AzPolicyAdvertizer

last sync: 2023-Mar-21 18:43:23 UTC

Azure Policy definition

Deploy Advanced Data Security on SQL servers

Name Deploy Advanced Data Security on SQL servers
Azure Portal
Id 6134c3db-786f-471e-87bc-8f479dc890f6
Version 1.3.0
details on versioning
Category SQL
Microsoft docs
Description This policy enables Advanced Data Security on SQL Servers. This includes turning on Threat Detection and Vulnerability Assessment. It will automatically create a storage account in the same region and resource group as the SQL server to store scan results, with a 'sqlva' prefix.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Fixed
DeployIfNotExists
RBAC
Role(s)
Role Name Role Id
SQL Security Manager 056cd41c-7e88-42e1-933e-88ba6a50c9c3
Storage Account Contributor 17d1049b-9a84-46fb-8f53-869881c3d3ab
Rule
Aliases		 THEN-ExistenceCondition (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Sql/securityAlertPolicies.state Microsoft.Sql
Microsoft.Sql		 servers/databases/securityAlertPolicies
servers/securityAlertPolicies		 properties.state
properties.state		 false
false
Rule
ResourceTypes		 IF (1)
Microsoft.Sql/servers
THEN-Deployment (3)
Microsoft.Sql/servers/securityAlertPolicies
Microsoft.Sql/servers/vulnerabilityAssessments
Microsoft.Storage/storageAccounts
Compliance Not a Compliance control
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-07-22 16:34:49 change Minor (1.2.0 > 1.3.0)
2021-06-08 15:17:13 change Minor (1.1.0 > 1.2.0)
2021-04-27 15:38:15 change Minor (1.0.0 > 1.1.0)
Initiatives
usage		 none
JSON