Logging and monitoring

Missing alert for Policy Assignment Deleting

Description

Monitoring for delete policy assignment events gives insight into changes done in 'azure policy - assignments' and can reduce the time it takes to detect unsolicited changes.
  • Recommended Mitigation

    Under Monitor -> Alerts, create an alert for 'Microsoft.Authorization/policyAssignments/delete'.