As people know I am publicly speaking at York User group. My chat will be about how Defender for SQL can be useful to protect your SQL data.
Microsoft has delivered Defender for SQL first for cloud, but now you can also use this on premise.
In this Series of Blogs I will keep you posted on how I prepare for the first speak. I have done a similar talk in my company, but I must admit, that is much easier. I thought I could use the same presentation, but found out that there are too many references to the company. That is something I am not allowed to do since my company is a major financial institute. That makes only one thing possible: recreate the stuff.
That enlightens another problem. My personal PC was not setup since it was just released with Windows 11. I do have office and so installed, but no development tools. This also brings in the advantage that I can help you with that. It also makes it possible for me to work with something new for me: Bicep.
To start learning Bicep, Microsoft has developed a nine unit long training. That also starts with preparing your PC. So, while preparing my PC, I will blog this.
The first action of you should be to go to: https://learn.microsoft.com/en-us/training/modules/deploy-resources-scopes-bicep/1-introduction
Going through the first page I found out that it is important to see that you should first create a Resource Group. That Resource group can contain multiple resources. That also means if you want to cleanup your mess, you should just delete your Resource group 🙂
At the end of that page they mention you should install some software, which is publicly available. I like to do automation, so it is anoying that you should go and download stuff. People invented Chocolatey and other tools for that.
The software you need to install is named mentioned in below example script:
Write-Output "First install Chocolatey" Write-output "Be aware that a question may arise. Please press A for all" Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; Invoke-Expression ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1')) Write-Output "Validate if Choco is running; one should see Chocolatey v1.3.1 in green" write-output "Update Choco. Dont forget to press A again" choco upgrade chocolatey write-output "Install Visual Code. Dont forget to press A again" choco install vscode -y write-output "Install Azure Powershell. Dont forget to press A again" choco install az.powershell -y write-output "Install Azure CLI. Dont forget to press A again" choco install azure-cli -y
The above script will:
– Install Choco on your computer
– Install Vscode
– Install Azure Powershell
– Install Azure CLI
The script is somehow Idempotent, which means you can run it multiple times.
Within VSCode it is advised to install the Bicep Extension. You can do that by:
– Start VSCode from your computer
– Click on the extensions button in the left menu
– search for bicep
– Press Install
You can do the last trick with a lot more extensions. VSCode has plenty of very usefull extensions. These get updated regularly, as is the case with VSCode.
The next editions of this blog will go and see if we can learn something from the course mentioned above, requirements for Defender for SQL to run, how we fit the requirements in Bicep files. Maybe a last one on this part would be to put it in a CICD pipeline. Not sure how far i get. York is at June 1st.