last sync: 2023-Mar-21 18:43:23 UTC

Azure Policy definition

Deploy Advanced Data Security on SQL servers

Name Deploy Advanced Data Security on SQL servers
Azure Portal
Id 6134c3db-786f-471e-87bc-8f479dc890f6
Version 1.3.0
details on versioning
Category SQL
Microsoft docs
Description This policy enables Advanced Data Security on SQL Servers. This includes turning on Threat Detection and Vulnerability Assessment. It will automatically create a storage account in the same region and resource group as the SQL server to store scan results, with a 'sqlva' prefix.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Fixed
DeployIfNotExists
RBAC
Role(s)
Role Name Role Id
SQL Security Manager 056cd41c-7e88-42e1-933e-88ba6a50c9c3
Storage Account Contributor 17d1049b-9a84-46fb-8f53-869881c3d3ab
Rule
Aliases
THEN-ExistenceCondition (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Sql/securityAlertPolicies.state Microsoft.Sql
Microsoft.Sql
servers/databases/securityAlertPolicies
servers/securityAlertPolicies
properties.state
properties.state
false
false
Rule
ResourceTypes
IF (1)
Microsoft.Sql/servers
THEN-Deployment (3)
Microsoft.Sql/servers/securityAlertPolicies
Microsoft.Sql/servers/vulnerabilityAssessments
Microsoft.Storage/storageAccounts
Compliance Not a Compliance control
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-07-22 16:34:49 change Minor (1.2.0 > 1.3.0)
2021-06-08 15:17:13 change Minor (1.1.0 > 1.2.0)
2021-04-27 15:38:15 change Minor (1.0.0 > 1.1.0)
Initiatives
usage
none
JSON