Creating Azure Blueprint with Azure SQL database + server and additional security features

Question

Hi, I am trying to create a basic Azure Blueprint that deploys an Azure SQL database + server. I will mainly use an ARM template and policies to audit certain features.

I want to add these features to the ARM template:

1. TLS 1.2 encryption
2. Transparent Data Encryption (TDE)
3. Database/server auditing
4. Database backup enabled
5. Backup storage redundancy choice
6. Datacenter region (inherited from Resource Group location)
7. Azure Active Directory login instead of SQL authentication
8. Option to choose the maintenance window
9. Management Locks for resources or the Resource Group
10. Azure Sentinel
11. Microsoft Defender for Cloud

I was wondering if it is possible to include all these features or do I need to configure some things manually after deploying the Azure Blueprint? And what is the easiest way to setup an ARM template with all these features?

Your help would be highly appreciated.

Thanks

Answer 1

Hi, @John Thanks for the question and for using the MS Q&A platform.
you should be able to deploy from the ARM template however I will check with the internal product team and provide you with more details.
please refer to this document on ARM

Regards
Geetha