Skip to content

fix(azure): Improve query of CIS v1.3.0 Section 4.2.1#10362

Merged
kodiakhq[bot] merged 8 commits intocloudquery:mainfrom
aruneko:fix/azure-cis-policy-sec4-2-1
May 11, 2023
Merged

fix(azure): Improve query of CIS v1.3.0 Section 4.2.1#10362
kodiakhq[bot] merged 8 commits intocloudquery:mainfrom
aruneko:fix/azure-cis-policy-sec4-2-1

Conversation

@aruneko
Copy link
Copy Markdown
Contributor

@aruneko aruneko commented Apr 26, 2023

Summary

I noticed that the current query of CIS v1.3.0 Section 4.2.1 checks the ATP (Advanced Threat Protection) status by SQL databases. But the original document says that the we have to check the status by SQL Servers.

In addition, even though I have enabled the ATP settings on my Azure SQL Server, current query always returns fails, because the status is managed by not database level but server level.

To solve the problem, I have added a new table azure_sql_server_advanced_threat_protection_settings to store the status, and use the table to check the policy.

@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 26, 2023

This PR has the following changes to source plugin(s) tables:

  • Table azure_sql_server_advanced_threat_protection_settings was added

@yevgenypats yevgenypats requested review from bbernays and jsonpr April 26, 2023 13:20
@aruneko
Copy link
Copy Markdown
Contributor Author

aruneko commented May 11, 2023

Hello, @yevgenypats -san, how is the status of reviewing this pull request?

@hermanschaaf
Copy link
Copy Markdown
Contributor

hermanschaaf commented May 11, 2023

/gen sha=d9fdc3ec190116f3f89423008e67b7cd5cba9f2b plugin=azure

hermanschaaf
hermanschaaf approved these changes May 11, 2023
View reviewed changes
Copy link
Copy Markdown
Contributor

@hermanschaaf hermanschaaf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me, sorry for the delay in reviewing this @aruneko ! Thank you for the great contribution 👍

@hermanschaaf hermanschaaf added the automerge Automatically merge once required checks pass label May 11, 2023
@kodiakhq kodiakhq bot merged commit 48138be into cloudquery:main May 11, 2023
@cq-bot cq-bot mentioned this pull request May 11, 2023
Merged
@aruneko aruneko deleted the fix/azure-cis-policy-sec4-2-1 branch May 11, 2023 10:44
kodiakhq bot pushed a commit that referenced this pull request May 16, 2023
@cq-bot
chore(main): Release plugins-source-azure v7.5.0 (#10642)
ef253e4 
🤖 I have created a release *beep* *boop*
---


## [7.5.0](plugins-source-azure-v7.4.1...plugins-source-azure-v7.5.0) (2023-05-16)


### This Release has the Following Changes to Tables
- Table `azure_sql_server_advanced_threat_protection_settings` was added

### Features

* **deps:** Upgrade to Apache Arrow v13 (latest `cqmain`) ([#10605](#10605)) ([a55da3d](a55da3d))


### Bug Fixes

* **azure:** Improve query of CIS v1.3.0 Section 4.2.1 ([#10362](#10362)) ([48138be](48138be))
* **deps:** Update module github.com/cloudquery/plugin-pb-go to v1.0.8 ([#10798](#10798)) ([27ff430](27ff430))

---
This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@erezrokah erezrokah Awaiting requested review from erezrokah

@yevgenypats yevgenypats Awaiting requested review from yevgenypats

@bbernays bbernays Awaiting requested review from bbernays

@jsonpr jsonpr Awaiting requested review from jsonpr

1 more reviewer

@hermanschaaf hermanschaaf hermanschaaf approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

automerge Automatically merge once required checks pass

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@aruneko @hermanschaaf @cq-bot