Framework/Configurations/SubscriptionSecurity/Subscription.InsARMAlerts.json
|
{
"Version": "2.1709.0", "AlertList": [ { "Name": "AzSDK_SQL_Alert", "Description": "Alerts for SQL", "Enabled": true, "Tags": [ "Mandatory" ], "AlertOperationList": [ { "Name": "AzSDK_Create_new_or_update_existing_server_administrator", "Description": "Create or update server administrator", "OperationName": "Microsoft.Sql/servers/administrators/write", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Delete_server_administrator", "Description": "Delete server administrator from the server", "OperationName": "Microsoft.Sql/servers/administrators/delete", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Create_new_or_update_existing_server_firewall_rule", "Description": "Create or update server firewall rule that controls IP address range allowed to connect to the server", "OperationName": "Microsoft.Sql/servers/firewallRules/write", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Delete_server_firewall_rule", "Description": "Delete firewall rule from the server", "OperationName": "Microsoft.Sql/servers/firewallRules/delete", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Terminate_the_replication_relationship", "Description": "Terminate the replication relationship forcefully or after synchronizing with the partner", "OperationName": "Microsoft.Sql/servers/databases/replicationLinks/unlink/action", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Delete_database_data_masking_policy_rule", "Description": "Delete data masking policy rule for a given database", "OperationName": "Microsoft.Sql/servers/databases/dataMaskingPolicies/rules/delete", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Change_transparent_data_encryption_state", "Description": "Enable or disable transparent data encryption for a given database", "OperationName": "Microsoft.Sql/servers/databases/transparentDataEncryption/write", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true } ] }, { "Name": "AzSDK_Services_Alert", "Description": "Alerts for Azure Services", "Enabled": true, "Tags": [ "Mandatory" ], "AlertOperationList": [ { "Name": "AzSDK_Create_or_Update_Namespace_Authorization_Rules", "Description": "Create a Namespace level Authorization Rules and update its properties. The Authorization Rules Access Rights, the Primary and Secondary Keys can be updated.", "OperationName": "Microsoft.ServiceBus/namespaces/authorizationRules/write", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Create_or_Update_Queue_Authorization_Rule", "Description": "Create Queue Authorization Rules and Update its properties. The Authorization Rules Access Rights, the Primary and Secondary Keys can be updated.", "OperationName": "Microsoft.ServiceBus/namespaces/queues/authorizationRules/write", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Create_or_Update_Topic_Authorization_Rule", "Description": "Create Topic Authorization Rules and Update its properties. The Authorization Rules Access Rights, the Primary and Secondary Keys can be updated.", "OperationName": "Microsoft.ServiceBus/namespaces/topics/authorizationRules/write", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Delete_management_locks", "Description": "Delete locks at the specified scope.", "OperationName": "Microsoft.Authorization/locks/delete", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true } ] }, { "Name": "AzSDK_Subscription_Alert", "Description": "Alerts for Subscription Activities", "Enabled": true, "Tags": [ "Mandatory" ], "AlertOperationList": [ { "Name": "AzSDK_Set_administrator", "Description": "Add or modify administrator to a subscription.", "OperationName": "Microsoft.Authorization/classicAdministrators/write", "Tags": [ "Mandatory" ], "Severity": "Critical", "Enabled": true }, { "Name": "AzSDK_Delete_administrator", "Description": "Removes the administrator from the subscription.", "OperationName": "Microsoft.Authorization/classicAdministrators/delete", "Tags": [ "Mandatory" ], "Severity": "Critical", "Enabled": true }, { "Name": "AzSDK_Delete_policy_assignment", "Description": "Delete a policy assignment at the specified scope.", "OperationName": "Microsoft.Authorization/policyAssignments/delete", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Create_role_assignment", "Description": "Create a role assignment at the specified scope.", "OperationName": "Microsoft.Authorization/roleAssignments/write", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Delete_role_assignment", "Description": "Delete a role assignment at the specified scope.", "OperationName": "Microsoft.Authorization/roleAssignments/delete", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true } ] }, { "Name": "AzSDK_Network_Alert", "Description": "Alerts for Network", "Enabled": true, "Tags": [ "Mandatory" ], "AlertOperationList": [ { "Name": "AzSDK_Create_or_Update_DNS_Zone", "Description": "Create or update a DNS zone within a resource group. Used to update the tags on a DNS zone resource. Note that this command can not be used to create or update record sets within the zone.", "OperationName": "Microsoft.Network/dnszones/write", "Tags": [ "Mandatory" ], "Severity": "Critical", "Enabled": true }, { "Name": "AzSDK_Delete_DNS_Zone", "Description": "Delete the DNS zone, in JSON format. The zone properties include tags, etag, numberOfRecordSets, and maxNumberOfRecordSets.", "OperationName": "Microsoft.Network/dnszones/delete", "Tags": [ "Mandatory" ], "Severity": "Critical", "Enabled": true }, { "Name": "AzSDK_Create_or_update_record_set_of_type_AAAA", "Description": "Create or update a record set of type ?AAAA? within a DNS zone. The records specified will replace the current records in the record set.", "OperationName": "Microsoft.Network/dnszones/AAAA/write", "Tags": [ "Mandatory" ], "Severity": "Critical", "Enabled": true }, { "Name": "AzSDK_Peer_Virtual_Networks", "Description": "Peers a virtual network with another virtual network", "OperationName": "Microsoft.Network/virtualNetworks/peer/action", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Create_or_Update_Virtual_Network_Peering", "Description": "Creates a virtual network peering or updates an existing virtual network peering", "OperationName": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Delete_Virtual_Network_Peering", "Description": "Deletes a virtual network peering", "OperationName": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Create_or_Update_Virtual_Network_Subnet", "Description": "Creates a virtual network subnet or updates an existing virtual network subnet", "OperationName": "Microsoft.Network/virtualNetworks/subnets/write", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Delete_Virtual_Network_Subnet", "Description": "Deletes a virtual network subnet", "OperationName": "Microsoft.Network/virtualNetworks/subnets/delete", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Join_Virtual_Network", "Description": "Joins a virtual network", "OperationName": "Microsoft.Network/virtualNetworks/subnets/join/action", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Create_or_Update_Network_Security_Group", "Description": "Creates a network security group or updates an existing network security group", "OperationName": "Microsoft.Network/networkSecurityGroups/write", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Delete_Network_Security_Group", "Description": "Deletes a network security group", "OperationName": "Microsoft.Network/networkSecurityGroups/delete", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Join_Network_Security_Group", "Description": "Joins a network security group", "OperationName": "Microsoft.Network/networkSecurityGroups/join/action", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Create_or_Update_Security_Rule", "Description": "Creates a security rule or updates an existing security rule", "OperationName": "Microsoft.Network/networkSecurityGroups/securityRules/write", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Delete_Security_Rule", "Description": "Deletes a security rule", "OperationName": "Microsoft.Network/networkSecurityGroups/securityRules/delete", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Create_or_Update_Route_Table", "Description": "Creates a route table or Updates an existing route table", "OperationName": "Microsoft.Network/routeTables/write", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Delete_Route_Table", "Description": "Deletes a route table definition", "OperationName": "Microsoft.Network/routeTables/delete", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Join_Route_Table", "Description": "Joins a route table", "OperationName": "Microsoft.Network/routeTables/join/action", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Create_or_Update_Route", "Description": "Creates a route or Updates an existing route", "OperationName": "Microsoft.Network/routeTables/routes/write", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Delete_Route", "Description": "Deletes a route definition", "OperationName": "Microsoft.Network/routeTables/routes/delete", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Create_or_Update_Load_Balancer_Inbound_Nat_Rule", "Description": "Creates a load balancer inbound nat rule or updates an existing load balancer inbound nat rule", "OperationName": "Microsoft.Network/loadBalancers/inboundNatRules/write", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true } ] }, { "Name": "AzSDK_Web_Alert", "Description": "Alerts for Web ", "Enabled": true, "Tags": [ "Mandatory" ], "AlertOperationList": [ { "Name": "AzSDK_List_Web_App_Slot_publishing_credentials", "Description": "List Web App Slot's publishing username and password.", "OperationName": "Microsoft.Web/sites/slots/config/list/Action", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_List_Web_App_Function_Secrets", "Description": "List Web App Function Secrets.", "OperationName": "Microsoft.Web/sites/functions/listSecrets/Action", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_Delete_Certificate", "Description": "Delete an existing certificate.", "OperationName": "Microsoft.Web/certificates/Delete", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true } ] }, { "Name": "AzSDK_KeyVault_Alert", "ResourceType": "Microsoft.KeyVault/vaults", "Description": "Alerts for KeyVault", "Enabled": true, "Tags": [ "Mandatory" ], "AlertOperationList": [ { "Name": "AzSDK_Update_Key_Vault", "Description": "Create a new key vault or update the properties of an existing key vault", "OperationName": "Microsoft.KeyVault/vaults/write", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true }, { "Name": "AzSDK_View_Secret_Properties", "Description": "View the properties of a secret, but not its value", "OperationName": "Microsoft.KeyVault/vaults/secrets/read", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": true } ] }, { "Name": "AzSDK_Storage_Alert", "Description": "Alerts for Storage Account", "Enabled": true, "Tags": [ ], "AlertOperationList": [ { "Name": "AzSDK_List_Storage_Account_Keys", "Description": "Returns the access keys for the specified storage account.", "OperationName": "Microsoft.Storage/storageAccounts/listkeys/action", "Tags": [ "Mandatory" ], "Severity": "High", "Enabled": false }, { "Name": "AzSDK_Regenerate_Storage_Account_Keys", "Description": "Regenerates the access keys for the specified storage account.", "OperationName": "Microsoft.Storage/storageAccounts/regeneratekey/action", "Tags": [], "Severity": "Medium", "Enabled": true } ] } ] } |