AzPolicyAdvertizer

last sync: 2021-Jul-23 16:37:57 UTC

Azure Policy definition

SQL servers on machines should have vulnerability findings resolved

Name SQL servers on machines should have vulnerability findings resolved
Azure Portal

Id 6ba6d016-e7c3-4842-b8f2-4992ebc0d72d

Version 1.0.0
details on versioning

Category Security Center
Microsoft docs

Description SQL vulnerability assessment scans your database for security vulnerabilities, and exposes any deviations from best practices such as misconfigurations, excessive permissions, and unprotected sensitive data. Resolving the vulnerabilities found can greatly improve your database security posture.

Mode Indexed

Type BuiltIn

Preview FALSE

Deprecated FALSE

Effect Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)

Used RBAC Role none

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2021-01-05 16:06:49	add	6ba6d016-e7c3-4842-b8f2-4992ebc0d72d

Used in Initiatives

Initiative DisplayName	Initiative Id	Initiative Category	State
[Preview]: New Zealand ISM Restricted	d1a462af-7e6d-4901-98ac-61570b4ed22a	Regulatory Compliance	Preview
[Preview]: NIST SP 800-53 Rev. 5	179d1daa-458f-4e47-8086-2a68d0d6c38f	Regulatory Compliance	Preview
Azure Security Benchmark	1f3afdf9-d0c9-4c3d-847f-89da613e70a8	Security Center	GA
FedRAMP High	d5264498-16f4-418a-b659-fa7ef418175f	Regulatory Compliance	GA
FedRAMP Moderate	e95f5a9f-57ad-4d03-bb0b-b1d16db93693	Regulatory Compliance	GA
NIST SP 800-53 Rev. 4	cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f	Regulatory Compliance	GA

JSON

{
  "properties": {
    "displayName": "SQL servers on machines should have vulnerability findings resolved",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "SQL vulnerability assessment scans your database for security vulnerabilities, and exposes any deviations from best practices such as misconfigurations, excessive permissions, and unprotected sensitive data. Resolving the vulnerabilities found can greatly improve your database security posture.",
    "metadata": {
      "version": "1.0.0",
      "category": "Security Center"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "AuditIfNotExists",
          "Disabled"
        ],
        "defaultValue": "AuditIfNotExists"
      }
    },
    "policyRule": {
      "if": {
        "field": "type",
        "in": [
          "Microsoft.Compute/virtualMachines",
          "Microsoft.HybridCompute/machines"
        ]
      },
      "then": {
      "effect": "[parameters('effect')]",
        "details": {
          "type": "Microsoft.Security/assessments",
          "name": "f97aa83c-9b63-4f9a-99f6-b22c4398f936",
          "existenceCondition": {
            "field": "Microsoft.Security/assessments/status.code",
            "in": [
              "NotApplicable",
              "Healthy"
            ]
          }
        }
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/6ba6d016-e7c3-4842-b8f2-4992ebc0d72d",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "6ba6d016-e7c3-4842-b8f2-4992ebc0d72d"
}