Skip to content

Set Microsoft Defender for open-source relational databases to the Standard tier#

Security · Microsoft Defender for Cloud · Rule · 2023_06 · Critical

Enable Microsoft Defender for open-source relational databases.

Description#

Microsoft Defender for open-source relational databases provides additional security for open-source relational databases.

The following open-source relational databases are supported:

  • Azure Database for PostgreSQL
  • Azure Database for MySQL
  • Azure Database for MariaDB

Protection is provided by analyzing onboarded databases for unusual and potentially harmful attempts to access or exploit databases. Which allows Microsoft Defender for Cloud to produce security alerts that are triggered when anomalies in activity occur.

Security alerts for onboarded databases shows up in Defender for Cloud with details of the suspicious activity and recommendations on how to investigate and remediate the threats.

Microsoft Defender for open-source relational databases can be enabled at the subscription level and by doing so ensures all supported databases in the subscription will be protected, including future ones.

Recommendation#

Consider using Microsoft Defender for for open-source relational databases to provide additional security for open-source relational databases.

Examples#

Configure with Azure template#

To enable Microsoft Defender for open-source relational databases:

  • Set the Standard pricing tier for Microsoft Defender for open-source relational databases.

For example:

Azure Template snippet
{
  "type": "Microsoft.Security/pricings",
  "apiVersion": "2024-01-01",
  "name": "OpenSourceRelationalDatabases",
  "properties": {
    "pricingTier": "Standard"
  }
}

Configure with Bicep#

To enable Microsoft Defender for open-source relational databases:

  • Set the Standard pricing tier for Microsoft Defender for open-source relational databases.

For example:

Azure Bicep snippet
resource defenderForOssRdb 'Microsoft.Security/pricings@2024-01-01' = {
  name: 'OpenSourceRelationalDatabases'
  properties: {
    pricingTier: 'Standard'
  }
}

Configure with Azure CLI#

To enable Microsoft Defender for open-source relational databases:

  • Set the Standard pricing tier for Microsoft Defender for open-source relational databases.

For example:

Azure CLI snippet
az security pricing create -n 'OpenSourceRelationalDatabases' --tier 'standard'

Configure with Azure PowerShell#

To enable Microsoft Defender for open-source relational databases:

  • Set the Standard pricing tier for Microsoft Defender for open-source relational databases.

For example:

Azure PowerShell snippet
Set-AzSecurityPricing -Name 'OpenSourceRelationalDatabases' -PricingTier 'Standard'

Notes#

Microsoft Defender for open-source relational databases is currently available only for the single server deployment model for PostgreSQL and the single server deployment model for MySQL. For PostgreSQL, MySQL and MariaDB General Purpose and Memory Optimized tiers are required in order to be protected.

Comments