Security initiative assignment not properly shown in portal for management groups and subscriptions

Question

Hi, I have been struggling with assigning the security initiative to management group level. There seems to be an issue in the portal on the security center.
By default, we have the ASC initiative assigned to all subscriptions. I added the initiative in the portal through policies to a management group above the subscription level. When then looking in the portal, on the subscription level it is shown as 'assigned (2)' (security center -> security policy). Then I deleted the individual assignments on through azure policies (in the portal). When checking the individual subscriptions on initiative assignments, I can see that the ASC-defaults have been removed and only the initiative exists on the management group level. However, in the Security Center -> Security Policy part it still keeps at 'assigned (2)', where it should show as 'assigned (inherited)'. I also double checked using powershell, and found no ASC-assignment on the subscription level.
Any suggestions on how to resolve this?

Thanks,
Mark

Answer 1

Hi,

Thanks for picking this up! I can actually tell you that the issue has resolved itself (or someone changed something on the background of Azure). I can now see the proper assignments, after leaving the assignments rest for about a week.

FYI what I did and for visibility the issue I was seeeing:
I followed the generic available information on applying the Azure Security Center policies.
Specifically this is described in:
https://techcommunity.microsoft.com/t5/azure-security-center/centralized-policy-management-in-azure-security-center-using/ba-p/1276331
More generic: https://learn.microsoft.com/en-us/azure/security-center/onboard-management-group

See the attached screenprints: this is how the applied polices/initiatives showed in the Azure Security Center

You can close this item now as it is resolved. But may be good to verify this in a more broad way.
Best regards,
Mark