Azure Introduction
Azure Pricing
Azure Threats
No Security Contact Phone Set
More Info:
At least one security contact phone should be set.
Risk Level
Low
Address
Security
Compliance Standards
CBP
Triage and Remediation
Remediation
To remediate the “No Security Contact Phone Set” misconfiguration in Azure using the Azure console, follow these steps:
- Log in to the Azure portal (https://portal.azure.com/).
- Click on the “Security Center” icon in the left-hand menu.
- Click on the “Security policy” link in the Security Center dashboard.
- In the “Policy” blade, click on the “Edit” button.
- Scroll down to the “Security contact phone number” policy setting and click on it.
- Enable the policy by clicking on the “On” button.
- Enter a valid phone number in the “Security contact phone number” field.
- Click on the “Save” button to save the policy changes.
Once you have completed these steps, the “No Security Contact Phone Set” misconfiguration will be remediated in Azure.
To remediate the misconfiguration “No Security Contact Phone Set” for AZURE using AZURE CLI, follow these steps:
-
Open the Azure CLI on your local machine or using the Azure Cloud Shell.
-
Run the following command to check the current security contact phone number configuration:
az security contact show -
If the output shows that no phone number is set, run the following command to set the security contact phone number:
az security contact create --email <email-address> --phone <phone-number> --name <contact-name> --alert-notifications trueReplace the
<email-address>,<phone-number>, and<contact-name>placeholders with the appropriate values. -
After running the command, verify that the security contact phone number has been set by running the following command:
az security contact showThe output should show the updated security contact information.
By following these steps, you have successfully remediated the “No Security Contact Phone Set” misconfiguration for AZURE using AZURE CLI.
To remediate the misconfiguration of “No Security Contact Phone Set” in Azure using Python, you can use the Azure SDK for Python. Here are the steps to follow:
-
Install the Azure SDK for Python using the following command:
pip install azure-mgmt-monitor -
Import the necessary modules and authenticate with Azure using your credentials:
from azure.common.credentials import UserPassCredentials from azure.mgmt.monitor import MonitorManagementClient # Replace the values with your actual credentials credentials = UserPassCredentials( '[email protected]', 'your-password' ) subscription_id = 'your-subscription-id' # Create the MonitorManagementClient object monitor_client = MonitorManagementClient( credentials, subscription_id ) -
Get the list of all the action groups in your Azure account:
action_groups = monitor_client.action_groups.list() -
Check if any of the action groups have a phone number set:
for action_group in action_groups: if action_group.sms_receivers: print(f"Phone number set for {action_group.name}") else: print(f"No phone number set for {action_group.name}") -
If you find an action group with no phone number set, update it with a valid phone number:
for action_group in action_groups: if not action_group.sms_receivers: action_group.sms_receivers = ["+1XXXYYYZZZZ"] # Replace with your phone number monitor_client.action_groups.create_or_update( action_group.resource_group_name, action_group.name, action_group ) print(f"Phone number set for {action_group.name}")
By following these steps, you can remediate the misconfiguration of “No Security Contact Phone Set” in Azure using Python.