Security Contact Email

Without a configured security contact email, critical alerts from Microsoft Defender for Cloud may go unnoticed, delaying incident response.

Microsoft will notify the security contact directly in the event of a security incident and will look to use email for notifications.

Impact

Recommended Actions

Follow the appropriate remediation steps below to resolve the issue.

Set additional security contact emails in Defender for Cloud under Environment Settings > Email notifications.

1
2
3
4
5
6
7


resource "azurerm_security_center_contact" "good_example" {
  email = "security@example.com"
  phone = "+1-555-555-5555"

  alert_notifications = true
  alerts_to_admins    = true
}

Remediation Links

https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/security_center_contact#email