last sync: 2024-Mar-01 17:50:54 UTC

Deploy SQL Database built-in SQL security configuration

Azure Landing Zones (ALZ) Policy Initiative (PolicySet)

Source Repository Azure Landing Zones (ALZ) GitHub
JSON Deploy-Sql-Security
Display nameDeploy SQL Database built-in SQL security configuration
IdDeploy-Sql-Security
Version1.0.0
Details on versioning
CategorySQL
DescriptionDeploy auditing, Alert, TDE and SQL vulnerability to SQL Databases when it not exist in the deployment
TypeCustom Azure Landing Zones (ALZ)
DeprecatedFalse
PreviewFalse
Policy count Total Policies: 4
Builtin Policies: 1
Static Policies: 0
ALZ Policies: 3
Policy used
Policy DisplayName Policy Id Category Effect Roles# Roles State Type
[Deprecated]: Deploy SQL Database vulnerability Assessments Deploy-Sql-vulnerabilityAssessments SQL Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
3 Monitoring Contributor, SQL Security Manager, Storage Account Contributor Deprecated ALZ
Deploy SQL database auditing settings Deploy-Sql-AuditingSettings SQL Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
1 SQL Security Manager GA ALZ
Deploy SQL Database security Alert Policies configuration with email admin accounts Deploy-Sql-SecurityAlertPolicies SQL Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
1 SQL Security Manager GA ALZ
Deploy SQL DB transparent data encryption 86a912f6-9a06-4e26-b447-11b16ba8659f SQL Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
1 SQL DB Contributor GA BuiltIn
Roles used
History none
JSON compare n/a
JSON
EPAC