What's new?
- We've updated internal dependencies and now use the latest Azure SDK versions to discover and manage SQL resources in Guardrails. This release includes breaking changes in the CMDB data for server, database, and elasticpool. We recommend updating your existing policy settings to refer to the updated attributes as mentioned below:
Renamed:
transparentDataEncryption.statustotransparentDataEncryption.statedatabaseThreatDetectionPolicytodatabaseSecurityAlertPolicy
Added:
Azure SQL > Server
- Added
administratorsblock isManagedIdentityInUseautoRotationEnabledexternalGovernanceStatusminimalTlsVersionprivateEndpointConnectionspublicNetworkAccessrestrictOutboundNetworkAccessserverAzureADAdministrator.azureADOnlyAuthentication
Azure SQL > Database
availabilityZonecurrentBackupStorageRedundancydatabaseSecurityAlertPolicy. creationTimetransparentDataEncryption.locationisInfraEncryptionEnabledisLedgerOnmaintenanceConfigurationIdrequestedBackupStorageRedundancymaintenanceConfigurationId
Azure SQL > ElasticPool
maintenanceConfigurationId
Modified:
- The value of the attribute
serverAzureADAdministrator.namehas been changed from string (activeDirectory) to string (ActiveDirectory). - The data type of the attribute
databaseThreatDetectionPolicy.disabledAlertshas been changed from string ("") to object ([]). - The data type of the attribute
databaseThreatDetectionPolicy.emailAddresseshas been changed from string ("") to object ([]). - The data type of the attribute
databaseThreatDetectionPolicy.emailAccountAdminshas been changed from string (Disabled/Enabled) to boolean (false/true). - The data type of the attribute
disabledAlertshas been changed from string ("") to object ([]).
Removed:
databaseThreatDetectionPolicy.useServerDefault
Bug fixes
- Improved descriptions for various resource types to ensure they are clearer and more helpful.