Ensure that SQL Database Auditing is Enabled
Ensure that SQL Database Auditing is enabled in order to keep track of Audit events.
Risk Level: Low
Cloud Entity: Azure SQL Database
CloudGuard Rule ID: D9.AZU.MON.52
Covered by Spectral: Yes
Category: Database
GSL LOGIC
SQLDB should have auditing.state='Enabled'
REMEDIATION
From Portal
- Sign in to Azure Management Console
- Go to 'SQL Database'
- For each Database, click on Auditing under Security.
- Set Enable Azure SQL Auditing is set to On
- Select Save.
From TF
Set the 'enabled' arguments under 'azurerm_mssql_database_extended_auditing_policy' as below:
resource "azurerm_mssql_database_extended_auditing_policy" "example" {
...
enabled = "true"
storage_endpoint = "azurerm_storage_account.example.primary_blob_endpoint"
...
}
From Command Line
Run
az sql db audit-policy update --resource-group RESOURCEGROUPNAME --name SERVERNAME --state Enabled --bsts Enabled --storage-account STORAGEACCOUNTNAME
References
- https://learn.microsoft.com/en-us/azure/azure-sql/database/auditing-overview?view=azuresql
- https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_database
- https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mssql_database_extended_auditing_policy#enabled
- https://learn.microsoft.com/en-us/cli/azure/sql/db/audit-policy?view=azure-cli-latest#az-sql-db-audit-policy-update
Azure SQL Database
Azure SQL Database is the intelligent, fully managed relational cloud database service that provides the broadest SQL Server engine compatibility, so you can migrate your SQL Server databases without changing your apps. Accelerate app development and make maintenance easy and productive using the SQL tools you love to use. Take advantage of built-in intelligence that learns app patterns and adapts to maximize performance, reliability, and data protection.
Compliance Frameworks
- AZU PCI-DSS 4.0
- Azure CIS Foundations v. 1.3.1
- Azure CIS Foundations v. 1.4.0
- Azure CloudGuard Best Practices
- Azure ITSG-33
- Azure NIST 800-53 Rev 5
- CloudGuard Azure All Rules Ruleset
Updated over 1 year ago