AzPolicyAdvertizer

last sync: 2024-Jul-26 18:17:39 UTC

Configure SQL Virtual Machines to automatically install Microsoft Defender for SQL and DCR with a Log Analytics workspace

Azure BuiltIn Policy definition

Source Azure Portal
Display name Configure SQL Virtual Machines to automatically install Microsoft Defender for SQL and DCR with a Log Analytics workspace
Id c859b78a-a128-4376-a838-e97ce6625d16
Version 1.6.0
Details on versioning
Category Security Center
Microsoft Learn
Description Microsoft Defender for SQL collects events from the agent and uses them to provide security alerts and tailored hardening tasks (recommendations). Create a resource group, a Data Collection Rule and Log Analytics workspace in the same region as the machine.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c
Rule aliases IF (2)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Compute/imagePublisher Microsoft.Compute
Microsoft.Compute
Microsoft.Compute		 virtualMachines
virtualMachineScaleSets
disks		 properties.storageProfile.imageReference.publisher
properties.virtualMachineProfile.storageProfile.imageReference.publisher
properties.creationData.imageReference.id		 True
True
True

False
False
False
Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType Microsoft.Compute virtualMachines properties.storageProfile.osDisk.osType True True
Rule resource types IF (1)
Microsoft.Compute/virtualMachines
THEN-Deployment (5)
Microsoft.Compute/virtualMachines/extensions
Microsoft.Insights/dataCollectionRules
Microsoft.OperationalInsights/workspaces
Microsoft.Resources/deployments
Microsoft.Resources/resourceGroups
Compliance
The following 1 compliance controls are associated with this Policy definition 'Configure SQL Virtual Machines to automatically install Microsoft Defender for SQL and DCR with a Log Analytics workspace' (c859b78a-a128-4376-a838-e97ce6625d16)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
op.exp.6 Protection against harmful code op.exp.6 Protection against harmful code 404 not found n/a n/a 68
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
Configure SQL VMs and Arc-enabled SQL Servers to install Microsoft Defender for SQL and AMA with a LA workspace d7c3ea3a-edf3-4bd5-bd64-d5b635b05393 Security Center GA BuiltIn
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2024-06-10 18:18:08 change Minor (1.5.0 > 1.6.0)
2024-04-22 16:32:55 change Minor (1.4.0 > 1.5.0)
2024-01-12 18:35:06 change Minor (1.3.1 > 1.4.0)
2023-11-17 19:29:28 change Patch, old suffix: preview (1.3.0-preview > 1.3.1)
2023-10-31 19:02:40 change Minor, suffix remains equal (1.2.0-preview > 1.3.0-preview)
2023-09-11 17:59:12 change Minor, suffix remains equal (1.1.0-preview > 1.2.0-preview)
2023-08-22 17:59:24 add c859b78a-a128-4376-a838-e97ce6625d16
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC