Logging and monitoring

Missing Alert for Policy Assignment Deleting

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Monitoring for delete policy assignment events gives insight into changes done in 'azure policy - assignments' and can reduce the time it takes to detect unsolicited changes.
  • Recommended Mitigation

    Under Monitor -> Alerts, create An Alert for 'Microsoft.Authorization/policyAssignments/delete'