Azure SQL Server Threat Detection Alerts Not Enabled For All Threat Types
Advanced data security (ADS) provides a set of advanced SQL security capabilities, including vulnerability assessment, threat detection, and data discovery and classification.
This policy identifies Azure SQL servers that have disabled the detection of one or more threat types. To protect your SQL Servers, as a best practice, enable ADS detection for all types of threats.
Azure SQL Server threat detection alerts not enabled for all threat types.
$.resource.*.azurerm_sql_database size greater than 0 and $.resource.*.azurerm_sql_database[*].*[*].threat_detection_policy size greater than 0 and $.resource.*.azurerm_sql_database[*].*[*].threat_detection_policy[*].disabled_alerts[*] size greater than 0
Recommended solution for enabling threat detection alerts for all threat types.
It is recommended to have Azure SQL Server threat detection alerts enabled for all threat types. Please make sure if your template have "threat_detection_policy" defined and it does not have "disabled_alerts" attribute defined.