Table: azure_security_center_subscription_pricing - Query Azure Security Center Subscription Pricing using SQL
Azure Security Center is a unified infrastructure security management system that strengthens the security posture of your data centers and provides advanced threat protection across your hybrid workloads in the cloud. It provides you with a comprehensive view of your security state and actionable recommendations to mitigate risks. The subscription pricing model allows you to choose the level of protection that best meets your needs.
Table Usage Guide
The azure_security_center_subscription_pricing
table provides insights into the pricing tier and resource details associated with each Azure Security Center subscription. As a security analyst, use this table to understand the cost implications of your security strategies, and to ensure you are utilizing the most appropriate level of protection for your needs. This table can also assist in budget planning and cost management for your Azure resources.
Examples
Basic info
Explore which Azure Security Center subscriptions are at different pricing tiers to manage costs effectively and ensure optimal resource utilization.
select id, name, pricing_tierfrom azure_security_center_subscription_pricing;
select id, name, pricing_tierfrom azure_security_center_subscription_pricing;
List pricing information for virtual machines
Explore the cost implications of your virtual machines by examining their pricing tiers. This allows for efficient budget management and cost optimization.
select id, name, pricing_tierfrom azure_security_center_subscription_pricingwhere name = 'VirtualMachines';
select id, name, pricing_tierfrom azure_security_center_subscription_pricingwhere name = 'VirtualMachines';
Control examples
- All Controls > Security Center > Azure Defender for container registries should be enabled
- All Controls > Security Center > Azure Defender for Kubernetes should be enabled
- All Controls > Security Center > Ensure That Microsoft Defender for Azure Cosmos DB is set to 'On'
- All Controls > Security Center > Security center pricing should be set to standard
- Azure Defender for App Service should be enabled
- Azure Defender for Azure SQL Database servers should be enabled
- Azure Defender for DNS should be enabled
- Azure Defender for Key Vault should be enabled
- Azure Defender for Resource Manager should be enabled
- Azure Defender for servers should be enabled
- Azure Defender for SQL should be enabled for unprotected SQL Managed Instances
- CIS v1.3.0 > 2 Security Center > 2.1 Ensure that Azure Defender is set to On for Servers
- CIS v1.3.0 > 2 Security Center > 2.2 Ensure that Azure Defender is set to On for App Service
- CIS v1.3.0 > 2 Security Center > 2.3 Ensure that Azure Defender is set to On for Azure SQL database servers
- CIS v1.3.0 > 2 Security Center > 2.4 Ensure that Azure Defender is set to On for SQL servers on machines
- CIS v1.3.0 > 2 Security Center > 2.5 Ensure that Azure Defender is set to On for Storage
- CIS v1.3.0 > 2 Security Center > 2.6 Ensure that Azure Defender is set to On for Kubernetes
- CIS v1.3.0 > 2 Security Center > 2.7 Ensure that Azure Defender is set to On for Container Registries
- CIS v1.3.0 > 2 Security Center > 2.8 Ensure that Azure Defender is set to On for Key Vault
- CIS v1.4.0 > 2 Microsoft Defender for Cloud > 2.1 Ensure that Microsoft Defender for Servers is set to 'On'
- CIS v1.4.0 > 2 Microsoft Defender for Cloud > 2.2 Ensure that Microsoft Defender for App Service is set to 'On'
- CIS v1.4.0 > 2 Microsoft Defender for Cloud > 2.3 Ensure that Microsoft Defender for Azure SQL Databases is set to 'On'
- CIS v1.4.0 > 2 Microsoft Defender for Cloud > 2.4 Ensure that Microsoft Defender for SQL servers on machines is set to 'On'
- CIS v1.4.0 > 2 Microsoft Defender for Cloud > 2.5 Ensure that Microsoft Defender for Storage is set to 'On'
- CIS v1.4.0 > 2 Microsoft Defender for Cloud > 2.6 Ensure that Microsoft Defender for Kubernetes is set to 'On'
- CIS v1.4.0 > 2 Microsoft Defender for Cloud > 2.7 Ensure that Microsoft Defender for Container Registries is set to 'On'
