Set Microsoft Defender for open-source relational databases to the Standard tier

March 21, 2025 ยท View on GitHub

SYNOPSIS

Enable Microsoft Defender for open-source relational databases.

DESCRIPTION

Microsoft Defender for open-source relational databases provides additional security for open-source relational databases.

The following open-source relational databases are supported:

  • Azure Database for PostgreSQL
  • Azure Database for MySQL
  • Azure Database for MariaDB

Protection is provided by analyzing onboarded databases for unusual and potentially harmful attempts to access or exploit databases. Which allows Microsoft Defender for Cloud to produce security alerts that are triggered when anomalies in activity occur.

Security alerts for onboarded databases shows up in Defender for Cloud with details of the suspicious activity and recommendations on how to investigate and remediate the threats.

Microsoft Defender for open-source relational databases can be enabled at the subscription level and by doing so ensures all supported databases in the subscription will be protected, including future ones.

RECOMMENDATION

Consider using Microsoft Defender for for open-source relational databases to provide additional security for open-source relational databases.

EXAMPLES

Configure with Azure template

To enable Microsoft Defender for open-source relational databases:

  • Set the Standard pricing tier for Microsoft Defender for open-source relational databases.

For example:

{
  "type": "Microsoft.Security/pricings",
  "apiVersion": "2024-01-01",
  "name": "OpenSourceRelationalDatabases",
  "properties": {
    "pricingTier": "Standard"
  }
}

Configure with Bicep

To enable Microsoft Defender for open-source relational databases:

  • Set the Standard pricing tier for Microsoft Defender for open-source relational databases.

For example:

resource defenderForOssRdb 'Microsoft.Security/pricings@2024-01-01' = {
  name: 'OpenSourceRelationalDatabases'
  properties: {
    pricingTier: 'Standard'
  }
}

Configure with Azure CLI

To enable Microsoft Defender for open-source relational databases:

  • Set the Standard pricing tier for Microsoft Defender for open-source relational databases.

For example:

az security pricing create -n 'OpenSourceRelationalDatabases' --tier 'standard'

Configure with Azure PowerShell

To enable Microsoft Defender for open-source relational databases:

  • Set the Standard pricing tier for Microsoft Defender for open-source relational databases.

For example:

Set-AzSecurityPricing -Name 'OpenSourceRelationalDatabases' -PricingTier 'Standard'

NOTES

Microsoft Defender for open-source relational databases is currently available only for the single server deployment model for PostgreSQL and the single server deployment model for MySQL. For PostgreSQL, MySQL and MariaDB General Purpose and Memory Optimized tiers are required in order to be protected.