You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/defender-for-cloud/defender-for-databases-introduction.md
+14-18Lines changed: 14 additions & 18 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,7 +1,7 @@
1
1
---
2
2
title: What is Defender for open-source databases
3
3
description: Learn about the benefits and features of Microsoft Defender for open-source relational databases such as PostgreSQL, MySQL, and MariaDB
4
-
ms.date: 04/09/2024
4
+
ms.date: 05/01/2024
5
5
ms.topic: overview
6
6
ms.author: dacurwin
7
7
author: dcurwin
@@ -10,20 +10,6 @@ author: dcurwin
10
10
11
11
# What is Microsoft Defender for open-source relational databases
12
12
13
-
This plan brings threat protections for the following open-source relational databases on Azure:
14
-
15
-
-[Azure Database for PostgreSQL](../postgresql/index.yml)
16
-
-[Azure Database for MySQL](../mysql/index.yml)
17
-
-[Azure Database for MariaDB](../mariadb/index.yml)
18
-
19
-
and for RDS instances on AWS (Preview):
20
-
21
-
- Aurora PostgreSQL
22
-
- Aurora MySQL
23
-
- PostgreSQL
24
-
- MySQL
25
-
- MariaDB
26
-
27
13
Defender for Cloud detects anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. The plan makes it simple to address potential threats to databases without the need to be a security expert or manage advanced security monitoring systems.
28
14
29
15
## Availability
@@ -32,20 +18,30 @@ Check out the [pricing page](https://azure.microsoft.com/pricing/details/defende
32
18
33
19
Defender for open-source relational database is supported on PaaS environments for Azure and AWS and not on Azure Arc-enabled machines.
34
20
35
-
**Protected versions of PostgreSQL include**:
21
+
This plan brings threat protections for the following open-source relational databases on Azure:
22
+
23
+
**Protected versions of [Azure Database for PostgreSQL](../postgresql/index.yml) include**:
36
24
37
25
- Single Server - General Purpose and Memory Optimized. Learn more in [PostgreSQL Single Server pricing tiers](../postgresql/concepts-pricing-tiers.md).
38
26
- Flexible Server - all pricing tiers.
39
27
40
-
**Protected versions of MySQL include**:
28
+
**Protected versions of [Azure Database for MySQL](../mysql/index.yml) include**:
41
29
42
30
- Single Server - General Purpose and Memory Optimized. Learn more in [MySQL pricing tiers](../mysql/concepts-pricing-tiers.md).
43
31
- Flexible Server - all pricing tiers.
44
32
45
-
**Protected versions of MariaDB include**:
33
+
**Protected versions of [Azure Database for MariaDB](../mariadb/index.yml) include**:
46
34
47
35
- General Purpose and Memory Optimized. Learn more in [MariaDB pricing tiers](../mariadb/concepts-pricing-tiers.md).
48
36
37
+
For RDS instances on AWS (Preview):
38
+
39
+
- Aurora PostgreSQL
40
+
- Aurora MySQL
41
+
- PostgreSQL
42
+
- MySQL
43
+
- MariaDB
44
+
49
45
View [cloud availability](support-matrix-cloud-environment.md#cloud-support) for Defender for open-source relational databases
50
46
51
47
## What are the benefits of Microsoft Defender for open-source relational databases?
Copy file name to clipboardExpand all lines: articles/defender-for-cloud/enable-defender-for-databases-aws.md
+10-6Lines changed: 10 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -20,7 +20,7 @@ Microsoft Defender for Cloud detects anomalous activities in your AWS environmen
20
20
21
21
To get alerts from the Microsoft Defender plan, you need to follow the instructions on this page to enable Defender for open-source relational databases on AWS.
22
22
23
-
The Defender for open-source relational databases on AWS plan also includes the ability to discover sensitive data within your account and enrich the Defender for Cloud experience with the findings. This is feature is included with Defender CSPM.
23
+
The Defender for open-source relational databases on AWS plan also includes the ability to discover sensitive data within your account and enrich the Defender for Cloud experience with the findings. This is feature is also included with Defender CSPM.
24
24
25
25
Learn more about this Microsoft Defender plan in [Overview of Microsoft Defender for open-source relational databases](defender-for-databases-introduction.md).
26
26
@@ -56,6 +56,8 @@ Learn more about this Microsoft Defender plan in [Overview of Microsoft Defender
56
56
> Toggling the open-source relational databases to on will also enable sensitive data discovery to on, which is a shared feature with Defender CSPM's sensitive data discovery for relation database service (RDS).
57
57
>
58
58
> :::image type="content" source="media/enable-defender-for-databases-aws/cspm-shared.png" alt-text="Screenshot that shows the settings page for Defender CSPM and the sensitive data turned on with the protected resources." lightbox="media/enable-defender-for-databases-aws/cspm-shared.png":::
59
+
>
60
+
> Learn more about [sensitive data discovery in AWS RDS instances](concept-data-security-posture-prepare.md#discovering-aws-rds-instances).
59
61
60
62
1. Select **Configure access**.
61
63
@@ -119,13 +121,15 @@ An option group is required for MySQL and MariaDB with the following options for
119
121
| SERVER_AUDIT_EXCL_USER | If it exists, expand it to include rdsadmin. |
120
122
| SERVER_AUDIT_INCL_USERS | If it exists with a value and rdsadmin is part of the include, then it won't be present in SERVER_AUDIT_EXCL_USER, and the value of incl is empty. |
121
123
122
-
> [!NOTE]
123
-
>
124
-
> - If a parameter group already exists it will be updated accordingly.
124
+
> [!IMPORTANT]
125
+
> You may need to reboot your instances to apply the changes.
125
126
>
126
-
> -If you are using the default parameter group, a new parameter group will be created that includes the required parameter changes with the prefix `defenderfordatabases*`.
127
+
> If you are using the default parameter group, a new parameter group will be created that includes the required parameter changes with the prefix `defenderfordatabases*`.
127
128
>
128
-
> - If a new parameter group was created or if static parameters were updated they won't take effect until the instance is restarted.
129
+
> If a new parameter group was created or if static parameters were updated, they won't take effect until the instance is restarted.
130
+
131
+
> [!NOTE]
132
+
> - If a parameter group already exists it will be updated accordingly.
129
133
>
130
134
> - MARIADB_AUDIT_PLUGIN is supported in MariaDB 10.2 and higher, MySQL 8.0.25 and higher 8.0 versions and All MySQL 5.7 versions.
Copy file name to clipboardExpand all lines: articles/defender-for-cloud/release-notes.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -30,7 +30,7 @@ If you're looking for items older than six months, you can find them in the [Arc
30
30
31
31
May 1, 2024
32
32
33
-
We are announcing the public preview of Defender for open-source databases on AWS that adds support for various types of Amazon Relation Database Service (RDS) instance types.
33
+
We are announcing the public preview of Defender for open-source databases on AWS that adds support for various types of Amazon Relational Database Service (RDS) instance types.
34
34
35
35
Learn more about [Defender for open-source databases](defender-for-databases-introduction.md) and how to [enable Defender for open-source databases on AWS](enable-defender-for-databases-aws.md).
0 commit comments