AzPolicyAdvertizer

last sync: 2025-Jul-03 17:22:55 UTC

Configure Azure Defender to be enabled on SQL servers

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

Configure Azure Defender to be enabled on SQL servers

36d49e87-48c4-4f2e-beed-ba4ed02b71f5

Version

2.1.0
Details on versioning

Versioning

Versions supported for Versioning: 1
2.1.0
Built-in Versioning [Preview]

Category

SQL
Microsoft Learn

Description

Enable Azure Defender on your Azure SQL Servers to detect anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases.

Cloud environments

AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown

Available in AzUSGov

The Policy is available in AzureUSGovernment cloud. Version: '2.*.*'

Mode

Indexed

Type

BuiltIn

Preview

False

Deprecated

False

Effect

Fixed
DeployIfNotExists

RBAC role(s)

Role Name	Role Id
SQL Security Manager	056cd41c-7e88-42e1-933e-88ba6a50c9c3

Rule aliases

THEN-ExistenceCondition (1)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.Sql/securityAlertPolicies.state	Microsoft.Sql Microsoft.Sql	servers/databases/securityAlertPolicies servers/securityAlertPolicies	properties.state properties.state	True True		False False

Rule resource types

IF (1)

Microsoft.Sql/servers

THEN-Deployment (1)

Microsoft.Sql/servers/securityAlertPolicies

Compliance

The following 5 compliance controls are associated with this Policy definition 'Configure Azure Defender to be enabled on SQL servers' (36d49e87-48c4-4f2e-beed-ba4ed02b71f5)

Control Domain	Control	Name	MetadataId	Category	Title	Owner	Requirements	Description	Policy#
K_ISMS_P_2018	2.10.1	K_ISMS_P_2018_2.10.1	K ISMS P 2018 2.10.1	2.10	Establish Procedures for Managing the Security of System Operations	Shared	n/a	Establish and implement operating procedures for managing the security of system operations such as designating system administrators, updating policies, changing rulesets, monitoring events, managing policy implementations or exceptions.	455
K_ISMS_P_2018	2.10.2	K_ISMS_P_2018_2.10.2	K ISMS P 2018 2.10.2	2.10	Establish Protective Measures for Administrator Privileges and Security Configurations	Shared	n/a	Establish and implement protective measures with regard to administrator privileges and security configurations to ensure that important information and personal information are not exposed as a result of unauthorized access by service type or misconfigurations.	431
K_ISMS_P_2018	2.10.9	K_ISMS_P_2018_2.10.9	K ISMS P 2018 2.10.9	2.10	Implement Protective Measures Against Malicious Code	Shared	n/a	Establish and implement measures for preventing, detecting, and responding to malicious codes such as viruses, worms, trojan horses, or ransomware to protect information systems and personal information.	35
K_ISMS_P_2018	2.11.1	K_ISMS_P_2018_2.11.1	K ISMS P 2018 2.11.1	2.11	Establish Procedures for Managing Internal and External Intrusion Attempts	Shared	n/a	Establish procedures for detecting, analyzing, sharing, and effectively responding to internal and external intrusion attempts to prevent personal information leakage. Additionally, implement a framework for collaboration with relevant external agencies and experts.	82
K_ISMS_P_2018	2.11.5	K_ISMS_P_2018_2.11.5	K ISMS P 2018 2.11.5	2.11	Establish Procedures to Respond and Recover from Incidents	Shared	n/a	Establish procedures to respond and recover from incidents in a timely manner, including legal obligations for disclosing information. Additional procedures must be established and implemented to prevent recurrence.	82

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type	polSet in AzUSGov
[Preview]: Control the use of Microsoft SQL in a Virtual Enclave	0fbe78a5-1722-4f1b-83a5-89c14151fa60	VirtualEnclaves	Preview	BuiltIn	true
[Preview]: Motion Picture Association of America (MPAA)	92646f03-e39d-47a9-9e24-58d60ef49af8	Regulatory Compliance	Preview	BuiltIn	unknown
Configure Azure Defender to be enabled on SQL Servers and SQL Managed Instances	9cb3cc7a-b39b-4b82-bc89-e5a5d9ff7b97	Security Center	GA	BuiltIn	unknown
K ISMS P 2018	e0782c37-30da-4a78-9f92-50bfe7aa2553	Regulatory Compliance	GA	BuiltIn	unknown

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2021-07-30 15:17:20	change	Minor (2.0.0 > 2.1.0)
2021-01-05 16:06:49	change	Major (1.1.0 > 2.0.0)
2020-10-27 14:12:45	change	Minor (1.0.0 > 1.1.0)

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC