standard
turbot/azure_compliance

Trigger: Detect & correct MySQL flexible servers with audit log events not set to connection

Detect MySQL flexible servers with audit log not set to connection and then set audit log events to connection.

Query

select
concat(id, ' [', subscription_id, '/', resource_group, ']') as title,
id as id,
name as server_name,
resource_group,
subscription_id,
_ctx ->> 'connection_name' as conn
from
azure_mysql_flexible_server,
jsonb_array_elements(flexible_server_configurations) as config
where
config ->> 'Name' = 'audit_log_events'
and config -> 'ConfigurationProperties' ->> 'value' not in ('CONNECTION');

Schedule

15m

Tags

category = Compliance
plugin = azure
recommended = true
service = Azure/MySQL