How could i trigger send email in Governance Rules(preview)[MS Defender for cloud]?

ALVIN LEUNG (CLOUD-ISD-OOCLL/HKG) 166 Reputation points
2022-08-24T07:41:31.113+00:00

234385-image.png

I have added a new rule. However, how could i test if its working or not? Thanks

Docs from MSFT provided here: https://learn.microsoft.com/en-gb/azure/defender-for-cloud/governance-rules
There is no any testing guide mentioned in this doc.

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
395 questions
Microsoft Purview
Microsoft Purview
A Microsoft data governance service that helps manage and govern on-premises, multicloud, and software-as-a-service data. Previously known as Azure Purview.
470 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
737 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. James Hamil 12,976 Reputation points Microsoft Employee
    2022-08-24T22:26:09.603+00:00

    Hi @ALVIN LEUNG (CLOUD-ISD-OOCLL/HKG) , the testing steps required here depend on what the rule is. There isn't a set guide for testing, as you need to determine what you're testing for. This document is a good intro for setting up rules to work properly. For testing suggestions, this document provides a chart of common scenarios you can test for.

    You can also monitor the resource to make sure it's working properly. Please let me know if you have any questions and I can help you further.

    If this answer helped you please mark it as "Verified" so other users can reference it.

    Thank you,
    James

    1 person found this answer helpful.
  2. Marilee Turscak-MSFT 22,461 Reputation points Microsoft Employee
    2022-09-12T17:27:35.04+00:00

    Hi @ALVIN LEUNG (CLOUD-ISD-OOCLL/HKG) ,

    I tested this in my own tenant and the only way I could find to test the rules was to create the rule and wait for the minimum amount of time to pass (one week) to receive the email.

    I have raised an internal work item with the product team though, and you are welcome to create a feature request here as well for greater visibility: https://feedback.azure.com/

    As this is still a preview feature the out-of-the-box testing capabilities are limited.

    -

    If the information helped you, please accept the answer. This will help us and other community members as well.

    1 person found this answer helpful.