🧠 Azure Subscription Microsoft Defender CSPM is not set to On - prod.logic.yaml🟢

• Contextual name: 🧠 prod.logic.yaml🟢
• ID: /ce/ca/azure/subscription/microsoft-defender-for-cspm/prod.logic.yaml
• Tags:
  • 🟢 Logic test success
  • 🟢 Logic with extracts
  • 🟢 Logic with test data

Uses

• 📗 Azure Subscription
• 🔌 Azure Defender Plan - object.extracts.yaml
• 🧪 test-data.json

Test Results 🟢

Generated at: 2025-12-17T01:31:20.240103942Z Open

Result	Id	Condition Index	Condition Text	Runtime Error
🟢	test1	✔️ 199	✔️ CA10Z1__Azure_SQL_Server_Vulnerability_Assessmnt__r.has(INCOMPLIANT)	✔️ null
🟢	test2	✔️ 299	✔️ CA10Z1__Azure_SQL_Server_Vulnerability_Assessmnt__r.has(COMPLIANT)	✔️ null
🟢	test3	✔️ 300	✔️ otherwise	✔️ null
🟢	test4	✔️ 300	✔️ otherwise	✔️ null

Generation Bundle

	File	MD5
Open	/ce/ca/azure/subscription/microsoft-defender-for-cspm/policy.yaml	F0F84101DEA1051A3AE13EB3C1DA59ED
Open	/ce/ca/azure/subscription/microsoft-defender-for-cspm/prod.logic.yaml	DE08F6581E8F935599A1CA5D44005145
Open	/ce/ca/azure/subscription/microsoft-defender-for-cspm/test-data.json	CD3FF3A8F9DEC222938B357ABD0CE8AD
Open	/types/CA10Z1__CaAzureDefenderPlan__c/object.extracts.yaml	633467A2022A23296CE19EBA90D307C4

Available Commands

repo-manager policies generate FULL /ce/ca/azure/subscription/microsoft-defender-for-cspm/prod.logic.yaml
repo-manager policies generate DEBUG /ce/ca/azure/subscription/microsoft-defender-for-cspm/prod.logic.yaml
repo-manager policies generate CAPTURE_TEST_DATA /ce/ca/azure/subscription/microsoft-defender-for-cspm/prod.logic.yaml
repo-manager policies generate TESTS /ce/ca/azure/subscription/microsoft-defender-for-cspm/prod.logic.yaml
# Execute tests
repo-manager policies test /ce/ca/azure/subscription/microsoft-defender-for-cspm/prod.logic.yaml

Content

Open File

---
inputType: "CA10__CaAzureAccount__c"
testData:
  - file: "test-data.json"
conditions:
  - status: "INCOMPLIANT"
    currentStateMessage: "Microsoft Defender CSPM is in Free tier."
    remediationMessage: "Consider enabling Defender CSPM Standard plan."
    check:
      RELATED_LIST_HAS:
        relationshipName: "CA10Z1__Azure_SQL_Server_Vulnerability_Assessmnt__r"
        status: "INCOMPLIANT"
  - status: "COMPLIANT"
    currentStateMessage: "Microsoft Defender CSPM Standard tier is enabled."
    check:
      RELATED_LIST_HAS:
        relationshipName: "CA10Z1__Azure_SQL_Server_Vulnerability_Assessmnt__r"
        status: "COMPLIANT"
otherwise:
  status: "INCOMPLIANT"
  currentStateMessage: "Microsoft Defender CSPM is not enabled."
  remediationMessage: "Consider enabling Microsoft Defender CSPM Standard plan."
relatedLists:
  - relationshipName: "CA10Z1__Azure_SQL_Server_Vulnerability_Assessmnt__r"
    importExtracts:
      - file: "/types/CA10Z1__CaAzureDefenderPlan__c/object.extracts.yaml"
    conditions:
      - status: "INAPPLICABLE"
        currentStateMessage: "Other pricing configurations."
        check:
          NOT_EQUAL:
            left: 
              EXTRACT: "CA10Z1__name__c"
            right: 
              TEXT: "CloudPosture"
      - status: "COMPLIANT"
        currentStateMessage: "This is a Standard tier."
        check:
          IS_EQUAL:
            left: 
              EXTRACT: "CA10Z1__pricingTier__c"
            right: 
              TEXT: "Standard"
      - status: "INCOMPLIANT"
        currentStateMessage: "This is a Free tier."
        remediationMessage: "Enable Defender CSPM Standard plan."
        check:
          IS_EQUAL:
            left: 
              EXTRACT: "CA10Z1__pricingTier__c"
            right: 
              TEXT: "Free"
    otherwise: 
      status: "UNDETERMINED"
      currentStateMessage: "Unexpected values in the fields."