turbot/azure_compliance

Query: synapse_workspace_vulnerability_assessment_enabled

Usage

powerpipe query azure_compliance.query.synapse_workspace_vulnerability_assessment_enabled

SQL

with synapse_workspace as(
select
id,
name,
subscription_id,
resource_group
from
azure_synapse_workspace,
jsonb_array_elements(workspace_managed_sql_server_vulnerability_assessments) as w
where
w -> 'properties' -> 'recurringScans' ->> 'isEnabled' = 'true'
)
select
a.id as resource,
case
when s.id is not null then 'ok'
else 'alarm'
end as status,
case
when s.id is not null then a.name || ' vulnerability assessment enabled.'
else a.name || ' vulnerability assessment disabled.'
end as reason
, a.resource_group as resource_group
, sub.display_name as subscription
from
azure_synapse_workspace as a
left join synapse_workspace as s on s.id = a.id,
azure_subscription as sub
where
sub.subscription_id = a.subscription_id;

Controls

The query is being used by the following controls: