turbot/steampipe-mod-terraform-azure-compliance

Control: Azure Defender for SQL servers on machines should be enabled

Description

Azure Defender for SQL provides functionality for surfacing and mitigating potential database vulnerabilities, detecting anomalous activities that could indicate threats to SQL databases, and discovering and classifying sensitive data.

Usage

Run the control in your terminal:

powerpipe control run terraform_azure_compliance.control.sql_server_vm_azure_defender_enabled

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run terraform_azure_compliance.control.sql_server_vm_azure_defender_enabled --share

SQL

This control uses a named query:

select
address as resource,
case
when (attributes_std ->> 'resource_type') = 'SqlServerVirtualMachines' and (attributes_std ->> 'tier') = 'Standard' then 'ok'
else 'info'
end status,
split_part(address, '.', 2) || case
when (attributes_std ->> 'resource_type') = 'SqlServerVirtualMachines' and (attributes_std ->> 'tier') = 'Standard' then ' Azure Defender on for SqlServerVirtualMachines'
else ' Azure Defender off for SqlServerVirtualMachines'
end || '.' reason
, path || ':' || start_line
from
terraform_resource
where
type = 'azurerm_security_center_subscription_pricing';

Tags