Time Source in Azure SQL

Avi Stokar 6 Reputation points
2021-09-27T13:42:01.82+00:00

I need to certify my software with a certifying body (with proctor) and demonstrate and/or show documentation for th source of the time used by my database which stamps all records with current UTC time using triggers.

Is there any documentation for the time source for Azure SQL (NOT managed instance)?

Azure SQL Database
{count} votes

2 answers

Sort by: Most helpful
  1. Ronen Ariely 15,191 Reputation points
    2021-09-28T23:30:53.61+00:00

    Good day,

    Is there any documentation for the time source for Azure SQL (NOT managed instance)?

    Yes there is a clear documentation. For the GETDATE() fore example here is the documentation:

    https://learn.microsoft.com/en-us/sql/t-sql/functions/getdate-transact-sql?view=sql-server-ver15

    It is explicitly inform us that: "Azure SQL Database (with the exception of Azure SQL Managed Instance) and Azure Synapse Analytics follow UTC."

    Syncing of the time is done by the operating system of the hosting machine.

    Other functions like SYSUTCDATETIME always returns the UTC rime (on premises or azure database)

    Microsoft says Azure SQL is PCI-DSS compliant but I need to be able to show a proctor where the server time sync is documented

    I helped several companies to gain their PCI-DSS certification and never asked about this. Moreover, this can be different from one machine to other when using SQL Server on-[remises and yet it does not limit to get PCI-DSS certification obviously. I see no relation for this. You might ask for a different certification or maybe this is your company internal request.

    More relevant and important is to make sure you configure the server to use version 1.2 of TLS!

    Using the portal go the SQL server -> select Firewalls and virtual networks -> Select the Minimum TLS Version to be 1.2 for all SQL Databases associated with the server,.

    In addition, make sure that you disable TLS 1.1 and 1.0 on the client as well.


  2. Anonymous
    2021-09-29T02:25:26.857+00:00

    In windows one can w32tm /query /source and move up the chain to PDC emulator and finally to the internet source or possibly the hardware clock address. The OP is simply asking for the same audit trail but in the belly of Azure.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.