last sync: 2024-Oct-03 17:51:34 UTC

Deploy Advanced Data Security on SQL servers

Azure BuiltIn Policy definition

Source Azure Portal
Display name Deploy Advanced Data Security on SQL servers
Id 6134c3db-786f-471e-87bc-8f479dc890f6
Version 1.3.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.3.0
Built-in Versioning [Preview]
Category SQL
Microsoft Learn
Description This policy enables Advanced Data Security on SQL Servers. This includes turning on Threat Detection and Vulnerability Assessment. It will automatically create a storage account in the same region and resource group as the SQL server to store scan results, with a 'sqlva' prefix.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Fixed
DeployIfNotExists
RBAC role(s)
Role Name Role Id
SQL Security Manager 056cd41c-7e88-42e1-933e-88ba6a50c9c3
Storage Account Contributor 17d1049b-9a84-46fb-8f53-869881c3d3ab
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Sql/securityAlertPolicies.state Microsoft.Sql
Microsoft.Sql
servers/databases/securityAlertPolicies
servers/securityAlertPolicies
properties.state
properties.state
True
True

False
False
Rule resource types IF (1)
Microsoft.Sql/servers
THEN-Deployment (3)
Microsoft.Sql/servers/securityAlertPolicies
Microsoft.Sql/servers/vulnerabilityAssessments
Microsoft.Storage/storageAccounts
Compliance Not a Compliance control
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
Enforce recommended guardrails for SQL and SQL Managed Instance Enforce-Guardrails-SQL SQL GA ALZ
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-07-22 16:34:49 change Minor (1.2.0 > 1.3.0)
2021-06-08 15:17:13 change Minor (1.1.0 > 1.2.0)
2021-04-27 15:38:15 change Minor (1.0.0 > 1.1.0)
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC