Set-CmAzSecurityCentre

Deploys Security Centre settings for the current subscription.

Completes the following:

  • Sets security centre to standard pricing for the current subscription.
  • Adds uk and nhs official policies.
  • Turns on auto provisioning and sends logging to a specified workspace.
  • Turns on threat detection integrations MCAS and WDATP.
  • Sets email addresses and phone numbers to be notified for when compromised resources are detected.

This command forms part of the Security Building Block.

Parameters

-SettingsFile

Required. (String) Settings file path for which to into a setting object.

-SettingsObject

Required. (Object) Settings object

-WhatIf

(Switch) Run the command without executing any actions, so that no changes are made. The command will output a description of actions to be performed against the affected resources in the console window. Use this option if you are unsure of the overall impact of your command and wish to review it before committing to making changes.

-Confirm

(Switch) Run the command without executing any actions, so that no changes are made. The command will output a description of actions to be performed against the affected resources in the console window. Use this option if you are unsure of the overall impact of your command and wish to review it before committing to making changes.

Usage

Example 1

1
Set-CmAzSecurityCentre -SettingsFile "c:/directory/settingsFile.yml"

Example 2

1
Set-CmAzSecurityCentre -SettingsObject $settings

Settings

Beta documentation
The following schema documentation is automatically generated as part of a recent roadmap task. There may be inaccuracies or incomplete information while we flush out bugs; please refer to the packed project settings examples where necessary.

Settings Root.

Component

component [string | null]

Value to determine what cmdlet should be dynamically loaded for these settings.

Location

location [string] Mandatory

EnableUkNhs

enableUkNhs [boolean | null]

Weither to apply the UK NHS policy definition.

Service

service [object] Mandatory

Contains dependency and publish details for service location.

Dependencies

dependencies [object]

Contains dependency details for service location.

Workspace

workspace [string]

Dependency value to fetch existing resource type.

SecurityContacts

securityContacts [object] Mandatory

List of security contact details for security alerts.

Primary

primary [object]

Primary security contact for security alerts.

Email

email [string]

Primary email contact for security alerts. Must follow email format.

Phone

phone [integer]

Primary telephone contact for security alerts.

AdditionalEmails

additionalEmails [array | null]

Additional email contacts for security alerts

Examples

The following example files are automatically generated from the settings file schema definition to show how the specification can be used in practise. Cloudmarque can accept both JSON and YAML parameter files.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
{
  "component": "string",
  "location": "string",
  "enableUkNhs": "boolean",
  "service": {
    "dependencies": {
      "workspace": "string"
    }
  },
  "securityContacts": {
    "primary": {
      "email": "string",
      "phone": 0
    },
    "additionalEmails": [
      "string"
    ]
  }
}
1
2
3
4
5
6
7
8
9
10
11
12
component: "string"    # Optional
location: "string"    # Mandatory
enableUkNhs: "boolean"    # Optional
service:     # Mandatory
  dependencies:     # Mandatory
    workspace: "string"    # Mandatory
securityContacts:     # Mandatory
  primary:     # Mandatory
    email: "string"    # Mandatory
    phone: 0    # Mandatory
  additionalEmails:     # Optional
    - "string"