Security Center settings
This article provides an overview of settings in Security Center.
The following settings can be reached under Security Policy:
- Data collection: Determines agent provisioning and data collection settings.
- Security policy: Determines which controls Security Center monitors and recommends. You can edit the security policy in Security Center. You can also use Azure Policy to create new definitions, define additional policies, and assign policies across management groups.
- Email notifications: Determines security contacts, and email notification settings.
- Pricing tier: Defines free or standard pricing selection. The tier you choose determines which Security Center features are available for resources in scope. You can specify a tier for subscriptions, resource groups, and workspaces.
You can set all of these per subscription. For Workspaces, you can set only Data collection and Pricing tier. For Resource groups you can set only Pricing tier.
Who can edit security policies?
Security Center uses Role-Based Access Control (RBAC), which provides built-in roles that can be assigned to users, groups, and services in Azure. When users open Security Center, they see only information that's related to resources they have access to. Which means that users are assigned the role of owner, contributor, or reader to the subscription or resource group that a resource belongs to. In addition to these roles, there are two specific Security Center roles:
- Security reader: Have view rights to Security Center, which includes recommendations, alerts, policy, and health, but they can't make changes.
- Security admin: Have the same view rights as security reader, and they can also update the security policy and dismiss recommendations and alerts.
In this article, you learned about security policies in Azure Security Center. To learn more about Azure Security Center, see the following articles:
- Setting security policies in Azure Security Center: Learn how to configure security policies for your Azure subscriptions and resource groups.
- Managing security recommendations in Azure Security Center: Learn how Security Center recommendations help you protect your Azure resources.
- Security health monitoring in Azure Security Center: Learn how to monitor the health of your Azure resources.
- Managing and responding to security alerts in Azure Security Center: Learn how to manage and respond to security alerts.
- Monitoring partner solutions with Azure Security Center: Learn how to monitor the health status of your partner solutions.
- Azure Security Center data security: Learn how Security Center manages and safeguards data.
- Azure Security Center FAQ: Get answers to frequently asked questions about using the service.
- Azure Security blog: Get the latest Azure security news and information.