Policy: Azure > CIS v3.0 > 05 - Database Services > 05.01 - Azure SQL Database

Primary Policy

This policy is used with the following primary policy:

• Azure > CIS v3.0 > 05 - Database Services

Related Policies

• 05.01.01 - Ensure that 'Auditing' is set to 'On'
• 05.01.02 - Ensure no Azure SQL Databases allow ingress from 0.0.0.0/0 (ANY IP)
• 05.01.03 - Ensure SQL Server's Transparent Data Encryption (TDE) protector is encrypted with Customer-managed key
• 05.01.04 - Ensure that Microsoft Entra authentication is Configured for SQL Servers
• 05.01.05 - Ensure that 'Data encryption' is set to 'On' on a SQL Database
• 05.01.06 - Ensure that 'Auditing' Retention is 'greater than 90 days'
• 05.01.07 - Ensure Public Network Access is Disabled

Category

• CIS

In Your Workspace

• Policy Settings by Type report

Developers

Category URI

tmod:@turbot/cis#/control/categories/cis

Policy Type URI

tmod:@turbot/azure-cisv3-0#/policy/types/s0501

GraphQL

query policyType(id: "tmod:@turbot/azure-cisv3-0#/policy/types/s0501") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/azure-cisv3-0#/policy/types/s0501'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/azure-cisv3-0#/policy/types/s0501'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/azure-cisv3-0#/policy/types/s0501"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/azure-cisv3-0#/policy/types/s0501"