Merge pull request #1836 from alphadev4/SAAS-21769/Az-realtime-triggers-a-b-c-d

mehakseedat63 · web-flow · commit c584a5b57762 · 2024-01-24T22:10:03.000+05:00
Saas 21769/az realtime triggers a b c d
diff --git a/package.json b/package.json
@@ -60,7 +60,7 @@
     "tty-table": "^4.1.3"
   },
   "devDependencies": {
-    "chai": "^4.2.0",
+    "chai": "4.2.0",
     "eslint": "^6.8.0",
     "mocha": "^6.1.4",
     "nodemon": "^1.19.4",
diff --git a/plugins/azure/appConfigurations/appConfigManagedIdentity.js b/plugins/azure/appConfigurations/appConfigManagedIdentity.js
@@ -10,6 +10,7 @@ module.exports = {
     link: 'https://learn.microsoft.com/en-us/azure/azure-app-configuration/overview-managed-identity',
     recommended_action: 'Modify App Configuration store and add managed identity.',
     apis: ['appConfigurations:list'],
+    realtime_triggers: ['microsoftappconfiguration:configurationstores:write','microsoftappconfiguration:configurationstores:delete'],
 
     run: function(cache, settings, callback) {
         var results = [];
diff --git a/plugins/azure/appConfigurations/appConfigurationDiagnosticLogs.js b/plugins/azure/appConfigurations/appConfigurationDiagnosticLogs.js
@@ -10,7 +10,7 @@ module.exports = {
     recommended_action: 'Enable diagnostic logging for all App Configurations.',
     link: 'https://learn.microsoft.com/en-us/azure/azure-app-configuration/monitor-app-configuration?tabs=portal#monitoringdata',
     apis: ['appConfigurations:list','diagnosticSettings:listByAppConfigurations'],
-
+    realtime_triggers: ['microsoftappconfiguration:configurationstores:write','microsoftinsights:diagnosticsettings:write','microsoftinsights:diagnosticsettings:delete','microsoftappconfiguration:configurationstores:delete'],
     run: function(cache, settings, callback) {
         var results = [];
         var source = {};
diff --git a/plugins/azure/appConfigurations/appConfigurationPublicAccess.js b/plugins/azure/appConfigurations/appConfigurationPublicAccess.js
@@ -10,6 +10,7 @@ module.exports = {
     link: 'https://learn.microsoft.com/en-us/azure/azure-app-configuration/howto-disable-public-access?tabs=azure-portal',
     recommended_action: 'Modify App Configuration and disable public access.',
     apis: ['appConfigurations:list'],
+    realtime_triggers: ['microsoftappconfiguration:configurationstores:write','microsoftappconfiguration:configurationstores:delete'],
 
     run: function(cache, settings, callback) {
         var results = [];
diff --git a/plugins/azure/applicationGateway/agPreventionModeEnabled.js b/plugins/azure/applicationGateway/agPreventionModeEnabled.js
@@ -10,6 +10,7 @@ module.exports = {
     recommended_action: 'Modify application gateway WAF policy and enable prevention mode.',
     link: 'https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/ag-overview',
     apis: ['wafPolicies:listAll'],
+    realtime_triggers: ['microsoftnetwork:applicationgateways:write','microsoftnetwork:applicationgateways:delete','microsoftnetwork:applicationgatewaywebapplicationfirewallpolicies:write','microsoftnetwork:applicationgatewaywebapplicationfirewallpolicies:delete'],
 
     run: function(cache, settings, callback) {
         const results = [];
diff --git a/plugins/azure/applicationGateway/agRequestBodyInspection.js b/plugins/azure/applicationGateway/agRequestBodyInspection.js
@@ -10,6 +10,7 @@ module.exports = {
     recommended_action: 'Modify application gateway WAF policy and enable request body inspection in policy settings.',
     link: 'https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/application-gateway-waf-request-size-limits#request-body-inspection',
     apis: ['wafPolicies:listAll'],
+    realtime_triggers: ['microsoftnetwork:applicationgateways:write','microsoftnetwork:applicationgateways:delete','microsoftnetwork:applicationgatewaywebapplicationfirewallpolicies:write','microsoftnetwork:applicationgatewaywebapplicationfirewallpolicies:delete'],
 
     run: function(cache, settings, callback) {
         const results = [];
diff --git a/plugins/azure/applicationGateway/agSecurityLoggingEnabled.js b/plugins/azure/applicationGateway/agSecurityLoggingEnabled.js
@@ -10,6 +10,7 @@ module.exports = {
     recommended_action: 'Modify Application Gateway and add diagnostic settings for Access and Firewall Logs.',
     link: 'https://learn.microsoft.com/en-us/azure/application-gateway/application-gateway-diagnostics',
     apis: ['applicationGateway:listAll', 'diagnosticSettings:listByApplicationGateways'],
+    realtime_triggers: ['microsoftnetwork:applicationgateways:write','microsoftnetwork:applicationgateways:delete','microsoftinsights:diagnosticsettings:write','microsoftinsights:diagnosticsettings:delete'],
 
     run: function(cache, settings, callback) {
         const results = [];
diff --git a/plugins/azure/applicationGateway/agSslPolicy.js b/plugins/azure/applicationGateway/agSslPolicy.js
@@ -10,6 +10,7 @@ module.exports = {
     recommended_action: 'Modify Application Gateway with latest SSL policy which supports minimum TLS version.',
     link: 'https://learn.microsoft.com/en-us/azure/application-gateway/application-gateway-ssl-policy-overview',
     apis: ['applicationGateway:listAll'],
+    realtime_triggers: ['microsoftnetwork:applicationgateways:write','microsoftnetwork:applicationgateways:delete'],
 
     run: function(cache, settings, callback) {
         const results = [];
diff --git a/plugins/azure/applicationGateway/agWafEnabled.js b/plugins/azure/applicationGateway/agWafEnabled.js
@@ -10,6 +10,7 @@ module.exports = {
     recommended_action: 'Modify application gateway and enable WAF.',
     link: 'https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/ag-overview',
     apis: ['applicationGateway:listAll'],
+    realtime_triggers: ['microsoftnetwork:applicationgateways:write','microsoftnetwork:applicationgateways:delete','microsoftnetwork:applicationgatewaywebapplicationfirewallpolicies:write','microsoftnetwork:applicationgatewaywebapplicationfirewallpolicies:delete'],
 
     run: function(cache, settings, callback) {
         const results = [];
diff --git a/plugins/azure/applicationGateway/applicationGatewayHasTags.js b/plugins/azure/applicationGateway/applicationGatewayHasTags.js
@@ -10,6 +10,7 @@ module.exports = {
     recommended_action: 'Modify application gateways and add tags.',
     link: 'https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-resources',
     apis: ['applicationGateway:listAll'],
+    realtime_triggers: ['microsoftnetwork:applicationgateways:write','microsoftnetwork:applicationgateways:delete', 'microsoftresources:tags:write'],
 
     run: function(cache, settings, callback) {
         const results = [];
diff --git a/plugins/azure/appservice/alwaysOnEnabled.js b/plugins/azure/appservice/alwaysOnEnabled.js
@@ -10,7 +10,8 @@ module.exports = {
     recommended_action: 'Enable Always On feature for Azure Web Apps',
     link: 'https://learn.microsoft.com/en-us/azure/app-service/configure-common',
     apis: ['webApps:list', 'webApps:listConfigurations'],
-
+    realtime_triggers: ['microsoftweb:sites:write','microsoftweb:sites:delete'],
+    
     run: function(cache, settings, callback) {
         var results = [];
         var source = {};
diff --git a/plugins/azure/appservice/appInsightsEnabled.js b/plugins/azure/appservice/appInsightsEnabled.js
@@ -10,6 +10,7 @@ module.exports = {
     recommended_action: 'Enable Application insights for Azure Web Apps',
     link: 'https://learn.microsoft.com/en-us/azure/azure-monitor/app/app-insights-overview',
     apis: ['webApps:list', 'webApps:listAppSettings'],
+    realtime_triggers: ['microsoftweb:sites:write','microsoftweb:sites:delete'],
 
     run: function(cache, settings, callback) {
         var results = [];
diff --git a/plugins/azure/appservice/appServiceAccessRestriction.js b/plugins/azure/appservice/appServiceAccessRestriction.js
@@ -16,7 +16,7 @@ module.exports = {
     apis_remediate: ['webApps:list', 'webApps:listConfigurations'],
     actions: {remediate:['webApps:updateconfiguration'], rollback:['webApps:updateconfiguration']},
     permissions: {remediate: ['webApps:updateconfiguration'], rollback: ['webApps:updateconfiguration']},
-    realtime_triggers: ['microsoftweb:sites:config:write'],
+    realtime_triggers: ['microsoftweb:sites:write','microsoftweb:sites:delete','microsoftweb:sites:config:write','microsoftweb:sites:config:delete'],
 
     run: function(cache, settings, callback) {
         var results = [];
diff --git a/plugins/azure/appservice/authEnabled.js b/plugins/azure/appservice/authEnabled.js
@@ -15,7 +15,7 @@ module.exports = {
     apis_remediate: ['webApps:list'],
     actions: {remediate:['webApps:updateAuthSettings'], rollback:['webApps:updateAuthSettings']},
     permissions: {remediate: ['webApps:updateAuthSettings'], rollback: ['webApps:updateAuthSettings']},
-    realtime_triggers: ['microsoftweb:sites:write'],
+    realtime_triggers: ['microsoftweb:sites:write','microsoftweb:sites:delete','microsoftweb:sites:config:write','microsoftweb:sites:config:delete'],
     compliance: {
         hipaa: 'HIPAA requires all application access to be restricted to known users ' +
                'for auditing and security controls.',
diff --git a/plugins/azure/appservice/automatedBackupsEnabled.js b/plugins/azure/appservice/automatedBackupsEnabled.js
@@ -10,6 +10,7 @@ module.exports = {
     recommended_action: 'Configure backup for Azure Web Apps',
     link: 'https://learn.microsoft.com/en-us/azure/app-service/manage-backup',
     apis: ['webApps:list', 'webApps:getBackupConfiguration'],
+    realtime_triggers: ['microsoftweb:sites:write','microsoftweb:sites:delete','microsoftweb:sites:config:write','microsoftweb:sites:config:delete'],
 
     run: function(cache, settings, callback) {
         var results = [];
diff --git a/plugins/azure/appservice/backupRetentionPeriod.js b/plugins/azure/appservice/backupRetentionPeriod.js
@@ -10,6 +10,7 @@ module.exports = {
     recommended_action: 'Configure backup retention period for Azure Web Apps',
     link: 'https://learn.microsoft.com/en-us/azure/app-service/manage-backup',
     apis: ['webApps:list', 'webApps:getBackupConfiguration'],
+    realtime_triggers: ['microsoftweb:sites:write','microsoftweb:sites:delete','microsoftweb:sites:config:write','microsoftweb:sites:config:delete'],
     settings: {
         webapps_backup_retention_period: {
             name: 'Backup retention period in days',
diff --git a/plugins/azure/appservice/clientCertEnabled.js b/plugins/azure/appservice/clientCertEnabled.js
@@ -10,6 +10,7 @@ module.exports = {
     recommended_action: 'Enable incoming client certificate SSL setting for all App Services.',
     link: 'https://learn.microsoft.com/en-us/azure/app-service/app-service-web-configure-tls-mutual-auth#enable-client-certificates',
     apis: ['webApps:list'],
+    realtime_triggers: ['microsoftweb:sites:write','microsoftweb:sites:delete'],
 
     run: function(cache, settings, callback) {
         const results = [];
diff --git a/plugins/azure/appservice/disableFTPDeployments.js b/plugins/azure/appservice/disableFTPDeployments.js
@@ -10,7 +10,7 @@ module.exports = {
     recommended_action: 'Disable FTP deployments in the general settings for all App Services.',
     link: 'https://learn.microsoft.com/en-us/azure/app-service/deploy-ftp?tabs=portal#enforce-ftps',
     apis: ['webApps:list', 'webApps:listConfigurations'],
-    
+    realtime_triggers: ['microsoftweb:sites:write','microsoftweb:sites:delete'],
 
     run: function(cache, settings, callback) {
         const results = [];
diff --git a/plugins/azure/appservice/ftpsOnlyAccessEnabled.js b/plugins/azure/appservice/ftpsOnlyAccessEnabled.js
@@ -10,6 +10,7 @@ module.exports = {
     recommended_action: 'Enable FTPS-only access for Azure Web Apps',
     link: 'https://learn.microsoft.com/en-us/azure/app-service/deploy-ftp?tabs=portal#enforce-ftps',
     apis: ['webApps:list', 'webApps:listConfigurations'],
+    realtime_triggers: ['microsoftweb:sites:write','microsoftweb:sites:delete'],
 
     run: function(cache, settings, callback) {
         var results = [];
diff --git a/plugins/azure/appservice/http20Enabled.js b/plugins/azure/appservice/http20Enabled.js
@@ -15,7 +15,7 @@ module.exports = {
     apis_remediate: ['webApps:list'],
     actions: {remediate:['webApps:updateConfiguration'], rollback:['webApps:updateConfiguration']},
     permissions: {remediate: ['webApps:updateConfiguration'], rollback: ['webApps:updateConfiguration']},
-    realtime_triggers: ['microsoftweb:sites:write'],
+    realtime_triggers: ['microsoftweb:sites:write','microsoftweb:sites:delete'],
 
     run: function(cache, settings, callback) {
         const results = [];
diff --git a/plugins/azure/appservice/httpsOnlyEnabled.js b/plugins/azure/appservice/httpsOnlyEnabled.js
@@ -16,7 +16,7 @@ module.exports = {
     apis_remediate: ['webApps:list'],
     actions: {remediate:['webApps:write'], rollback:['webApps:write']},
     permissions: {remediate: ['webApps:write'], rollback: ['webApps:write']},
-    realtime_triggers: ['microsoftweb:sites:write'],
+    realtime_triggers: ['microsoftweb:sites:write','microsoftweb:sites:delete'],
     compliance: {
         hipaa: 'HIPAA requires all data to be transmitted over secure channels. ' +
                 'App Service HTTPS redirection should be used to ensure site visitors ' +
diff --git a/plugins/azure/appservice/identityEnabled.js b/plugins/azure/appservice/identityEnabled.js
@@ -16,7 +16,7 @@ module.exports = {
     apis_remediate: ['webApps:list'],
     actions: {remediate:['webApps:update'], rollback:['webApps:update']},
     permissions: {remediate: ['webApps:update'], rollback: ['webApps:update']},
-    realtime_triggers: ['microsoftweb:sites:write'],
+    realtime_triggers: ['microsoftweb:sites:write','microsoftweb:sites:delete'],
 
     run: function(cache, settings, callback) {
         const results = [];
diff --git a/plugins/azure/appservice/javaVersion.js b/plugins/azure/appservice/javaVersion.js
@@ -18,6 +18,7 @@ module.exports = {
             regex: '[0-9.]{2,5}'
         }
     },
+    realtime_triggers: ['microsoftweb:sites:write','microsoftweb:sites:delete'],
 
     run: function(cache, settings, callback) {
         const config = {
diff --git a/plugins/azure/appservice/netFrameworkVersion.js b/plugins/azure/appservice/netFrameworkVersion.js
@@ -18,6 +18,8 @@ module.exports = {
             regex: '[0-9.]{2,5}'
         }
     },
+    realtime_triggers: ['microsoftweb:sites:write','microsoftweb:sites:delete'],
+
     run: function(cache, settings, callback) {
         const config = {
             latestNetFrameworkVersion: settings.latestNetFrameworkVersion || this.settings.latestNetFrameworkVersion.default
diff --git a/plugins/azure/appservice/phpVersion.js b/plugins/azure/appservice/phpVersion.js
@@ -18,6 +18,8 @@ module.exports = {
             regex: '[0-9.]{2,5}'
         }
     },
+    realtime_triggers: ['microsoftweb:sites:write','microsoftweb:sites:delete'],
+
     run: function(cache, settings, callback) {
         const config = {
             latestPhpVersion: settings.latestPhpVersion || this.settings.latestPhpVersion.default
diff --git a/plugins/azure/appservice/pythonVersion.js b/plugins/azure/appservice/pythonVersion.js
@@ -18,6 +18,8 @@ module.exports = {
             regex: '[0-9.]{2,5}'
         }
     },
+    realtime_triggers: ['microsoftweb:sites:write','microsoftweb:sites:delete'],
+
 
     run: function(cache, settings, callback) {
         const config = {
diff --git a/plugins/azure/appservice/remoteDebuggingDisabled.js b/plugins/azure/appservice/remoteDebuggingDisabled.js
@@ -10,6 +10,7 @@ module.exports = {
     recommended_action: 'Remote debugging should be disabled for Azure Web Apps',
     link: 'https://learn.microsoft.com/en-us/azure/app-service/troubleshoot-dotnet-visual-studio',
     apis: ['webApps:list', 'webApps:listConfigurations'],
+    realtime_triggers: ['microsoftweb:sites:write','microsoftweb:sites:delete'],
 
     run: function(cache, settings, callback) {
         var results = [];
diff --git a/plugins/azure/appservice/scmSiteAccessRestriction.js b/plugins/azure/appservice/scmSiteAccessRestriction.js
@@ -11,6 +11,7 @@ module.exports = {
     recommended_action: 'Add access restriction rules under network settings for the scm site used by your app',
     link: 'https://learn.microsoft.com/en-us/azure/app-service/app-service-ip-restrictions#set-up-azure-functions-access-restrictions',
     apis: ['webApps:list', 'webApps:listConfigurations'],
+    realtime_triggers: ['microsoftweb:sites:write','microsoftweb:sites:delete'],
 
     run: function(cache, settings, callback) {
         var results = [];
diff --git a/plugins/azure/appservice/tlsVersionCheck.js b/plugins/azure/appservice/tlsVersionCheck.js
@@ -15,7 +15,7 @@ module.exports = {
     apis_remediate: ['webApps:list'],
     actions: {remediate:['webApps:write'], rollback:['webApps:write']},
     permissions: {remediate: ['webApps:write'], rollback: ['webApps:write']},
-    realtime_triggers: ['microsoftweb:sites:write'],
+    realtime_triggers: ['microsoftweb:sites:write','microsoftweb:sites:delete'],
     compliance: {
         pci: 'PCI requires all web applications encrypt data ' +
             'in transit. This includes using the latest TLS ' +
diff --git a/plugins/azure/appservice/webAppsADEnabled.js b/plugins/azure/appservice/webAppsADEnabled.js
@@ -10,6 +10,7 @@ module.exports = {
     recommended_action: 'Enable registration with Azure Active Directory for Azure Web Apps.',
     link: 'https://learn.microsoft.com/en-us/azure/app-service/overview-managed-identity?tabs=portal%2Chttp#add-a-system-assigned-identity',
     apis: ['webApps:list'],
+    realtime_triggers: ['microsoftweb:sites:write','microsoftweb:sites:delete'],
 
     run: function(cache, settings, callback) {
         var results = [];
diff --git a/plugins/azure/automationAccounts/automationAcctDiagnosticLogs.js b/plugins/azure/automationAccounts/automationAcctDiagnosticLogs.js
@@ -10,6 +10,7 @@ module.exports = {
     recommended_action: 'Enable diagnostic logging for all Automation accounts.',
     link: 'https://learn.microsoft.com/en-us/azure/automation/automation-manage-send-joblogs-log-analytics#azure-automation-diagnostic-settings',
     apis: ['automationAccounts:list', 'diagnosticSettings:listByAutomationAccounts'],
+    realtime_triggers: ['microsoftautomation:automationaccounts:write','microsoftautomation:automationaccounts:delete','microsoftinsights:diagnosticsettings:write','microsoftinsights:diagnosticsettings:delete'],
     settings: {
         diagnostic_logs: {
             name: 'Diagnostic Logs Enabled',
diff --git a/plugins/azure/automationAccounts/automationAcctManagedIdentity.js b/plugins/azure/automationAccounts/automationAcctManagedIdentity.js
@@ -10,6 +10,7 @@ module.exports = {
     recommended_action: 'Modify automation account and enable managed identity.',
     link: 'https://learn.microsoft.com/en-us/azure/automation/quickstarts/enable-managed-identity',
     apis: ['automationAccounts:list'],
+    realtime_triggers: ['microsoftautomation:automationaccounts:write','microsoftautomation:automationaccounts:delete','microsoftautomation:automationaccounts:runbooks:write','microsoftautomation:automationaccounts:runbooks:delete'],
 
     run: function(cache, settings, callback) {
         const results = [];
diff --git a/plugins/azure/bastion/bastionHostExists.js b/plugins/azure/bastion/bastionHostExists.js
@@ -10,6 +10,7 @@ module.exports = {
     recommended_action: 'Create an Azure Bastion Host in azure account.',
     link: 'https://learn.microsoft.com/en-us/azure/bastion/bastion-overview',
     apis: ['bastionHosts:listAll'],
+    realtime_triggers: ['microsoftnetwork:bastionhosts:write','microsoftnetwork:bastionhosts:delete'],
 
     run: function(cache, settings, callback) {
         var results = [];
diff --git a/plugins/azure/blobservice/blobContainersPrivateAccess.js b/plugins/azure/blobservice/blobContainersPrivateAccess.js
@@ -22,7 +22,7 @@ module.exports = {
     apis_remediate: ['storageAccounts:list'],
     actions: {remediate:['blobContainers:update'], rollback:['blobContainers:update']},
     permissions: {remediate: ['blobContainers:update'], rollback: ['blobContainers:update']},
-    realtime_triggers: ['microsoftstorage:storageaccounts:blobservices:containers:write'],
+    realtime_triggers: ['microsoftstorage:storageaccounts:blobservices:containers:write','microsoftstorage:storageaccounts:blobservices:containers:delete'],
 
     run: function(cache, settings, callback) {
         const results = [];
diff --git a/plugins/azure/blobservice/blobServiceImmutable.js b/plugins/azure/blobservice/blobServiceImmutable.js
@@ -15,6 +15,7 @@ module.exports = {
         hipaa: 'Blob immutability preserves the integrity of stored data and protects against ' +
             'accidental or malicious destruction.'
     },
+    realtime_triggers: ['microsoftstorage:storageaccounts:blobservices:containers:write','microsoftstorage:storageaccounts:blobservices:containers:delete'],
 
     run: function(cache, settings, callback) {
         var results = [];
diff --git a/plugins/azure/cdnprofiles/detectInsecureCustomOrigin.js b/plugins/azure/cdnprofiles/detectInsecureCustomOrigin.js
@@ -18,6 +18,7 @@ module.exports = {
                 'Secure CDN origins should be used to ensure traffic between ' +
                 'the Azure CDN and backend service is encrypted.'
     },
+    realtime_triggers: ['microsoftcdn:profiles:write','microsoftcdn:profiles:delete','microsoftcdn:profiles:endpoints:write','microsoftcdn:profiles:endpoints:delete'],
 
     run: function(cache, settings, callback) {
         const results = [];
diff --git a/plugins/azure/cdnprofiles/endpointLoggingEnabled.js b/plugins/azure/cdnprofiles/endpointLoggingEnabled.js
@@ -10,6 +10,7 @@ module.exports = {
     recommended_action: 'Ensure that diagnostic logging is enabled for each CDN endpoint for each CDN profile',
     link: 'https://learn.microsoft.com/en-us/azure/cdn/cdn-azure-diagnostic-logs',
     apis: ['profiles:list', 'endpoints:listByProfile', 'diagnosticSettings:listByEndpoint'],
+    realtime_triggers: ['microsoftcdn:profiles:write','microsoftcdn:profiles:delete','microsoftcdn:profiles:endpoints:write','microsoftcdn:profiles:endpoints:delete','microsoftinsights:diagnosticsettings:write','microsoftinsights:diagnosticsettings:write'],
 
     run: function(cache, settings, callback) {
         const results = [];
diff --git a/plugins/azure/containerregistry/acrAdminUser.js b/plugins/azure/containerregistry/acrAdminUser.js
@@ -10,6 +10,7 @@ module.exports = {
     recommended_action: 'Ensure that the admin user is disabled for each container registry.',
     link: 'https://learn.microsoft.com/en-us/azure/container-registry/container-registry-authentication',
     apis: ['registries:list'],
+    realtime_triggers: ['microsoftcontainerregistry:registries:write','microsoftcontainerregistry:registries:delete'],
 
     run: function(cache, settings, callback) {
         var results = [];
diff --git a/plugins/azure/containerregistry/acrAnonymousPullAccessEnabled.js b/plugins/azure/containerregistry/acrAnonymousPullAccessEnabled.js
@@ -10,7 +10,8 @@ module.exports = {
     recommended_action: 'Modify container registry and disable anonymous pull access.',
     link: 'https://learn.microsoft.com/en-us/azure/container-registry/anonymous-pull-access',
     apis: ['registries:list'],
-
+    realtime_triggers: ['microsoftcontainerregistry:registries:write','microsoftcontainerregistry:registries:delete'],
+    
     run: function(cache, settings, callback) {
         var results = [];
         var source = {};
diff --git a/plugins/azure/containerregistry/acrCMKEncryption.js b/plugins/azure/containerregistry/acrCMKEncryption.js
@@ -10,6 +10,7 @@ module.exports = {
     recommended_action: 'Create new container registry with Premium SKU and enable CMK encryption.',
     link: 'https://learn.microsoft.com/en-us/azure/container-registry/tutorial-customer-managed-keys',
     apis: ['registries:list'],
+    realtime_triggers: ['microsoftcontainerregistry:registries:write','microsoftcontainerregistry:registries:delete'],
 
