turbot/azure_compliance

ad_guest_user_reviewed_monthlyad_manual_controlappservice_authentication_enabledappservice_ftp_deployment_disabledappservice_web_app_incoming_client_cert_onappservice_web_app_latest_http_versionappservice_web_app_latest_tls_versionappservice_web_app_register_with_active_directory_enabledappservice_web_app_use_httpscompute_os_and_data_disk_encrypted_with_cmkcompute_unattached_disk_encrypted_with_cmkcompute_vm_utilizing_managed_diskiam_no_custom_subscription_owner_roles_createdkeyvault_key_expiration_setkeyvault_logging_enabledkeyvault_secret_expiration_setkeyvault_vault_recoverablekubernetes_instance_rbac_enabledmanual_controlmonitor_diagnostic_settings_captures_proper_categoriesmonitor_log_alert_create_policy_assignmentmonitor_log_alert_create_update_nsgmonitor_log_alert_create_update_nsg_rulemonitor_log_alert_create_update_security_solutionmonitor_log_alert_delete_nsgmonitor_log_alert_delete_nsg_rulemonitor_log_alert_delete_policy_assignmentmonitor_log_alert_delete_security_solutionmonitor_log_alert_sql_firewall_rulemonitor_logs_storage_container_encryptes_with_byokmonitor_logs_storage_container_not_public_accessiblemysql_ssl_enablednetwork_security_group_rdp_access_restrictednetwork_security_group_ssh_access_restrictednetwork_security_group_udp_service_restrictednetwork_sg_flowlog_retention_period_greater_than_90network_watcher_enabledpostgres_db_server_connection_throttling_onpostgres_db_server_log_checkpoints_onpostgres_db_server_log_connections_onpostgres_db_server_log_disconnections_onpostgres_db_server_log_retention_days_3postgres_sql_ssl_enabledsecuritycenter_additional_email_configuredsecuritycenter_asc_default_setting_not_disabledsecuritycenter_automatic_provisioning_monitoring_agent_onsecuritycenter_azure_defender_on_for_appservicesecuritycenter_azure_defender_on_for_containerregistrysecuritycenter_azure_defender_on_for_k8ssecuritycenter_azure_defender_on_for_keyvaultsecuritycenter_azure_defender_on_for_serversecuritycenter_azure_defender_on_for_sqldbsecuritycenter_azure_defender_on_for_sqlservervmsecuritycenter_azure_defender_on_for_storagesecuritycenter_mcas_integrationsecuritycenter_notify_alerts_configuredsecuritycenter_security_alerts_to_owner_enabledsecuritycenter_wdatp_integrationsql_database_allow_internet_accesssql_db_active_directory_admin_configuredsql_server_and_databases_va_enabledsql_server_atp_enabledsql_server_auditing_onsql_server_audting_retention_period_90sql_server_tde_protector_cmk_encryptedsql_server_transparent_data_encryption_enabledsql_server_va_setting_periodic_scan_enabledsql_server_va_setting_reports_notify_adminssql_server_va_setting_scan_reports_configuredstorage_account_blob_containers_public_access_privatestorage_account_blob_service_logging_enabledstorage_account_default_network_access_rule_deniedstorage_account_encryption_at_rest_using_cmkstorage_account_queue_services_logging_enabledstorage_account_secure_transfer_required_enabledstorage_account_soft_delete_enabledstorage_account_trusted_microsoft_services_enabled

Query: securitycenter_azure_defender_on_for_appservice

Usage

steampipe query azure_compliance.query.securitycenter_azure_defender_on_for_appservice

SQL

select
-- Required Columns
sub_pricing.id as resource,
case
when pricing_tier = 'Standard' then 'ok'
else 'alarm'
end as status,
case
when pricing_tier = 'Standard' then 'Azure Defender on for App Services.'
else 'Azure Defender off for App Services.'
end as reason,
-- Additional Dimension
sub.display_name as subscription
from
azure_security_center_subscription_pricing sub_pricing
right join azure_subscription sub on sub_pricing.subscription_id = sub.subscription_id
where
name = 'AppServices';