AzPolicyAdvertizer

last sync: 2022-Dec-02 17:43:06 UTC

Azure Policy definition

Deploy Advanced Data Security on SQL servers

Name

Deploy Advanced Data Security on SQL servers
Azure Portal

6134c3db-786f-471e-87bc-8f479dc890f6

Version

1.3.0
details on versioning

Category

SQL
Microsoft docs

Description

This policy enables Advanced Data Security on SQL Servers. This includes turning on Threat Detection and Vulnerability Assessment. It will automatically create a storage account in the same region and resource group as the SQL server to store scan results, with a 'sqlva' prefix.

Mode

Indexed

Type

BuiltIn

Preview

FALSE

Deprecated

FALSE

Effect

Fixed
DeployIfNotExists

RBAC
Role(s)

Role Name	Role Id
SQL Security Manager	056cd41c-7e88-42e1-933e-88ba6a50c9c3
Storage Account Contributor	17d1049b-9a84-46fb-8f53-869881c3d3ab

Rule
Aliases

THEN-ExistenceCondition (1)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.Sql/securityAlertPolicies.state	Microsoft.Sql Microsoft.Sql	servers/databases/securityAlertPolicies servers/securityAlertPolicies	properties.state properties.state	false false

Rule
ResourceTypes

IF (1)
Microsoft.Sql/servers
THEN-Deployment (3)
Microsoft.Sql/servers/securityAlertPolicies
Microsoft.Sql/servers/vulnerabilityAssessments
Microsoft.Storage/storageAccounts

Compliance

Not a Compliance control

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2022-07-22 16:34:49	change	Minor (1.2.0 > 1.3.0)
2021-06-08 15:17:13	change	Minor (1.1.0 > 1.2.0)
2021-04-27 15:38:15	change	Minor (1.0.0 > 1.1.0)

Initiatives
usage

none

JSON
changes

Visual JSON JSON (Annotated)

Show unchanged values

JSON

AzPolicyAdvertizer

Azure Policy definition

Deploy Advanced Data Security on SQL servers

JSON Left

JSON Right