SQL Server Predictable Admin Account Name
- Query id: 663062e9-473d-4e87-99bc-6f3684b3df40
- Query name: SQL Server Predictable Admin Account Name
- Platform: Ansible
- Severity: Medium
- Category: Best Practices
- URL: Github
Description¶
Azure SQL Server's Admin account login must avoid using names like 'Admin', that are too predictable, which means the attribute 'admin_username' must be set to a name that is not easy to predict
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Postitive test num. 1 - yaml file
#this is a problematic code where the query should report a result(s)
- name: Create (or update) SQL Server1
azure_rm_sqlserver:
resource_group: myResourceGroup
name: server_name1
location: westus
admin_username: ""
admin_password: Testpasswordxyz12!
- name: Create (or update) SQL Server2
azure_rm_sqlserver:
resource_group: myResourceGroup
name: server_name2
location: westus
admin_username:
admin_password: Testpasswordxyz12!
- name: Create (or update) SQL Server3
azure_rm_sqlserver:
resource_group: myResourceGroup
name: server_name3
location: westus
admin_username: admin
admin_password: Testpasswordxyz12!