Skip to content

Use Advanced Threat Protection#

Security · SQL Database · Rule · 2020_06

Enable Microsoft Defender for Azure SQL logical server.

Description#

Enable Microsoft Defender for Azure SQL logical server.

Recommendation#

Consider enabling Advanced Data Security and configuring Microsoft Defender for SQL logical servers.

Examples#

Configure with Azure template#

Azure Template snippet
{
  "comments": "Create or update an Azure SQL logical server.",
  "type": "Microsoft.Sql/servers",
  "apiVersion": "2019-06-01-preview",
  "name": "[parameters('serverName')]",
  "location": "[parameters('location')]",
  "tags": "[parameters('tags')]",
  "kind": "v12.0",
  "identity": {
    "type": "SystemAssigned"
  },
  "properties": {
    "administratorLogin": "[parameters('adminUsername')]",
    "version": "12.0",
    "publicNetworkAccess": "[if(parameters('allowPublicAccess'), 'Enabled', 'Disabled')]",
    "administratorLoginPassword": "[parameters('adminPassword')]",
    "minimalTLSVersion": "1.2"
  },
  "resources": [
    {
      "type": "Microsoft.Sql/servers/securityAlertPolicies",
      "apiVersion": "2020-02-02-preview",
      "name": "[concat(parameters('serverName'), '/Default')]",
      "dependsOn": [
        "[resourceId('Microsoft.Sql/servers', parameters('serverName'))]"
      ],
      "properties": {
        "state": "Enabled"
      }
    }
  ]
}

Configure with Azure PowerShell#

Azure PowerShell snippet
Set-AzSqlDatabaseThreatDetectionPolicy -ResourceGroupName '<resource_group>' -ServerName '<server_name>' -DatabaseName '<database>' -StorageAccountName '<account_name>' -NotificationRecipientsEmails '<email>' -EmailAdmins $False

Comments