Log monitoring disabled for Azure Synapse SQL Pool
Description
This policy detects whether log monitoring is enabled for Synapse SQL Pools in Microsoft Azure. Log monitoring is an important security measure as it helps in tracking database activities, detecting suspicious behavior, and responding to potential security incidents. Without log monitoring, organizations may be unable to detect unauthorized access or misuse of data, making it harder to protect sensitive information and meet compliance requirements.
Code Example
go
resource "azurerm_synapse_sql_pool" "example" {
...
}
resource "azurerm_synapse_sql_pool_extended_auditing_policy" "example" {
sql_pool_id = azurerm_synapse_sql_pool.example.id
- log_monitoring_enabled = false
+ log_monitoring_enabled = true
}Remediation
Terraform
- Resource: azurerm_synapse_sql_pool, azurerm_synapse_sql_pool_extended_auditing_policy
- Arguments: log_monitoring_enabled
Ensure all `azurerm_synapse_sql_pool` resources are associated with an `azurerm_synapse_sql_pool_extended_auditing_policy` resource.
In this example, log monitoring for Azure Synapse SQL Pools is enforced using Terraform templates.
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0811 |
| Severity | INFO |
| IaC Type | arm |
| Frameworks | Terraform, |
| Checkov ID | CKV2_AZURE_54 |