Logging and monitoring

Missing Alert for Policy Assignment Creation

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Monitoring for create policy assignment events gives insight into changes done in 'azure policy - assignments' and can reduce the time it takes to detect unsolicited changes.
  • Recommended Mitigation

    Under Monitor -> Alerts, create An Alert for 'Microsoft.Authorization/policyAssignments/write'