Set Microsoft Defender for open-source relational databases to the Standard tier

Security · Microsoft Defender for Cloud · Rule · 2023_06 · Critical

Enable Microsoft Defender for open-source relational databases.

Description

Microsoft Defender for open-source relational databases provides additional security for open-source relational databases.

The following open-source relational databases are supported:

• Azure Database for PostgreSQL
• Azure Database for MySQL
• Azure Database for MariaDB

Protection is provided by analyzing onboarded databases for unusual and potentially harmful attempts to access or exploit databases. Which allows Microsoft Defender for Cloud to produce security alerts that are triggered when anomalies in activity occur.

Security alerts for onboarded databases shows up in Defender for Cloud with details of the suspicious activity and recommendations on how to investigate and remediate the threats.

Microsoft Defender for open-source relational databases can be enabled at the subscription level and by doing so ensures all supported databases in the subscription will be protected, including future ones.

Recommendation

Consider using Microsoft Defender for for open-source relational databases to provide additional security for open-source relational databases.

Examples

Configure with Azure template

To enable Microsoft Defender for open-source relational databases:

• Set the Standard pricing tier for Microsoft Defender for open-source relational databases.

For example:

Azure Template snippet

{
    "type": "Microsoft.Security/pricings",
    "apiVersion": "2022-03-01",
    "name": "OpenSourceRelationalDatabases",
    "properties": {
        "pricingTier": "Standard"
    }
}

Configure with Bicep

To enable Microsoft Defender for open-source relational databases:

• Set the Standard pricing tier for Microsoft Defender for open-source relational databases.

For example:

Azure Bicep snippet

resource defenderForOssRdb 'Microsoft.Security/pricings@2022-03-01' = {
  name: 'OpenSourceRelationalDatabases'
  properties: {
    pricingTier: 'Standard'
  }
}

Configure with Azure CLI

To enable Microsoft Defender for open-source relational databases:

• Set the Standard pricing tier for Microsoft Defender for open-source relational databases.

For example:

Azure CLI snippet

az security pricing create -n 'OpenSourceRelationalDatabases' --tier 'standard'

Configure with Azure PowerShell

To enable Microsoft Defender for open-source relational databases:

• Set the Standard pricing tier for Microsoft Defender for open-source relational databases.

For example:

Azure PowerShell snippet

Set-AzSecurityPricing -Name 'OpenSourceRelationalDatabases' -PricingTier 'Standard'

Notes

Microsoft Defender for open-source relational databases is currently available only for the single server deployment model for PostgreSQL and the single server deployment model for MySQL. For PostgreSQL, MySQL and MariaDB General Purpose and Memory Optimized tiers are required in order to be protected.

Links

• Security operations in Azure
• What is Microsoft Defender for Cloud?
• Overview of Microsoft Defender for open-source relational databases
• Enable Defender for OSS RDBs
• Quickstart: Enable enhanced security features
• Azure security baseline for Azure Database for PostgreSQL - Single Server
• Azure security baseline for Azure Database for MySQL - Single Server
• Azure security baseline for Azure Database for MariaDB
• Azure Policy built-in policy definitions
• Azure deployment reference

Comments