Azure defender for subset of services/resources

Hi Muhammad,

There is no binary answer to your question. For certain resources (SQL, Storage accounts) Azure Defender currently can be (if you need granularity, assuming it is not enabled on the subscription) enabled at the resource level. For all other supported resource types you need to enable Defender at the subscription level to get full benefit of it.

Also, it's probably not ideal to have both production and non-production resources in the same subscription from manageability and security perspective. Please review: Subscription decision guide - Cloud Adoption Framework | Microsoft Docs

We are considering implementing more flexibility/options to include/exclude resources from the defender coverage but don't have any ETA to share at the moment.