Azure策略审核经典SQL漏洞评估

tzxcd3kk  于 2023-06-24  发布在  其他
关注(0)|答案(1)|浏览(106)

我正在尝试使用Azure策略审核经典SQL漏洞评估,但无法使policyrule正常工作。我可以通过使用这个来获得所有内容:

"policyRule": {
  "if": {
    "allOf": [
      {
        "field": "type",
        "equals": "Microsoft.Sql/servers"
      },
      {
        "field": "kind",
        "notContains": "analytics"
      }
    ]
  },

但如果我加上:

{
        "field": "Microsoft.Sql/servers/vulnerabilityAssessments/recurringScans.isEnabled",
        "notEquals": "true"
      }

策略未检测到任何资源。这是一个正确的策略别名,但为什么它不起作用?

sigwle7e

sigwle7e1#

策略未检测到任何资源。这是一个正确的策略别名,但为什么它不起作用?
我使用下面的Azure Policy来审核SQL vulnerability评估。

{
        "properties": {
        "displayName": "SQL-vulnerability assessment on your sql servers_1.0",
        "policyType": "Custom",
        "mode": "All",
        "parameters": {
        "allowedLocations": {
        "type": "Array",
        },
        "tagname": {
        "type": "String",
        "metadata": {
        "displayName": "Exclusion Tag Name",
        "description": "Rule is not deployed if this tag exists on the SQL Server"
        }
        },
        "effect": {
        "type": "String",
        "metadata": {
        "displayName": "Effect",
        "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
        "AuditIfNotExists",
        "Disabled"
        ],
        "defaultValue": "AuditIfNotExists"
        }
        },
        "policyRule": {
        "if": {
        "allOf": [ 
        {
        "field": "type", 
        "equals": "Microsoft.Sql/servers" 
        },
        {
        "field": "location",
        "in": "[parameters('allowedLocations')]"
        },
        {
        "field": "[concat('tags[', parameters('tagname'), ']')]",
        "exists": "false"
        },
        {
        "value": "[resourceGroup().tags[parameters('tagname')]]",
        "equals": ""
        },
        {
        "value": "[subscription().tags[parameters('tagname')]]",
        "equals": ""    
           }
            ]
      },
        "then": {
        "effect": "[parameters('effect')]",
        "details": {
         "type": "Microsoft.Sql/servers/vulnerabilityAssessments",
        "name": "default",
        "existenceCondition": {
        "field": "Microsoft.Sql/servers/vulnerabilityAssessments/recurringScans.isEnabled", 
        "equals": "True"
        } 
        }
         }
        }
        }, 
        "id": "/providers/Microsoft.Management/managementgroups/48fed3a1-0814-4847-88ce-b766155f2792/providers/Microsoft.Authorization/policyDefinitions/410c2966a1e1856e",
        "type": "Microsoft.Authorization/policyDefinitions",
        "name": "410c2966a1e1856e"
        }

一旦应用策略,它将根据指定的条件评估您的SQL servers,并在未启用漏洞评估时采取定义的操作。

策略合规结果:

相关问题