     run: function(cache, settings, callback) {
         const results = [];
diff --git a/plugins/azure/containerregistry/acrContentTrustEnabled.js b/plugins/azure/containerregistry/acrContentTrustEnabled.js
@@ -10,6 +10,7 @@ module.exports = {
     recommended_action: 'Modify your container registry and enable content trust.',
     link: 'https://learn.microsoft.com/en-us/azure/container-registry/container-registry-content-trust#enable-registry-content-trust',
     apis: ['registries:list'],
+    realtime_triggers: ['microsoftcontainerregistry:registries:write','microsoftcontainerregistry:registries:delete'],
 
     run: function(cache, settings, callback) {
         var results = [];
diff --git a/plugins/azure/containerregistry/acrHasTags.js b/plugins/azure/containerregistry/acrHasTags.js
diff --git a/plugins/azure/containerregistry/acrLogAnalyticsEnabled.js b/plugins/azure/containerregistry/acrLogAnalyticsEnabled.js
diff --git a/plugins/azure/containerregistry/acrPublicAccess.js b/plugins/azure/containerregistry/acrPublicAccess.js
diff --git a/plugins/azure/cosmosdb/automaticFailoverEnabled.js b/plugins/azure/cosmosdb/automaticFailoverEnabled.js
diff --git a/plugins/azure/cosmosdb/cosmosPublicAccessDisabled.js b/plugins/azure/cosmosdb/cosmosPublicAccessDisabled.js
diff --git a/plugins/azure/cosmosdb/cosmosdbHasTags.js b/plugins/azure/cosmosdb/cosmosdbHasTags.js
diff --git a/plugins/azure/defender/enableDefenderForAppService.js b/plugins/azure/defender/enableDefenderForAppService.js
diff --git a/plugins/azure/defender/enableDefenderForContainers.js b/plugins/azure/defender/enableDefenderForContainers.js
diff --git a/plugins/azure/defender/enableDefenderForDNS.js b/plugins/azure/defender/enableDefenderForDNS.js
diff --git a/plugins/azure/defender/enableDefenderForKeyVaults.js b/plugins/azure/defender/enableDefenderForKeyVaults.js
diff --git a/plugins/azure/defender/enableDefenderForOSRD.js b/plugins/azure/defender/enableDefenderForOSRD.js
diff --git a/plugins/azure/defender/enableDefenderForSqlServers.js b/plugins/azure/defender/enableDefenderForSqlServers.js
diff --git a/plugins/azure/defender/enableDefenderForStorage.js b/plugins/azure/defender/enableDefenderForStorage.js
diff --git a/plugins/azure/defender/enableDefenderForVMs.js b/plugins/azure/defender/enableDefenderForVMs.js
diff --git a/plugins/azure/defender/enableEndpointIntegration.js b/plugins/azure/defender/enableEndpointIntegration.js

Original file line number	Diff line number	Diff line change
`@@ -18,6 +18,7 @@ module.exports = {`
`18`	`18`	`regex: '[0-9.]{2,5}'`
`19`	`19`	`}`
`20`	`20`	`},`
	`21`	`+ realtime_triggers: ['microsoftweb:sites:write','microsoftweb:sites:delete'],`
`21`	`22`
`22`	`23`	`run: function(cache, settings, callback) {`
`23`	`24`	`const config = {`
Original file line number	Diff line number	Diff line change
`@@ -18,6 +18,8 @@ module.exports = {`
`18`	`18`	`regex: '[0-9.]{2,5}'`
`19`	`19`	`}`
`20`	`20`	`},`
	`21`	`+ realtime_triggers: ['microsoftweb:sites:write','microsoftweb:sites:delete'],`
	`22`	`+`
`21`	`23`	`run: function(cache, settings, callback) {`
`22`	`24`	`const config = {`
`23`	`25`	`latestNetFrameworkVersion: settings.latestNetFrameworkVersion \|\| this.settings.latestNetFrameworkVersion.default`