Defender for databases - partially enable

Assaf L 261 Reputation points
2023-10-04T07:38:48.47+00:00

Is there an option to enable some of the databases as part of the Defender for Azure SQL plan?

According to the documentation: When you enable Microsoft Defender for Azure SQL, all supported resources that exist within the subscription are protected. Future resources created on the same subscription will also be protected.

The current state in my subscription is not clear

I have 2 sql servers, one defined as enabled in the defender for cloud section (I enabled it from the server rather than the environment settings screen)

User's image

The other server is marked as disabled

User's image

The defender for database plan is marked as off at the environment settings screen, it shows that no instances are protected (as shown below)

User's image

The question is, does the plan indeed cover all servers (in terms of pricing and despite them being marked as disabled) or does it cover only some and the indication in the UI is incorrect?

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,216 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. 2023-10-12T03:40:12.5533333+00:00

    Hello @Assaf L , to protect all your existing Azure SQL servers and databases within an Azure subscription you need to Enable Defender for Azure SQL databases. The former requires going trough Environment settings. In your case, you've enabled it only for a server and its databases, thus it's not being enabled for other resources.

    Let us know if you need additional assistance. If the answer was helpful, please accept it and rate it so that others facing a similar issue can easily find a solution.