AI - 61004 - Microsoft Defender for Cloud CSPM plan is enabled on all Azure subscriptions

[praneeth-0000]

No description provided.

[Copilot]

Pull request overview

Adds a new AI pillar assessment (61004) that verifies Microsoft Defender for Cloud's CSPM (CloudPosture) plan is enabled on every enabled Azure subscription, surfacing failing subscriptions in a markdown report.

Changes:

• New PowerShell test Test-Assessment-61004 that enumerates enabled subscriptions via Azure Resource Graph and checks the Microsoft.Security/pricings/CloudPosture pricing tier per subscription.
• New markdown description/remediation file for assessment 61004 following the standard <!--- Results ---> / %TestResult% split.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File	Description
src/powershell/tests/Test-Assessment.61004.ps1	Implements the new AI Cloud Posture assessment, including ARG subscription enumeration, per-subscription pricing lookup, and failed-subscription reporting.
src/powershell/tests/Test-Assessment.61004.md	Provides user-facing description, rationale, and remediation links for the new assessment.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

[alexandair]

@praneeth-0000 Please, address my feedback.

[alexandair]

Every Q2 query treats an exception as PricingTier = 'Not Found', including 403/Forbidden. The spec says “not authorised” must be surfaced as an assessment-framework permission issue, not a fail. This will produce false failures when the runner can enumerate subscriptions but lacks Security Reader on one subscription.