Ensure 'email account admins' is enabled for Azure MySQL Database Threat Detection Policy

MEDIUM

Description

Azure MySQL Database Threat Protection has an email notification function to help ensure that administrators are notified when an alert is triggered. This should be enabled as best practice.

Remediation

At this time, the console UI does not have remediation steps available. For possible CLI remediation, see the product documentation (below) or use Terraform.

In Terraform -

In the azurerm_mysql_server resource, set email_account_admins to account administrator.

References:
https://learn.microsoft.com/en-us/azure/azure-sql/database/threat-detection-configure?view=azuresql
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mysql_server#email_account_admins

Policy Details

Rule Reference ID: AC_AZURE_0129

CSP: Azure

Remediation Available: Yes

Domain: Logging and Monitoring

Resource: azurerm_mysql_server

Resource Category: Database

Resource Type: MySQL

Frameworks

GDPR
HIPAA
NIST-800-171
NIST-800-53
NIST-CSF
SOC2