last sync: 2020-Dec-03 15:30:53 UTC

Azure Policy definition

Deploy Threat Detection on SQL servers

Name Deploy Threat Detection on SQL servers
Azure Portal
Id 36d49e87-48c4-4f2e-beed-ba4ed02b71f5
Version 1.1.0
details on versioning
Category SQL
Microsoft docs
Description This policy ensures that Threat Detection is enabled on SQL Servers.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Fixed: DeployIfNotExists
Used RBAC Role
Role Name Role Id
SQL Security Manager 056cd41c-7e88-42e1-933e-88ba6a50c9c3
History
Date/Time (UTC ymd) (i) Change type Change detail
2020-10-27 14:12:45 change Minor (1.0.0 > 1.1.0)
Used in Initiatives
Initiative DisplayName Initiative Id Initiative Category State
[Preview]: Enable Data Protection Suite 9cb3cc7a-b39b-4b82-bc89-e5a5d9ff7b97 Security Center Preview
[Preview]: Motion Picture Association of America (MPAA) 92646f03-e39d-47a9-9e24-58d60ef49af8 Regulatory Compliance Preview
JSON Changes

Json
{
  "properties": {
    "displayName": "Deploy Threat Detection on SQL servers",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "This policy ensures that Threat Detection is enabled on SQL Servers.",
    "metadata": {
      "version": "1.1.0",
      "category": "SQL"
    },
    "parameters": {
      
    },
    "policyRule": {
      "if": {
        "field": "type",
        "equals": "Microsoft.Sql/servers"
      },
      "then": {
        "effect": "DeployIfNotExists",
        "details": {
          "type": "Microsoft.Sql/servers/securityAlertPolicies",
          "name": "Default",
          "existenceCondition": {
            "field": "Microsoft.Sql/securityAlertPolicies.state",
            "equals": "Enabled"
          },
          "roleDefinitionIds": [
            "/providers/microsoft.authorization/roleDefinitions/056cd41c-7e88-42e1-933e-88ba6a50c9c3"
          ],
          "deployment": {
            "properties": {
              "mode": "incremental",
              "template": {
                "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
                "contentVersion": "1.0.0.0",
                "parameters": {
                  "serverName": {
                    "type": "string"
                  }
                },
                "variables": {
                  
                },
                "resources": [
                  {
                  "name": "[concat(parameters('serverName'), '/Default')]",
                    "type": "Microsoft.Sql/servers/securityAlertPolicies",
                    "apiVersion": "2017-03-01-preview",
                    "properties": {
                      "state": "Enabled",
                      "emailAccountAdmins": false
                    }
                  }
                ]
              },
              "parameters": {
                "serverName": {
                "value": "[field('name')]"
                }
              }
            }
          }
        }
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/36d49e87-48c4-4f2e-beed-ba4ed02b71f5",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "36d49e87-48c4-4f2e-beed-ba4ed02b71f5"
}