1. Log in to the Azure portal (https://portal.azure.com/).
2. Navigate to the virtual machine that hosts the SQL Server instance that you want to protect with Microsoft Defender for Cloud.
3. Click on the “Networking” option in the left-hand menu.
4. Select the “Network Security Group” associated with the virtual machine.
5. Click on the “Inbound security rules” option.
6. Click on the “Add” button to create a new inbound security rule.
7. In the “Add inbound security rule” pane, enter the following details:
   • Name: Enter a name for the rule (e.g., “Microsoft Defender for Cloud - SQL Server VM”).
   • Priority: Enter a priority for the rule (e.g., “100”).
   • Source: Select “Any” to allow traffic from any source IP address.
   • Source port ranges: Leave this field blank.
   • Destination: Select “VirtualNetwork” to allow traffic to the virtual network that contains the SQL Server VM.
   • Destination port ranges: Enter “1433” to allow traffic to the default SQL Server port.
   • Protocol: Select “TCP” as the protocol.
   • Action: Select “Allow” to allow traffic through the rule.
   • Priority: Enter a priority for the rule (e.g., “100”).
8. Click on the “Review + create” button to review the details of the new rule.
9. Click on the “Create” button to create the new rule.
10. Navigate to the “Security Center” option in the left-hand menu.
11. Click on the “Recommendations” option.
12. Locate the recommendation to enable Microsoft Defender for Cloud for SQL Server Virtual Machines.
13. Click on the “Remediate” button to enable Microsoft Defender for Cloud for the SQL Server VM.
14. Wait for the remediation process to complete.

​

1. Install the Azure SDK for Python by running the following command:
   pip install azure
   
2. Authenticate to your Azure account using the Azure CLI or by providing the credentials in the code.
3. Use the Azure SDK for Python to retrieve the virtual machine you want to enable Microsoft Defender for Cloud on.
   from azure.identity import DefaultAzureCredential
   from azure.mgmt.compute import ComputeManagementClient
   from azure.mgmt.network import NetworkManagementClient
   from azure.mgmt.resource import ResourceManagementClient
   from azure.mgmt.sql import SqlManagementClient
   
   # Authenticate to Azure
   credential = DefaultAzureCredential()
   subscription_id = "<your-subscription-id>"
   
   # Initialize the clients for Compute, Network, Resource, and SQL
   compute_client = ComputeManagementClient(credential, subscription_id)
   network_client = NetworkManagementClient(credential, subscription_id)
   resource_client = ResourceManagementClient(credential, subscription_id)
   sql_client = SqlManagementClient(credential, subscription_id)
   
   # Retrieve the virtual machine you want to enable Microsoft Defender for Cloud on
   vm_name = "<your-vm-name>"
   vm_resource_group = "<your-vm-resource-group>"
   vm = compute_client.virtual_machines.get(vm_resource_group, vm_name)
   
4. Use the Azure SDK for Python to retrieve the SQL Server instance running on the virtual machine.
   # Retrieve the SQL Server instance running on the virtual machine
   sql_server_name = "<your-sql-server-name>"
   sql_server_resource_group = "<your-sql-server-resource-group>"
   sql_server = sql_client.servers.get(sql_server_resource_group, sql_server_name)
   
5. Use the Azure SDK for Python to enable Microsoft Defender for Cloud for the SQL Server instance.
   # Enable Microsoft Defender for Cloud for the SQL Server instance
   sql_client.server_security_alert_policies.create_or_update(
       sql_server_resource_group,
       sql_server_name,
       "default",
       {
           "state": "Enabled",
           "email_account_admins": True,
           "retention_days": 90
       }
   )
   
   Note: Replace the values in the code with your own values.
6. Verify that Microsoft Defender for Cloud for SQL Server Virtual Machines is enabled by checking the SQL Server instance in the Azure portal. You have now successfully enabled Microsoft Defender for Cloud for SQL Server Virtual Machines on Azure using Python.