Control: Azure > Synapse Analytics > Workspace > Advanced Data Security

Define the advanced data security settings required for Azure > Synapse Analytics > Workspace.

Advanced data security for Synapse Analytics Workspace includes functionality for surfacing and mitigating potential database vulnerabilities and detecting anomalous activities that could indicate a threat to your workspace. The Advanced data security package provides administrators with a single go-to location for discovering and classifying data, assessing and addressing potential database vulnerabilities, and visibility into anomalous and potentially malicious activity that is taking place. Advanced data security can be defined for a specific database or as a default Synapse Analytics workspace policy. The Advanced data security control compares the vulnerability assessment and threat protection settings against the advanced data security policies for the resource (Azure > Synapse Analytics > Workspace > Advanced Data Security > *), raises an alarm, and takes the defined enforcement action.

Resource Types

This control targets the following resource types:

Azure > Synapse Analytics > Workspace

Policies

The following policies can be used to configure this control:

Azure > Synapse Analytics > Workspace > Advanced Data Security

This control type relies on these other policies when running actions:

Permissions

Cloud permissions used by this control and its actions:

microsoft.synapse/workspaces/vulnerabilityassessments/write
microsoft.synapse/workspaces/securityalertpolicies/write
microsoft.storage/storageaccounts/listkeys/action

In Your Workspace

Developers

Control Type URI

tmod:@turbot/azure-synapseanalytics#/control/types/synapseWorkspaceDataSecurity

Category URI

tmod:@turbot/turbot#/control/categories/security

GraphQL

query controlType(id: "tmod:@turbot/azure-synapseanalytics#/control/types/synapseWorkspaceDataSecurity") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/azure-synapseanalytics#/control/types/synapseWorkspaceDataSecurity'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/azure-synapseanalytics#/control/types/synapseWorkspaceDataSecurity"