Risk Level: Low
Cloud Entity: Azure SQL Database
CloudGuard Rule ID: D9.AZU.MON.52
Covered by Spectral: Yes
Category: Database

GSL LOGIC

SQLDB should have auditing.state='Enabled'

REMEDIATION

From Portal

Sign in to Azure Management Console
Go to 'SQL Database'
For each Database, click on Auditing under Security.
Set Enable Azure SQL Auditing is set to On
Select Save.

From TF
Set the 'enabled' arguments under 'azurerm_mssql_database_extended_auditing_policy' as below:

resource "azurerm_mssql_database_extended_auditing_policy" "example" {
	...
	enabled                 = "true"
	storage_endpoint        = "azurerm_storage_account.example.primary_blob_endpoint"
	...
}

From Command Line
Run

az sql db audit-policy update --resource-group RESOURCEGROUPNAME --name SERVERNAME --state Enabled --bsts Enabled --storage-account STORAGEACCOUNTNAME

References

Azure SQL Database

Azure SQL Database is the intelligent, fully managed relational cloud database service that provides the broadest SQL Server engine compatibility, so you can migrate your SQL Server databases without changing your apps. Accelerate app development and make maintenance easy and productive using the SQL tools you love to use. Take advantage of built-in intelligence that learns app patterns and adapts to maximize performance, reliability, and data protection.

Compliance Frameworks

AZU PCI-DSS 4.0
Azure CIS Foundations v. 1.3.1
Azure CIS Foundations v. 1.4.0
Azure CloudGuard Best Practices
Azure ITSG-33
Azure NIST 800-53 Rev 5
CloudGuard Azure All Rules Ruleset