Logging and monitoring

Missing alert for Policy Assignment Creation

Description

Monitoring for create policy assignment events gives insight into changes done in 'azure policy - assignments' and can reduce the time it takes to detect unsolicited changes.
  • Recommended Mitigation

    Under Monitor -> Alerts, create an alert for 'Microsoft.Authorization/policyAssignments/write'.