- CIS v1.4.0 > 2 Microsoft Defender for Cloud > 2.8 Ensure that Microsoft Defender for Key Vault is set to 'On'
- CIS v1.5.0 > 2 Microsoft Defender for Cloud > 2.1 Defender Plans > 2.1.1 Ensure That Microsoft Defender for Servers Is Set to 'On'
- CIS v1.5.0 > 2 Microsoft Defender for Cloud > 2.1 Defender Plans > 2.1.10 Ensure That Microsoft Defender for Key Vault Is Set To 'On'
- CIS v1.5.0 > 2 Microsoft Defender for Cloud > 2.1 Defender Plans > 2.1.11 Ensure That Microsoft Defender for DNS Is Set To 'On'
- CIS v1.5.0 > 2 Microsoft Defender for Cloud > 2.1 Defender Plans > 2.1.13 Ensure That Microsoft Defender for Resource Manager Is Set To 'On'
- CIS v1.5.0 > 2 Microsoft Defender for Cloud > 2.1 Defender Plans > 2.1.2 Ensure That Microsoft Defender for App Services Is Set To 'On'
- CIS v1.5.0 > 2 Microsoft Defender for Cloud > 2.1 Defender Plans > 2.1.3 Ensure That Microsoft Defender for Databases Is Set To 'On'
- CIS v1.5.0 > 2 Microsoft Defender for Cloud > 2.1 Defender Plans > 2.1.4 Ensure That Microsoft Defender for Azure SQL Databases Is Set To 'On'
- CIS v1.5.0 > 2 Microsoft Defender for Cloud > 2.1 Defender Plans > 2.1.5 Ensure That Microsoft Defender for SQL Servers on Machines Is Set To 'On'
- CIS v1.5.0 > 2 Microsoft Defender for Cloud > 2.1 Defender Plans > 2.1.6 Ensure That Microsoft Defender for Open-Source Relational Databases Is Set To 'On'
- CIS v1.5.0 > 2 Microsoft Defender for Cloud > 2.1 Defender Plans > 2.1.7 Ensure That Microsoft Defender for Storage Is Set To 'On'
- CIS v1.5.0 > 2 Microsoft Defender for Cloud > 2.1 Defender Plans > 2.1.8 Ensure That Microsoft Defender for Containers Is Set To 'On'
- CIS v1.5.0 > 2 Microsoft Defender for Cloud > 2.1 Defender Plans > 2.1.9 Ensure That Microsoft Defender for Cosmos DB Is Set To 'On'
- CIS v2.0.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.1 Ensure That Microsoft Defender for Servers Is Set to 'On'
- CIS v2.0.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.10 Ensure That Microsoft Defender for Key Vault Is Set To 'On'
- CIS v2.0.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.11 Ensure That Microsoft Defender for DNS Is Set To 'On'
- CIS v2.0.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.2 Ensure That Microsoft Defender for App Services Is Set To 'On'
- CIS v2.0.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.3 Ensure That Microsoft Defender for Databases Is Set To 'On'
- CIS v2.0.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.4 Ensure That Microsoft Defender for Azure SQL Databases Is Set To 'On'
- CIS v2.0.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.5 Ensure That Microsoft Defender for SQL Servers on Machines Is Set To 'On'
- CIS v2.0.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.6 Ensure That Microsoft Defender for Open-Source Relational Databases Is Set To 'On'
- CIS v2.0.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.7 Ensure That Microsoft Defender for Storage Is Set To 'On'
- CIS v2.0.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.8 Ensure That Microsoft Defender for Containers Is Set To 'On'
- CIS v2.0.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.9 Ensure That Microsoft Defender for Azure Cosmos DB Is Set To 'On'
- CIS v2.1.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.1 Ensure That Microsoft Defender for Servers Is Set to 'On'
- CIS v2.1.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.10 [LEGACY] Ensure That Microsoft Defender for DNS Is Set To 'On'
- CIS v2.1.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.11 Ensure That Microsoft Defender for Resource Manager Is Set To 'On'
- CIS v2.1.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.16 Ensure that Auto provisioning of 'Microsoft Defender for Containers components' is Set to 'On'
- CIS v2.1.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.2 Ensure That Microsoft Defender for App Services Is Set To 'On'
- CIS v2.1.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.3 Ensure That Microsoft Defender for (Managed Instance) Azure SQL Databases Is Set To 'On'
- CIS v2.1.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.4 Ensure That Microsoft Defender for SQL Servers on Machines Is Set To 'On'
- CIS v2.1.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.5 Ensure That Microsoft Defender for Open-Source Relational Databases Is Set To 'On'
- CIS v2.1.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.6 Ensure That Microsoft Defender for Azure Cosmos DB Is Set To 'On'
- CIS v2.1.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.7 Ensure That Microsoft Defender for Storage Is Set To 'On'
- CIS v2.1.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.8 Ensure That Microsoft Defender for Containers Is Set To 'On'
- CIS v2.1.0 > 2 Microsoft Defender > 2.1 Microsoft Defender for Cloud > 2.1.9 Ensure That Microsoft Defender for Key Vault Is Set To 'On'
- CIS v3.0.0 > 3 Security > 3.1 Microsoft Defender for Cloud > 3.1.16 [LEGACY] Ensure That Microsoft Defender for DNS Is Set To 'On'
- CIS v3.0.0 > 3 Security > 3.1 Microsoft Defender for Cloud > 3.1.3 Defender Plan: Servers > 3.1.3.1 Ensure That Microsoft Defender for Servers Is Set to 'On'
- CIS v3.0.0 > 3 Security > 3.1 Microsoft Defender for Cloud > 3.1.4 Defender Plan: Containers > 3.1.4.1 Ensure That Microsoft Defender for Containers Is Set To 'On'
- CIS v3.0.0 > 3 Security > 3.1 Microsoft Defender for Cloud > 3.1.4 Defender Plan: Containers > 3.1.4.2 Ensure that 'Agentless discovery for Kubernetes' component status 'On'
- CIS v3.0.0 > 3 Security > 3.1 Microsoft Defender for Cloud > 3.1.5 Defender Plan: Storage > 3.1.5.1 Ensure That Microsoft Defender for Storage Is Set To 'On'
- CIS v3.0.0 > 3 Security > 3.1 Microsoft Defender for Cloud > 3.1.6 Defender Plan: App Service > 3.1.6.1 Ensure That Microsoft Defender for App Services Is Set To 'On'
- CIS v3.0.0 > 3 Security > 3.1 Microsoft Defender for Cloud > 3.1.7 Defender Plan: Databases > 3.1.7.1 Ensure That Microsoft Defender for Azure Cosmos DB Is Set To 'On'
- CIS v3.0.0 > 3 Security > 3.1 Microsoft Defender for Cloud > 3.1.7 Defender Plan: Databases > 3.1.7.2 Ensure That Microsoft Defender for Open-Source Relational Databases Is Set To 'On'
- CIS v3.0.0 > 3 Security > 3.1 Microsoft Defender for Cloud > 3.1.7 Defender Plan: Databases > 3.1.7.3 Ensure That Microsoft Defender for (Managed Instance) Azure SQL Databases Is Set To 'On'
- CIS v3.0.0 > 3 Security > 3.1 Microsoft Defender for Cloud > 3.1.7 Defender Plan: Databases > 3.1.7.4 Ensure That Microsoft Defender for SQL Servers on Machines Is Set To 'On'
- CIS v3.0.0 > 3 Security > 3.1 Microsoft Defender for Cloud > 3.1.8 Defender Plan: Key Vault > 3.1.8.1 Ensure That Microsoft Defender for Key Vault Is Set To 'On'
- CIS v3.0.0 > 3 Security > 3.1 Microsoft Defender for Cloud > 3.1.9 Defender Plan: Resource Manager > 3.1.9.1 Ensure That Microsoft Defender for Resource Manager Is Set To 'On'
- Ensure That Microsoft Defender for Databases is set to 'On'
- Ensure That Microsoft Defender for Open-Source Relational Databases is set to 'On'
- Microsoft Defender for Containers should be enabled
- Microsoft Defender for Storage (Classic) should be enabled
Schema for azure_security_center_subscription_pricing
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
akas | jsonb | Array of globally unique identifier strings (also known as) for the resource. | |
cloud_environment | text | The Azure Cloud Environment. | |
free_trial_remaining_time | text | The duration left for the subscriptions free trial period. | |
id | text | The pricing id. | |
name | text | = | Name of the pricing. |
pricing_tier | text | The pricing tier value. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. | |
subscription_id | text | =, !=, ~~, ~~*, !~~, !~~* | The Azure Subscription ID in which the resource is located. |
title | text | Title of the resource. | |
type | text | Type of the pricing. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- azure
You can pass the configuration to the command with the --config
argument:
steampipe_export_azure --config '<your_config>' azure_security_center_subscription_pricing