Ensure 'email account admins' is enabled for Azure MSSQL Server Security Alert Policy

MEDIUM

Description

Disabled 'Email service and co-administrators' for Azure MSSQL Server Security Alert Policy may make audit challenging.

Remediation

At this time, the console UI does not have remediation steps available. For possible CLI remediation, see the product documentation (below) or use Terraform.

In Terraform -

In the azurerm_mssql_server_security_alert_policy resource, set email_account_admins.

References:
https://learn.microsoft.com/en-us/azure/azure-sql/database/alerts-insights-configure-portal?view=azuresql
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mssql_server_security_alert_policy#email_account_admins

Policy Details

Rule Reference ID: AC_AZURE_0132

CSP: Azure

Remediation Available: Yes

Domain: Logging and Monitoring

Resource: azurerm_mssql_server_security_alert_policy

Resource Category: Database

Resource Type: SQL Server

Frameworks

GDPR
NIST-800-171
NIST-800-53
NIST-CSF
HIPAA

Detections

Analytics