last sync: 2021-Sep-22 19:36:51 UTC

Azure Policy definition

[Deprecated]: Advanced Threat Protection types should be set to 'All' in SQL Managed Instance advanced data security settings

Name [Deprecated]: Advanced Threat Protection types should be set to 'All' in SQL Managed Instance advanced data security settings
Azure Portal
Id bda18df3-5e41-4709-add9-2554ce68c966
Version 1.0.1-deprecated
details on versioning
Category SQL
Microsoft docs
Description It's recommended to enable all Advanced Threat Protection types on your SQL Managed Instance. Enabling all types protects against SQL injection, database vulnerabilities, and any other anomalous activities.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated True
Effect Default: Disabled
Allowed: (AuditIfNotExists, Disabled)
Used RBAC Role none
History
Date/Time (UTC ymd) (i) Change type Change detail
2020-07-01 14:50:07 change Previous DisplayName: Advanced Threat Protection types should be set to 'All' in SQL managed instance Advanced Data Security settings
Used in Initiatives none
JSON
{
  "displayName": "[Deprecated]: Advanced Threat Protection types should be set to 'All' in SQL Managed Instance advanced data security settings",
  "policyType": "BuiltIn",
  "mode": "Indexed",
  "description": "It's recommended to enable all Advanced Threat Protection types on your SQL Managed Instance. Enabling all types protects against SQL injection, database vulnerabilities, and any other anomalous activities.",
  "metadata": {
    "version": "1.0.1-deprecated",
    "category": "SQL",
    "deprecated": true
  },
  "parameters": {
    "effect": {
      "type": "String",
      "metadata": {
        "displayName": "Effect",
        "description": "Enable or disable the execution of the policy"
      },
      "allowedValues": [
        "AuditIfNotExists",
        "Disabled"
      ],
      "defaultValue": "Disabled"
    }
  },
  "policyRule": {
    "if": {
      "field": "type",
      "equals": "Microsoft.Sql/managedInstances"
    },
    "then": {
      "effect": "[parameters('effect')]",
      "details": {
        "type": "Microsoft.Sql/managedInstances/securityAlertPolicies",
        "name": "default",
        "existenceCondition": {
          "field": "Microsoft.Sql/managedInstances/securityAlertPolicies/disabledAlerts[*]",
          "equals": ""
        }
      }
    }
  }
}