AzPolicyAdvertizer

last sync: 2025-May-01 19:36:43 UTC

Deploy Auditing on SQL servers

Community Policy definition

Source Repository Community-Policy GitHub
JSON Community-Policy GitHub
Deploy policy a33518a2-8f6e-4a16-8a38-0481c006ef55 (1.0.0) to Azure
Display name Deploy Auditing on SQL servers
Id a33518a2-8f6e-4a16-8a38-0481c006ef55
Version 1.0.0
Details on versioning
Category SQL
Microsoft Learn
Description This policy ensures that Auditing is enabled on SQL Servers for enhanced security and compliance. It will automatically create a storage account in the same region as the SQL server to store audit records.
Mode n/a
Type Custom Community
Effect Default
DeployIfNotExists
Allowed
AuditIfNotExists, DeployIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
SQL Security Manager 056cd41c-7e88-42e1-933e-88ba6a50c9c3
Storage Account Contributor 17d1049b-9a84-46fb-8f53-869881c3d3ab
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Sql/auditingSettings.state Microsoft.Sql
Microsoft.Sql		 servers/databases/auditingSettings
servers/auditingSettings		 properties.state
properties.state		 True
True
False
False
Rule resource types IF (1)
Microsoft.Sql/servers
THEN-Deployment (2)
Microsoft.Resources/deployments
Microsoft.Sql/servers/auditingSettings
JSON
EPAC
Deploy policy a33518a2-8f6e-4a16-8a38-0481c006ef55 (1.0.0) to Azure