standard
turbot/azure_cis
Get Involved
Version
Pipeline: 3.1.7.2 Ensure That Microsoft Defender for Open-Source Relational Databases Is Set To 'On'
Description
Turning on Microsoft Defender for Open-source relational databases enables threat detection for Open-source relational databases, providing threat intelligence, anomaly detection, and behavior analytics in the Microsoft Defender for Cloud.
Enabling Microsoft Defender for Open-source relational databases allows for greater defense-in-depth, with threat detection provided by the Microsoft Security Response Center (MSRC).
Remediation
From Azure Portal
- Go to
Microsoft Defender for Cloud
. - Under
Management
, selectEnvironment Settings
. - Click on the subscription name.
- Select the
Defender plans
blade. - Click
Select types >
in the row forDatabases
. - Set the toggle switch next to
Open-source relational databases
toOn
. - Select
Continue
. - Select
Save
.
From Azure CLI
Run the following command:
az security pricing create -n 'OpenSourceRelationalDatabases' --tier 'standard'
From Powershell
Use the below command to enable Standard pricing tier for Open-source relational databases
set-azsecuritypricing -name "OpenSourceRelationalDatabases" -pricingtier "Standard"
Default Value
By default, Microsoft Defender plan is off.
Run the pipeline
To run this pipeline from your terminal:
flowpipe pipeline run azure_cis.pipeline.cis_v300_3_1_7_2
Use this pipeline
To call this pipeline from your pipeline, use a step:
step "pipeline" "step_name" { pipeline = azure_cis.pipeline.cis_v300_3_1_7_2 }
Params
Name | Type | Required | Description | Default |
---|---|---|---|---|
database | connection.steampipe | Yes | Database connection string. | connection.steampipe.default |
notifier | notifier | Yes | The name of the notifier to use for sending notification messages. | notifier.default |
notification_level | string | Yes | The verbosity level of notification messages to send. Valid options are 'verbose', 'info', 'error'. | info |
approvers | list(notifier) | Yes | List of notifiers to be used for obtaining action/approval decisions. | notifier.default |
Outputs
This pipeline has no outputs.
Tags
folder = CIS v3.0.0/3 Security/3.1 Microsoft Defender for Cloud/3.1.7 Defender Plan: Databases