Merge pull request #205473 from ElazarK/governance-paid

free in preview

Author: PRMerger20

articles/defender-for-cloud/governance-rules.md

@@ -6,7 +6,7 @@ author: bmansheim
 ms.author: benmansheim
 ms.service: defender-for-cloud
 ms.topic: how-to
-ms.date: 07/03/2022
+ms.date: 07/21/2022
 ---
 # Drive your organization to remediate security recommendations with governance
 
@@ -28,7 +28,7 @@ You can then review the progress of the tasks by subscription, recommendation, o
 |Aspect|Details|
 |----|:----|
 |Release state:|Preview.<br>[!INCLUDE [Legalese](../../includes/defender-for-cloud-preview-legal-text.md)]|
-|Pricing:|Free|
+|Pricing:|Free while in preview and will be a paid service after preview|
 |Required roles and permissions:|Azure - **Contributor**, **Security Admin**, or **Owner** on the subscription<br>AWS, GCP – **Contributor**, **Security Admin**, or **Owner** on the connector|
 |Clouds:|:::image type="icon" source="./media/icons/yes-icon.png"::: Commercial clouds<br>:::image type="icon" source="./media/icons/no-icon.png"::: National (Azure Government, Azure China 21Vianet)<br>:::image type="icon" source="./media/icons/yes-icon.png"::: Connected AWS accounts<br>:::image type="icon" source="./media/icons/yes-icon.png"::: Connected GCP accounts|
 
@@ -66,6 +66,9 @@ If there are existing recommendations that match the definition of the governanc
 - Assign an owner and due date to recommendations that don't already have an owner or due date.
 - Overwrite the owner and due date of existing recommendations.
 
+> [!NOTE]
+> When you delete or disable a rule, all existing assignments and notifications will remain.
+
 ## Manually assigning owners and due dates for recommendation remediation
 
 For every resource affected by a recommendation, you can assign an owner and a due date so that you know who needs to implement the security changes to improve your security posture and when they're expected to do it by. You can also apply a grace period so that the resources that are given a due date don't impact your secure score unless they become overdue.
@@ -111,15 +114,18 @@ You can track the assigned and overdue recommendations in:
 
 The governance report lets you select subscriptions that have governance rules and, for each rule and owner, shows you how many recommendations are completed, on time, overdue, or unassigned.
 
-To review the status of the recommendations in a rule:
+> [!NOTE]
+> Manual assignments will not appear on this report. To see all assignments by owner, use the Owner tab on the Security Posture page.
+
+**To review the status of the recommendations in a rule**:
 
 1. In **Recommendations**, select **Governance report (preview)**.
 1. Select the subscriptions that you want to review.
 1. Select the rules that you want to see details about.
 
 You can see the list of owners and recommendations for the selected rules, and their status.
 
-To see the list of recommendations for each owner:
+**To see the list of recommendations for each owner**:
 
 1. Select **Security posture**.
 1. Select the **Owner (preview)** tab to see the list of owners and the number of overdue recommendations for each owner.

articles/defender-for-cloud/release-notes.md

@@ -90,6 +90,8 @@ Today's increasing threats to organizations stretch the limits of security perso
 
 Now with the governance experience, security teams can assign remediation of security recommendations to the resource owners and require a remediation schedule. They can have full transparency into the progress of the remediation and get notified when tasks are overdue.
 
+This feature is free while it is in the preview phase.
+
 Learn more about the governance experience in [Driving your organization to remediate security issues with recommendation governance](governance-rules.md).
 
 ### Filter security alerts by IP address