  				continue
    39  			}
    40  			if sub.Tier.EqualTo(securitycenter.TierFree) {
    41  				results.Add(
    42  					"Security center subscription uses the free tier.",
    43  					sub.Tier,
    44  				)
    45  			} else {
    46  				results.AddPassed(&sub)
    47  			}
    48  		}
    49  		return
    50  	},
    51  )