From 703e706135c7951af9be22113ba303b56f173a3c Mon Sep 17 00:00:00 2001 From: Laurent Date: Wed, 1 May 2019 11:34:02 +0800 Subject: [PATCH] Azure blueprint module for security center --- .gitignore | 6 ++++++ securitycenter.tf | 19 +++++++++++++++++++ variables.tf | 15 +++++++++++++++ 3 files changed, 40 insertions(+) create mode 100644 .gitignore create mode 100644 securitycenter.tf create mode 100644 variables.tf diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..8f7f3d3 --- /dev/null +++ b/.gitignore @@ -0,0 +1,6 @@ +**/.terraform +**/*.tfstate +.DS_Store +**/terraform.tfstate.d +**/terraform.tfstate.backup +**/.terraform.tfstate.lock.info \ No newline at end of file diff --git a/securitycenter.tf b/securitycenter.tf new file mode 100644 index 0000000..3c8ab78 --- /dev/null +++ b/securitycenter.tf @@ -0,0 +1,19 @@ +resource "azurerm_security_center_contact" "contact" { + email = "${var.contact_email}" + phone = "${var.contact_phone}" + + alert_notifications = true + alerts_to_admins = true +} + +resource "azurerm_security_center_subscription_pricing" "sc" { + tier = "Standard" +} + +resource "azurerm_security_center_workspace" "sc" { + scope = "${var.scope_id}" + workspace_id = "${var.workspace_id}" + + depends_on = ["azurerm_security_center_subscription_pricing.sc"] +} + diff --git a/variables.tf b/variables.tf new file mode 100644 index 0000000..4125e0b --- /dev/null +++ b/variables.tf @@ -0,0 +1,15 @@ +variable "contact_email" { + description = "(Required) Email address of the distribution list" +} + +variable "contact_phone" { + description = "(Required) Phone number of the security team" +} + +variable "scope_id" { + description = "(Required) The scope at which the Role Assignment applies too, such as /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333, /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup, or /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM." +} + +variable "workspace_id" { + description = "(Required) Azure Monitor workspace ID" +}