Configure Microsoft Defender for SQL to the Standard tier#
Security · Microsoft Defender for Cloud · 2022_09
Enable Microsoft Defender for SQL servers.
Description#
SQL databases are used to store critical and strategic assets for your company and should be carefully secured. Microsoft Defender for SQL represents a single go-to location to manage security capabilities.
Enabling Defender for SQL automatically enables the following advanced SQL security capabilities:
- Vulnerability Assessment: discover, track, and provide guidance to remediate potential database vulnerabilities.
- Advanced Threat Protection: continuous monitoring of your databases, detection of suspect activities and more.
When enable at subscription level, all databases in Azure SQL Database and Azure SQL Managed Instance are protected.
Recommendation#
Consider using Microsoft Defender for SQL to protect your SQL databases.
Examples#
Configure with Azure template#
To enable Microsoft Defender for SQL:
- Set the
Standardpricing tier for Microsoft Defender for SQL.
For example:
{
"type": "Microsoft.Security/pricings",
"apiVersion": "2022-03-01",
"name": "SqlServers",
"properties": {
"pricingTier": "Standard"
}
}
Configure with Bicep#
To enable Microsoft Defender for SQL:
- Set the
Standardpricing tier for Microsoft Defender for SQL.
For example:
resource defenderForSQL 'Microsoft.Security/pricings@2022-03-01' = {
name: 'SqlServers'
properties: {
pricingTier: 'Standard'
}
}
Configure with Azure CLI#
To enable Microsoft Defender for SQL:
- Set the
Standardpricing tier for Microsoft Defender for SQL.
For example:
az security pricing create -n 'SqlServers' --tier 'standard'
Configure with Azure PowerShell#
To enable Microsoft Defender for SQL:
- Set the
Standardpricing tier for Microsoft Defender for SQL.
For example:
Set-AzSecurityPricing -Name 'SqlServers' -PricingTier 'Standard'
Notes#
This rule applies when analyzing resources deployed (in-flight) to Azure.
Links#
- Security operations in Azure
- Azure SQL Database and security
- Introduction to Microsoft Defender for SQL
- Azure security baseline for Azure SQL
- DP-2: Monitor anomalies and threats targeting sensitive data
- LT-1: Enable threat detection capabilities
- Azure Policy built-in policy definitions
- Azure deployment reference