Ensure that Azure Active Directory Admin is configured for SQL Server

Use Azure Active Directory Authentication for authentication with SQL Database.

Risk Level: High
Cloud Entity: Azure Active Directory
CloudGuard Rule ID: D9.TF.AZU.IAM.01
Covered by Spectral: Yes
Category: Security, Identity, & Compliance

GSL LOGIC

azurerm_sql_active_directory_administrator should have login

REMEDIATION

From TF
Set the 'login' argument under 'azurerm_sql_active_directory_administrator' as below:

resource "azurerm_sql_active_directory_administrator" "example" {
	...
	login               = "ADMIN-NAME"
	...
}

References:

  1. https://docs.microsoft.com/en-us/azure/azure-sql/database/authentication-aad-overview
  2. https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_active_directory_administrator

Azure Active Directory

Azure Active Directory (Azure AD) is Microsoft���s cloud-based identity and access management service, which helps your employees sign in and access resources in external resources and internal res

Compliance Frameworks

  • Azure Terraform Ruleset