Ensure failing azure functions have email alerts configured for Azure Monitor Action Group

MEDIUM

Description

Azure Monitor Action Group does not have email alerts configured, this may make infrastructure non-compliant.

Remediation

In Azure Console -

Open the Azure Portal and go to Monitor.
Under Alerts, create Action group.
Configure Basics, Notifications, Actions, Tags and select create.

In Terraform -

In the azurerm_monitor_action_group resource, set email_receiver block.

References:
https://learn.microsoft.com/en-us/azure/azure-monitor/alerts/action-groups
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_action_group

Policy Details

Rule Reference ID: AC_AZURE_0222

CSP: Azure

Remediation Available: Yes

Domain: Compliance Validation

Resource: azurerm_monitor_action_group

Resource Category: Logging and Monitoring

Resource Type: Monitor

Frameworks

GDPR
HIPAA
NIST-800-171
NIST-800-53
NIST-CSF