Use Microsoft Defender
March 21, 2025 ยท View on GitHub
SYNOPSIS
Enable Microsoft Defender for Cloud for Azure Database for MariaDB.
DESCRIPTION
Defender for Cloud detects anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases.
RECOMMENDATION
Enable Microsoft Defender for Cloud for Azure Database for MariaDB.
EXAMPLES
Configure with Azure template
To deploy Azure Database for MariaDB Servers that pass this rule:
- Deploy a
Microsoft.DBforMariaDB/servers/securityAlertPoliciessub-resource (child resource). - Set the
properties.stateproperty toEnabled.
For example:
{
"type": "Microsoft.DBforMariaDB/servers",
"apiVersion": "2018-06-01",
"name": "[parameters('serverName')]",
"location": "[parameters('location')]",
"sku": {
"name": "[parameters('skuName')]",
"tier": "GeneralPurpose",
"capacity": "[parameters('SkuCapacity')]",
"size": "[format('{0}', parameters('skuSizeMB'))]",
"family": "[parameters('skuFamily')]"
},
"properties": {
"createMode": "Default",
"version": "[parameters('mariadbVersion')]",
"administratorLogin": "[parameters('administratorLogin')]",
"administratorLoginPassword": "[parameters('administratorLoginPassword')]",
"storageProfile": {
"storageMB": "[parameters('skuSizeMB')]",
"backupRetentionDays": 7,
"geoRedundantBackup": "Enabled"
}
},
"resources": [
{
"type": "Microsoft.DBforMariaDB/servers/securityAlertPolicies",
"apiVersion": "2018-06-01",
"name": "Default",
"dependsOn": ["[parameters('serverName')]"],
"properties": {
"emailAccountAdmins": true,
"emailAddresses": ["soc@contoso.com"],
"retentionDays": 14,
"state": "Enabled",
"storageAccountAccessKey": "account-key",
"storageEndpoint": "https://contoso.blob.core.windows.net"
}
}
]
}
Configure with Bicep
To deploy Azure Database for MariaDB Servers that pass this rule:
- Deploy a
Microsoft.DBforMariaDB/servers/securityAlertPoliciessub-resource (child resource). - Set the
properties.stateproperty toEnabled.
For example:
resource mariaDbServer 'Microsoft.DBforMariaDB/servers@2018-06-01' = {
name: serverName
location: location
sku: {
name: skuName
tier: 'GeneralPurpose'
capacity: skuCapacity
size: '${skuSizeMB}'
family: skuFamily
}
properties: {
createMode: 'Default'
version: mariadbVersion
administratorLogin: administratorLogin
administratorLoginPassword: administratorLoginPassword
storageProfile: {
storageMB: skuSizeMB
backupRetentionDays: 7
geoRedundantBackup: 'Enabled'
}
}
}
resource mariaDbDefender 'Microsoft.DBforMariaDB/servers/securityAlertPolicies@2018-06-01' = {
name: 'Default'
parent: MariaDbServer
properties: {
emailAccountAdmins: true
emailAddresses: ['soc@contoso.com']
retentionDays: 14
state: 'Enabled'
storageAccountAccessKey: 'account-key'
storageEndpoint: 'https://contoso.blob.core.windows.net'
}
}