last sync: 2020-Dec-02 15:37:49 UTC

Azure Policy definition

Vulnerability Assessment settings for SQL server should contain an email address to receive scan reports

Name Vulnerability Assessment settings for SQL server should contain an email address to receive scan reports
Azure Portal
Id 057d6cfe-9c4f-4a6d-bc60-14420ea1f1a9
Version 2.0.0
details on versioning
Category SQL
Microsoft docs
Description Ensure that an email address is provided for the 'Send scan reports to' field in the Vulnerability Assessment settings. This email address receives scan result summary after a periodic scan runs on SQL servers.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
Used RBAC Role none
History
Date/Time (UTC ymd) (i) Change type Change detail
2020-10-27 14:12:45 change Major (1.0.0 > 2.0.0)
2019-10-03 22:58:00 add 057d6cfe-9c4f-4a6d-bc60-14420ea1f1a9
Used in Initiatives
Initiative DisplayName Initiative Id Initiative Category State
[Preview]: Australian Government ISM PROTECTED 27272c0b-c225-4cc3-b8b0-f2534b093077 Regulatory Compliance Preview
JSON Changes

Json
{
  "properties": {
    "displayName": "Vulnerability Assessment settings for SQL server should contain an email address to receive scan reports",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "Ensure that an email address is provided for the 'Send scan reports to' field in the Vulnerability Assessment settings. This email address receives scan result summary after a periodic scan runs on SQL servers.",
    "metadata": {
      "version": "2.0.0",
      "category": "SQL"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "AuditIfNotExists",
          "Disabled"
        ],
        "defaultValue": "AuditIfNotExists"
      }
    },
    "policyRule": {
      "if": {
        "field": "type",
        "equals": "Microsoft.Sql/servers"
      },
      "then": {
      "effect": "[parameters('effect')]",
        "details": {
          "type": "Microsoft.Sql/servers/vulnerabilityAssessments",
          "name": "default",
          "existenceCondition": {
            "allOf": [
              {
              "field": "Microsoft.Sql/servers/vulnerabilityAssessments/default.recurringScans.emails[*]",
                "notEquals": ""
              },
              {
                "count": {
                "field": "Microsoft.Sql/servers/vulnerabilityAssessments/default.recurringScans.emails[*]"
                },
                "notEquals": 0
              }
            ]
          }
        }
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/057d6cfe-9c4f-4a6d-bc60-14420ea1f1a9",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "057d6cfe-9c4f-4a6d-bc60-14420ea1f1a9"
}