How To Exempt The Unhealthy Resources By Automation

Ashu Kumar 0 Reputation points
2023-01-16T09:46:12.48+00:00

How To Exempt The Unhealthy Resources By Automation in Microsoft Defender For Cloud.

I'm trying to find a solution in which on a single click or just by writing the name of policy, the unhealthy resource should be exempted from the policy. and after that when we refresh the log analystic workspace the new log will appear and in that the status of unhealthy resource should be exempted.

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,491 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Givary-MSFT 35,216 Reputation points Microsoft Employee
    2023-02-02T09:48:40.7366667+00:00

    @Ashu Kumar Apologies for the delay in responding to your query. unfortunately, we don't have an automation for this ask.

    The reason is that with this kind of automation, you would basically automatically create a resource exemption for (all?) unhealthy resources just to get Secure Score up to 100%, instead of remediating those recommendations. That’s not what we would like customers to do, instead the exemption feature is meant to be a solution for customers that accept the risk for some resources, or in case they have a different solution/process in place that will remediate the recommendation’s intend. If the latter is the case in the request below, you can simply disable the particular recommendation in Defender for Cloud’s assignment.

    There are two blogs that have been published when the feature was initially released which cover automation capabilities within this scope:

    https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/resource-exemption-in-microsoft-defender-for-cloud/ba-p/1703052

    https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/how-to-keep-track-of-resource-exemptions-in-microsoft-defender/ba-p/1770580

    Let me know if you have any further questions, feel free to post back.

    Please remember to "Accept Answer" if answer helped, so that others in the community facing similar issues can easily find the solution.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.