Parameterizing Azure Policy and Ensuring Azure SQL AD Authentication


 

I wrote before about enforcing Azure SQL AD Authentication using Azure Policies in two different ways. First, only auditing if the Azure SQL is using AD Authentication or not. Later, automatically enabling the AD Authentication on Azure SQL Servers where this authentication is not enabled.

What about if we could create one single policy definition and let each IT department in your company decides if the policy will only audit the non-compliance SQL or if they would like to fix them automatically ?

We can parameterize our policy and the policy effect, leaving the choice to the moment of the