AzPolicyAdvertizer

last sync: 2025-Jul-03 17:22:55 UTC

Configure Arc-enabled SQL Servers with Data Collection Rule Association to Microsoft Defender for SQL DCR

Azure BuiltIn Policy definition

Source Azure Portal
Display name Configure Arc-enabled SQL Servers with Data Collection Rule Association to Microsoft Defender for SQL DCR
Id cbdd12e1-193a-445c-9926-560118c6daaa
Version 1.1.0
Details on versioning
Versioning Versions supported for Versioning: 3
1.1.0
1.0.2
1.0.1-preview
Built-in Versioning [Preview]
Category Security Center
Microsoft Learn
Description Configure association between Arc-enabled SQL Servers and the Microsoft Defender for SQL DCR. Deleting this association will break the detection of security vulnerabilities for this Arc-enabled SQL Servers.
Cloud environments AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown
Available in AzUSGov The Policy is available in AzureUSGovernment cloud. Version: '1.*.*'
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
Monitoring Contributor 749f88d5-cbae-40b8-bcfc-e573ddc772fa
Log Analytics Contributor 92aaf0da-9dab-42b6-94a3-d43ce8d16293
Rule aliases IF (2)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.HybridCompute/machines/mssqlDiscovered Microsoft.HybridCompute machines properties.mssqlDiscovered True False
Microsoft.HybridCompute/machines/osName Microsoft.HybridCompute machines properties.osName True False
Rule resource types IF (1)
Compliance
The following 1 compliance controls are associated with this Policy definition 'Configure Arc-enabled SQL Servers with Data Collection Rule Association to Microsoft Defender for SQL DCR' (cbdd12e1-193a-445c-9926-560118c6daaa)
Rows: 1-1 / 1

Columns:

Close

Columns▼Records:
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

TableFilter v0.7.3

https://www.tablefilter.com/
©2015-2025 Max Guglielmi
?
Page of 1
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
op.exp.6 Protection against harmful code op.exp.6 Protection against harmful code 404 not found n/a n/a 61
Initiatives usage
Rows: 1-2 / 2
Records:
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

TableFilter v0.7.3

https://www.tablefilter.com/
©2015-2025 Max Guglielmi
?
Page of 1
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
Configure SQL VMs and Arc-enabled SQL Servers to install Microsoft Defender for SQL and AMA with a LA workspace d7c3ea3a-edf3-4bd5-bd64-d5b635b05393 Security Center GA BuiltIn true
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn unknown
History
Date/Time (UTC ymd) (i) Change type Change detail
2024-01-12 18:35:06 change Minor (1.0.2 > 1.1.0)
2023-11-17 19:29:28 change Patch, old suffix: preview (1.0.1-preview > 1.0.2)
2023-09-11 17:59:12 change Patch, suffix remains equal (1.0.0-preview > 1.0.1-preview)
2023-08-22 17:59:24 add cbdd12e1-193a-445c-9926-560118c6daaa
JSON compare
compare mode: version left: version right:
1.0.2 → 1.1.0 RENAMED
@@ -4,9 +4,9 @@
4
  "mode": "Indexed",
5
  "description": "Configure association between Arc-enabled SQL Servers and the Microsoft Defender for SQL DCR. Deleting this association will break the detection of security vulnerabilities for this Arc-enabled SQL Servers.",
6
  "metadata": {
7
  "category": "Security Center",
8
- "version": "1.0.2"
9
  },
10
  "parameters": {
11
  "effect": {
12
  "type": "String",
@@ -91,9 +91,8 @@
91
  "eastus2": "EUS2",
92
  "francecentral": "PAR",
93
  "germanywestcentral": "DEWC",
94
  "japaneast": "EJP",
95
- "japanwest": "EJP",
96
  "jioindiawest": "CIN",
97
  "koreacentral": "SE",
98
  "koreasouth": "SE",
99
  "northcentralus": "NCUS",
 
4
  "mode": "Indexed",
5
  "description": "Configure association between Arc-enabled SQL Servers and the Microsoft Defender for SQL DCR. Deleting this association will break the detection of security vulnerabilities for this Arc-enabled SQL Servers.",
6
  "metadata": {
7
  "category": "Security Center",
8
+ "version": "1.1.0"
9
  },
10
  "parameters": {
11
  "effect": {
12
  "type": "String",
 
91
  "eastus2": "EUS2",
92
  "francecentral": "PAR",
93
  "germanywestcentral": "DEWC",
94
  "japaneast": "EJP",
 
95
  "jioindiawest": "CIN",
96
  "koreacentral": "SE",
97
  "koreasouth": "SE",
98
  "northcentralus": "NCUS",
JSON
api-version=2021-06-01
EPAC 
{7 items
  • displayName: "Configure Arc-enabled SQL Servers with Data Collection Rule Association to Microsoft Defender for SQL DCR",
  • policyType: "BuiltIn",
  • mode: "Indexed",
  • description: "Configure association between Arc-enabled SQL Servers and the Microsoft Defender for SQL DCR. Deleting this association will break the detection of security vulnerabilities for this Arc-enabled SQL Servers.",
  • metadata: {2 items
    • category: "Security Center",
    • version: "1.1.0"
    },
  • parameters: {1 item},
  • policyRule: {2 items
    • if: {1 item
      • allOf: [3 items
        • {2 items
          • field: "type",
          • equals: "Microsoft.HybridCompute/machines"
          },
        • {2 items
          • field: "Microsoft.HybridCompute/machines/osName",
          • equals: "Windows"
          },
        • {2 items
          • field: "Microsoft.HybridCompute/machines/mssqlDiscovered",
          • equals: "true"
          }
        ]
      },
    • then: {2 items
      • effect: "[parameters('effect')]",
      • details: {4 items
        • type: "Microsoft.Insights/dataCollectionRuleAssociations",
        • name: "MicrosoftDefenderForSQL-RulesAssociation",
        • roleDefinitionIds: [2 items],
        • deployment: {1 item
          • properties: {3 items
            • mode: "incremental",
            • parameters: {3 items},
            • template: {5 items
              • $schema: "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
              • contentVersion: "1.0.0.0",
              • parameters: {3 items},
              • variables: {7 items
                • locationLongNameToShortMap: {36 items
                  • australiacentral: "CAU",
                  • australiaeast: "EAU",
                  • australiasoutheast: "SEAU",
                  • brazilsouth: "CQ",
                  • canadacentral: "CCA",
                  • canadaeast: "CCA",
                  • centralindia: "CIN",
                  • centralus: "CUS",
                  • eastasia: "EA",
                  • eastus2euap: "eus2p",
                  • eastus: "EUS",
                  • eastus2: "EUS2",
                  • francecentral: "PAR",
                  • germanywestcentral: "DEWC",
                  • japaneast: "EJP",
                  • jioindiawest: "CIN",
                  • koreacentral: "SE",
                  • koreasouth: "SE",
                  • northcentralus: "NCUS",
                  • northeurope: "NEU",
                  • norwayeast: "NOE",
                  • southafricanorth: "JNB",
                  • southcentralus: "SCUS",
                  • southeastasia: "SEA",
                  • southindia: "CIN",
                  • swedencentral: "SEC",
                  • switzerlandnorth: "CHN",
                  • switzerlandwest: "CHW",
                  • uaenorth: "DXB",
                  • uksouth: "SUK",
                  • ukwest: "WUK",
                  • westcentralus: "WCUS",
                  • westeurope: "WEU",
                  • westindia: "CIN",
                  • westus: "WUS",
                  • westus2: "WUS2"
                  },
                • locationCode: 🔍"[
    if(
        contains(
            variables(
               'locationLongNameToShortMap'
            ),
            parameters('location')
        ),
        variables(
           'locationLongNameToShortMap'
        )[
            parameters('location')
        ],
         parameters('location')
    )
]",
                • subscriptionId: "[subscription().subscriptionId]",
                • defaultRGName: 🔍"[
    concat(
       'DefaultResourceGroup-',
         variables(
           'locationCode'
        )
    )
]",
                • dcrName: 🔍"[
    concat(
       'MicrosoftDefenderForSQL-',
         parameters('location'),
       '-dcr'
    )
]",
                • dcrId: 🔍"[
    concat(
       '/subscriptions/',
         variables(
           'subscriptionId'
        ),
       '/resourceGroups/',
         variables(
           'defaultRGName'
        ),
       '/providers/Microsoft.Insights/dataCollectionRules/',
         variables(
           'dcrName'
        )
    )
]",
                • dcraName: 🔍"[
    concat(
        parameters('vmName'),
       '/Microsoft.Insights/MicrosoftDefenderForSQL-RulesAssociation'
    )
]"
                },
              • resources: [1 item
                • {4 items
                  • type: "Microsoft.HybridCompute/machines/providers/dataCollectionRuleAssociations",
                  • name: "[variables('dcraName')]",
                  • apiVersion: "2021-04-01",
                  • properties: {2 items
                    • description: "Configure association between Arc-enabled SQL Server and the Microsoft Defender for SQL DCR. Deleting this association will break the detection of security vulnerabilities for this Arc-enabled SQL Server.",
                    • dataCollectionRuleId: "[variables('dcrId')]"
                    }
                  }
                ]
              }
            }
          }
        }
      }
    }
}