standard
turbot/azure_compliance

Trigger: Detect & correct SQL Databases with transparent data encryption disabled

Detect SQL Databases with transparent data encryption disabled and enable transparent data encryption.

Query

select
concat(
s.id,
' [',
s.subscription_id,
'/',
s.resource_group,
']'
) as title,
s.id as id,
s.server_name as server_name,
s.name as name,
s.resource_group,
s.subscription_id,
s._ctx ->> 'connection_name' as conn
from
azure_sql_database s
where
name <> 'master'
and (
transparent_data_encryption ->> 'status' <> 'Enabled'
or transparent_data_encryption ->> 'state' <> 'Enabled'
or transparent_data_encryption is null
);

Schedule

15m

Tags

category = Compliance
plugin = azure
service = Azure/SQL