Check Defender for Azure Cosmos DB provided by Microsoft Defender for Cloud is using Standard plan #2204
Labels
pillar: security
Aligned to the Security pillar.
rule: defender-for-cloud
Rules for Microsoft Defender for Cloud
Milestone
Existing rule
No response
Suggested rule
Cosmos DBs should use Microsoft Defender for Azure Cosmos DB which is a feature of Microsoft Defender for Cloud.
Microsoft Defender for Azure Cosmos DB detects potential SQL injections, known bad actors based on Microsoft Threat Intelligence, suspicious access patterns, and potential exploitation of databases through compromised identities, or malicious insiders.
When enabling the Defender pricing plan for Cosmos DB it is automatically enabled for all Azure Cosmos DB for NoSQL accounts within the subscription.
This is done by enabling the Cosmos DB pricing plan (section) under the parent databases pricing plan in MDfC.
With infrastructure as code, PowerShell this or CLI this is done by is it done by setting a Standard
CosmosDbs
pricing plan.Related to #1632
Pillar
Security
Additional context
https://learn.microsoft.com/azure/defender-for-cloud/concept-defender-for-cosmos
https://learn.microsoft.com/azure/defender-for-cloud/defender-for-databases-enable-cosmos-protections
https://learn.microsoft.com/azure/templates/microsoft.security/advancedthreatprotectionsettings
The text was updated successfully, but these errors were encountered: