Set security policies in Azure Security Center

This document helps you to configure security policies in Security Center by guiding you through the necessary steps to perform this task.

How security policies work?

Security Center automatically creates a default security policy for each of your Azure subscriptions. You can edit the policy in Security Center or use Azure Policy to create new definitions, define additional policies, and assign policies across Management Groups (which can represent the entire organization, a business unit in it etc.), and monitor compliance to these policies across these scopes.

Note

Azure Policy is in limited preview. Click here to join. For more information about Azure Policies read Create and manage policies to enforce compliance.

How to change security policies in Security Center?

You can edit the default security policy for each of your Azure subscriptions in Security Center. To modify a security policy, you must be an owner, contributor or Security Admin of that subscription or the containing Management Group. Sign in to the Azure portal and follow the succeeding steps to view your security polices in Security Center:

  1. In the Security Center dashboard, under General, click Security Policy.
  2. Select the subscription on which you want to enable the security policy.

    Policy Management

  3. In the POLICY COMPONENTS section, click Security policy.

    Policy components

  4. This is the default policy assigned to Security Center via Azure Policy. You can delete items that are under POLICIES AND PARAMETERS, or you can add other policy definitions that are under AVAILABLE OPTIONS. To do that, just click in the plus sign besides the definition’s name.

    Policy definitions

  5. If you want more detailed explanation about the policy, click on it and another page will open with the details, and the JSON code that has the [policy definition(https://docs.microsoft.com/azure/azure-resource-manager/resource-manager-policy#policy-definition-structure) structure:

    Json

  6. When you finish editing, click Save.

See also

In this document, you learned how to configure security policies in Azure Security Center. To learn more about Azure Security Center, see the following: