AzPolicyAdvertizer

last sync: 2025-Jul-29 17:42:17 UTC

Synapse workspaces with SQL auditing to storage account destination should be configured with 90 days retention or higher

Azure BuiltIn Policy definition

Source Azure Portal
Display name Synapse workspaces with SQL auditing to storage account destination should be configured with 90 days retention or higher
Id 529ea018-6afc-4ed4-95bd-7c9ee47b00bc
Version 2.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
2.0.0
Built-in Versioning [Preview]
Category Synapse
Microsoft Learn
Description For incident investigation purposes, we recommend setting the data retention for your Synapse workspace' SQL auditing to storage account destination to at least 90 days. Confirm that you are meeting the necessary retention rules for the regions in which you are operating. This is sometimes required for compliance with regulatory standards.
Cloud environments AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown
Available in AzUSGov Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases THEN-ExistenceCondition (3)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Synapse/workspaces/auditingSettings/isAzureMonitorTargetEnabled Microsoft.Synapse workspaces/auditingSettings properties.isAzureMonitorTargetEnabled True False
Microsoft.Synapse/workspaces/auditingSettings/retentionDays Microsoft.Synapse workspaces/auditingSettings properties.retentionDays True False
Microsoft.Synapse/workspaces/auditingSettings/storageEndpoint Microsoft.Synapse workspaces/auditingSettings properties.storageEndpoint True False
Rule resource types IF (1)
Compliance
The following 1 compliance controls are associated with this Policy definition 'Synapse workspaces with SQL auditing to storage account destination should be configured with 90 days retention or higher' (529ea018-6afc-4ed4-95bd-7c9ee47b00bc)
Rows: 1-1 / 1

Columns:

Close

Columns▼Records:
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

TableFilter v0.7.3

https://www.tablefilter.com/
©2015-2025 Max Guglielmi
?
Page of 1
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
op.exp.8 Recording of the activity op.exp.8 Recording of the activity 404 not found n/a n/a 65
Initiatives usage
Rows: 1-1 / 1
Records:
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

TableFilter v0.7.3

https://www.tablefilter.com/
©2015-2025 Max Guglielmi
?
Page of 1
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn unknown
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-03-24 14:32:48 change Major (1.0.0 > 2.0.0)
2021-03-09 14:37:41 add 529ea018-6afc-4ed4-95bd-7c9ee47b00bc
JSON compare
compare mode: version left: version right:
1.0.0 → 2.0.0 RENAMED
@@ -3,9 +3,9 @@
3
  "policyType": "BuiltIn",
4
  "mode": "Indexed",
5
  "description": "For incident investigation purposes, we recommend setting the data retention for your Synapse workspace' audit to at least 90 days. Confirm that you're meeting the necessary retention rules for the regions in which you're operating. This is sometimes required for compliance with regulatory standards.",
6
  "metadata": {
7
- "version": "1.0.0",
8
  "category": "Synapse"
9
  },
10
  "parameters": {
11
  "effect": {
@@ -33,8 +33,20 @@
33
  "name": "default",
34
  "existenceCondition": {
35
  "anyOf": [
36
  {
 
 
 
 
 
 
 
 
 
 
 
 
37
  "field": "Microsoft.Synapse/workspaces/auditingSettings/retentionDays",
38
  "equals": 0
39
  },
40
  {
 
3
  "policyType": "BuiltIn",
4
  "mode": "Indexed",
5
  "description": "For incident investigation purposes, we recommend setting the data retention for your Synapse workspace' audit to at least 90 days. Confirm that you're meeting the necessary retention rules for the regions in which you're operating. This is sometimes required for compliance with regulatory standards.",
6
  "metadata": {
7
+ "version": "2.0.0",
8
  "category": "Synapse"
9
  },
10
  "parameters": {
11
  "effect": {
 
33
  "name": "default",
34
  "existenceCondition": {
35
  "anyOf": [
36
  {
37
+ "allOf": [
38
+ {
39
+ "field": "Microsoft.Synapse/workspaces/auditingSettings/isAzureMonitorTargetEnabled",
40
+ "equals": true
41
+ },
42
+ {
43
+ "field": "Microsoft.Synapse/workspaces/auditingSettings/storageEndpoint",
44
+ "equals": ""
45
+ }
46
+ ]
47
+ },
48
+ {
49
  "field": "Microsoft.Synapse/workspaces/auditingSettings/retentionDays",
50
  "equals": 0
51
  },
52
  {
JSON
api-version=2021-06-01
EPAC 
{7 items
  • displayName: "Synapse workspaces with SQL auditing to storage account destination should be configured with 90 days retention or higher",
  • policyType: "BuiltIn",
  • mode: "Indexed",
  • description: "For incident investigation purposes, we recommend setting the data retention for your Synapse workspace' SQL auditing to storage account destination to at least 90 days. Confirm that you are meeting the necessary retention rules for the regions in which you are operating. This is sometimes required for compliance with regulatory standards.",
  • metadata: {2 items
    • version: "2.0.0",
    • category: "Synapse"
    },
  • parameters: {1 item},
  • policyRule: {2 items}
}