Pattern: Disabled SqlServers in Azure Defender
Issue: -
Azure Defender is a cloud workload protection service that utilizes and agent-based deployment to analyze signals from Azure network fabric and the service control plane, to detect threats across all Azure resources. It can also analyze non-Azure resources, utilizing Azure Arc, including those on-premises and in both AWS and GCP (once they've been onboarded).
Resolution: enable SqlServers in Azure Defender.
Example of incorrect code:
resource "azurerm_security_center_subscription_pricing" "bad_example" {
tier = "Free"
resource_type = "VirtualMachines"
}Example of correct code:
resource "azurerm_security_center_subscription_pricing" "good_example" {
tier = "Standard"
resource_type = "VirtualMachines,SqlServers"
}