Question1 :Could you please help to understand why implementation of SqlDBEncryption script wrongly returns incorrect compliance for SQL transparent data encryption. Also attached policy139305-sqldbencryption.txtThanks
Policy should show SQL databases (not master) "TO BE COMPLIANT" when transparent data encryption is "enabled" and it is currently enabled "On" .
What is the current behaviour? - All (non-master) databases always show as "NON-COMPLIANT" in all subscriptions where policy enabled .
View resource' from the "incompliant resources list", and then select the transparent data encryption blade, the result is : "data encryption Off".
However, when you go to the exact same database by navigating the portal from the portal home page, the database shows that "DATA ENCRYPTION IS ON"
and that the encryption status is "encrypted".
When querying the transparent data encryption settings through PowerShell (with Get-AzSqlDatabaseTransparentDataEncryption), the state of On and “enabled” is correctly returned.
Could you please assist as to what could be causing the wrong compliance results in policy showing data encryption "Off" when it is clearly enabled as "On" from the SQL Portal blade
Question2. With 72 databases the filtering policy is not showing all the databases based on the definition. Only 24 out of 72 is shown.