AzPolicyAdvertizer

last sync: 2025-Oct-31 18:22:59 UTC

Configure SQL servers to have auditing enabled to Event Hub

Azure BuiltIn Policy definition

Source Azure Portal
Display name Configure SQL servers to have auditing enabled to Event Hub
Id 9a04cb4d-8b47-4533-8e8e-b7a3c7742a0c
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]
Category SQL
Microsoft Learn
Description To ensure SQL operations are captured, SQL servers should have auditing enabled. This policy enables auditing and configures diagnostic settings to send SQLSecurityAuditEvents to a specified Event Hub.
Cloud environments AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown
Available in AzUSGov Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
SQL Security Manager 056cd41c-7e88-42e1-933e-88ba6a50c9c3
Log Analytics Contributor 92aaf0da-9dab-42b6-94a3-d43ce8d16293
Azure Event Hubs Data Owner f526a384-b230-433a-b45c-95f59c4a2dec
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Sql/servers/auditingSettings/state Microsoft.Sql servers/auditingSettings properties.state True True
Rule resource types IF (1)
THEN-Deployment (1)
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2025-10-29 18:23:11 add 9a04cb4d-8b47-4533-8e8e-b7a3c7742a0c
JSON compare n/a
JSON
api-version=2021-06-01
EPAC