AzInitiativeAdvertizer

last sync: 2024-Sep-18 17:50:42 UTC

Deploy SQL Database built-in SQL security configuration

Azure Landing Zones (ALZ) Policy Initiative (PolicySet)

Source Repository Azure Landing Zones (ALZ) GitHub
JSON Deploy-Sql-Security_20240529
Display nameDeploy SQL Database built-in SQL security configuration
IdDeploy-Sql-Security_20240529
Version1.0.0
Details on versioning
CategorySQL
DescriptionDeploy auditing, Alert, TDE and SQL vulnerability to SQL Databases when it not exist in the deployment
TypeCustom Azure Landing Zones (ALZ)
DeprecatedFalse
PreviewFalse
Replaces PolicySet This ALZ PolicySet definition replaces [Deprecated]: Deploy SQL Database built-in SQL security configuration (Deploy-Sql-Security)
More information on Azure Landing Zones deprecated Policy and PolicySet definitions
Policy count Total Policies: 4
Builtin Policies: 1
Static Policies: 0
ALZ Policies: 3
Policy used
Policy DisplayName Policy Id Category Effect Roles# Roles State Type
Deploy SQL database auditing settings Deploy-Sql-AuditingSettings SQL Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled		 1 SQL Security Manager GA ALZ
Deploy SQL Database security Alert Policies configuration with email admin accounts Deploy-Sql-SecurityAlertPolicies SQL Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled		 1 SQL Security Manager GA ALZ
Deploy SQL Database Vulnerability Assessments Deploy-Sql-vulnerabilityAssessments_20230706 SQL Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled		 3 Monitoring Contributor, SQL Security Manager, Storage Account Contributor GA ALZ
Deploy SQL DB transparent data encryption 86a912f6-9a06-4e26-b447-11b16ba8659f SQL Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled		 1 SQL DB Contributor GA BuiltIn
Roles used
History none
JSON compare n/a
JSON
EPAC