Control: SQL databases transparent data encryption should be enabled
Description
Transparent data encryption should be enabled to protect data-at-rest and meet compliance requirements.
Usage
Run the control in your terminal:
powerpipe control run azure_compliance.control.sql_database_transparent_data_encryption_enabledSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_compliance.control.sql_database_transparent_data_encryption_enabled --shareSQL
This control uses a named query:
select s.database_id resource, case when transparent_data_encryption ->> 'status' = 'Enabled' or transparent_data_encryption ->> 'state' = 'Enabled' then 'ok' else 'alarm' end as status, case when transparent_data_encryption ->> 'status' = 'Enabled' or transparent_data_encryption ->> 'state' = 'Enabled' then s.title || ' transparent data encryption enabled.' else s.title || ' transparent data encryption disabled.' end as reason , s.resource_group as resource_group , sub.display_name as subscriptionfrom azure_sql_database as s, azure_subscription as subwhere sub.subscription_id = s.subscription_id and s.name <> 'master';