AzPolicyAdvertizer

last sync: 2021-Sep-24 16:09:49 UTC

Azure Policy definition

[Deprecated]: Email notifications to admins should be enabled in SQL Managed Instance advanced data security settings

Name [Deprecated]: Email notifications to admins should be enabled in SQL Managed Instance advanced data security settings
Azure Portal

Id aeb23562-188d-47cb-80b8-551f16ef9fff

Version 1.0.1-deprecated
details on versioning

Category SQL
Microsoft docs

Description Audit that 'email notification to admins and subscription owners' is enabled in SQL Managed Instance advanced threat protection settings. This setting ensures that any detections of anomalous activities on SQL Managed Instance are reported as soon as possible to the admins.

Mode Indexed

Type BuiltIn

Preview FALSE

Deprecated True

Effect Default: Disabled
Allowed: (AuditIfNotExists, Disabled)

Used RBAC Role none

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2020-08-05 13:05:29	change	Previous DisplayName: [Deprecated]: Email notifications to admins and subscription owners should be enabled in SQL Managed Instance advanced data security settings
2020-07-01 14:50:07	change	Previous DisplayName: Email notifications to admins and subscription owners should be enabled in SQL managed instance advanced data security settings

Used in Initiatives none

JSON

{
  "displayName": "[Deprecated]: Email notifications to admins should be enabled in SQL Managed Instance advanced data security settings",
  "policyType": "BuiltIn",
  "mode": "Indexed",
  "description": "Audit that 'email notification to admins and subscription owners' is enabled in SQL Managed Instance advanced threat protection settings. This setting ensures that any detections of anomalous activities on SQL Managed Instance are reported as soon as possible to the admins.",
  "metadata": {
    "version": "1.0.1-deprecated",
    "category": "SQL",
    "deprecated": true
  },
  "parameters": {
    "effect": {
      "type": "String",
      "metadata": {
        "displayName": "Effect",
        "description": "Enable or disable the execution of the policy"
      },
      "allowedValues": [
        "AuditIfNotExists",
        "Disabled"
      ],
      "defaultValue": "Disabled"
    }
  },
  "policyRule": {
    "if": {
      "field": "type",
      "equals": "Microsoft.Sql/managedInstances"
    },
    "then": {
      "effect": "[parameters('effect')]",
      "details": {
        "type": "Microsoft.Sql/managedInstances/securityAlertPolicies",
        "name": "default",
        "existenceCondition": {
          "field": "Microsoft.Sql/managedInstances/securityAlertPolicies/emailAccountAdmins",
          "equals": "true"
        }
      }
    }
  }
}