last sync: 2024-May-24 18:03:04 UTC

Deploy Advanced Data Security on SQL servers

Azure BuiltIn Policy definition

Source Azure Portal
Display name Deploy Advanced Data Security on SQL servers
Id 6134c3db-786f-471e-87bc-8f479dc890f6
Version 1.3.0
Details on versioning
Category SQL
Microsoft Learn
Description This policy enables Advanced Data Security on SQL Servers. This includes turning on Threat Detection and Vulnerability Assessment. It will automatically create a storage account in the same region and resource group as the SQL server to store scan results, with a 'sqlva' prefix.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Fixed
DeployIfNotExists
RBAC role(s)
Role Name Role Id
SQL Security Manager 056cd41c-7e88-42e1-933e-88ba6a50c9c3
Storage Account Contributor 17d1049b-9a84-46fb-8f53-869881c3d3ab
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Sql/securityAlertPolicies.state Microsoft.Sql
Microsoft.Sql
servers/databases/securityAlertPolicies
servers/securityAlertPolicies
properties.state
properties.state
false
false
Rule resource types IF (1)
Microsoft.Sql/servers
THEN-Deployment (3)
Microsoft.Sql/servers/securityAlertPolicies
Microsoft.Sql/servers/vulnerabilityAssessments
Microsoft.Storage/storageAccounts
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-07-22 16:34:49 change Minor (1.2.0 > 1.3.0)
2021-06-08 15:17:13 change Minor (1.1.0 > 1.2.0)
2021-04-27 15:38:15 change Minor (1.0.0 > 1.1.0)
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC