SQL Databases

SQL DB Multiple AZ Missing

Risk Level: Low

Description: 

This plugin guarantees that cross-AZ SQL Database instances are created for high availability. When SQL Database instances are created in a single availability zone, all systems that rely on that database have a single point of failure. To enable adequate failover, all SQL Database instances should be built in various availability zones. For both serverless and provided computing, zone redundancy configuration for the general-purpose service tier is available. Azure Availability Zones are used in this setup to replicate databases across different physical sites within an Azure region.

PingSafe strongly recommends ensuring that each SQL Database is configured to be zone redundant.

About the Service :

Azure SQL Database is a fully managed platform as a service (PaaS) database engine that takes care of most database maintenance tasks including updating, patching, backups, and monitoring without the need for human intervention. You may develop a highly available and high-performance data storage layer for Azure apps and solutions with Azure SQL Database.

Impact : 

Without making any modifications to the application logic, you may make your new and current serverless and provided general purpose single databases and elastic pools robust to a significantly broader range of failures, including catastrophic datacenter outages, by selecting zone redundancy.

Steps to reproduce :

  1. Sign in to your Azure portal with your Azure account.
    https://portal.azure.com/#home 
  2. Navigate to Azure’s All Resources.
  3. In the Type filter select the value as SQL Database and click Apply.
  4. Next, select the SQL Database that you want to examine.
  5. Click on Overview.
  6. Check if the Zone Redundant is enabled or not.
  7. Repeat the same steps for other SQL Databases as well.

Steps for remediation :

  1. Sign in to your Azure portal with your Azure account.
    https://portal.azure.com/#home 
  2. Navigate to Azure’s All Resources.
  3. In the Type filter select the value as SQL Database and click Apply.
  4. Next, select the SQL Database that you want to examine.
  5. Click on Overview.
  6. Check if the Zone Redundant is enabled or not.
  7. Click on Zone Redundant, you will be directed to the Compute+storage. Now select the Zone-redundant backup storage option and click on Apply.
  8. Repeat the same steps for other SQL Databases as well.

References :

Please feel free to reach out to support@pingsafe.ai with any questions that you may have.

Thanks

PingSafe Support