github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/azure/database/enable_audit.go (about) 1 package database 2 3 import ( 4 "github.com/khulnasoft-lab/defsec/internal/rules" 5 "github.com/khulnasoft-lab/defsec/pkg/providers" 6 "github.com/khulnasoft-lab/defsec/pkg/scan" 7 "github.com/khulnasoft-lab/defsec/pkg/severity" 8 "github.com/khulnasoft-lab/defsec/pkg/state" 9 ) 10 11 var CheckEnableAudit = rules.Register( 12 scan.Rule{ 13 AVDID: "AVD-AZU-0027", 14 Provider: providers.AzureProvider, 15 Service: "database", 16 ShortCode: "enable-audit", 17 Summary: "Auditing should be enabled on Azure SQL Databases", 18 Impact: "Auditing provides valuable information about access and usage", 19 Resolution: "Enable auditing on Azure SQL databases", 20 Explanation: `Auditing helps you maintain regulatory compliance, understand database activity, and gain insight into discrepancies and anomalies that could indicate business concerns or suspected security violations.`, 21 Links: []string{ 22 "https://docs.microsoft.com/en-us/azure/azure-sql/database/auditing-overview", 23 }, 24 Terraform: &scan.EngineMetadata{ 25 GoodExamples: terraformEnableAuditGoodExamples, 26 BadExamples: terraformEnableAuditBadExamples, 27 Links: terraformEnableAuditLinks, 28 RemediationMarkdown: terraformEnableAuditRemediationMarkdown, 29 }, 30 Severity: severity.Medium, 31 }, 32 func(s *state.State) (results scan.Results) { 33 for _, server := range s.Azure.Database.MSSQLServers { 34 if len(server.ExtendedAuditingPolicies) == 0 && server.Metadata.IsManaged() { 35 results.Add( 36 "Server does not have an extended audit policy configured.", 37 &server, 38 ) 39 } else { 40 results.AddPassed(&server) 41 } 42 } 43 return 44 }, 45 )