Azure Policy Built-in definitions for Microsoft Defender for Cloud Plan 2

Perry Chandler 145 Reputation points
2023-07-13T14:28:19.13+00:00

Hi all,

I'm looking to secure our landing Zone in compliance with CIS standards.

This requires Cloud Defender for Servers Plan 2, for the feature - Security Policy and Regulatory Compliance.

I have a question though - If we were to move from Plan 2 to Plan 1 at some point:

What would happen to the Policies applied via that feature?

Would they be removed or would they just not be updated?

The Policies

https://learn.microsoft.com/en-us/azure/defender-for-cloud/policy-reference

Thanks, Perry.

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,119 questions
0 comments No comments
{count} votes

Accepted answer
  1. David Broggy 5,581 Reputation points MVP
    2023-07-13T14:39:53.84+00:00

    Hi Perry,

    Perhaps someone here will correct me, but I didn't think policies were affected by P1 vs P2, just workload protections and the non-default policies.

    So as long as you're not dependant on the regulatory compliance policies I'd say you're fine.

    Ref:

    https://learn.microsoft.com/en-us/azure/defender-for-cloud/plan-defender-for-servers-select-plan


0 additional answers

Sort by: Most helpful