.png?fit=max&auto=format&n=tsMQJyneJ1xquFUo&q=85&s=4d401cc03b547d99b6f75a6bd170c334){kind=spacer}
Documentation Index
Fetch the complete documentation index at: https://help.dsalta.com/llms.txt
Use this file to discover all available pages before exploring further.
Overview
DSALTA connects to Microsoft Azure using read-only API access to collect compliance evidence automatically. Data syncs every 24 hours and feeds into your Data Library modules.Read-only access. DSALTA never modifies, creates, or deletes resources in your Microsoft Azure environment.
How to Connect
- Go to Integrations in the DSALTA sidebar.
- Find Microsoft Azure and click Connect.
- Authenticate with admin-level access.
- Select the scope (accounts, projects, or resources to monitor).
- DSALTA performs an initial sync (5–15 minutes). Tests activate after sync completes.
Automated Compliance Tests
| Test | Description |
|---|---|
| Infrastructure entities should be classified | Checks that all Azure infrastructure entities are classified by criticality. |
| Azure should be on HTTPS | Checks that Azure resources are accessible over HTTPS. |
| Azure should redirect HTTP to HTTPS | Checks that Azure redirects HTTP traffic to HTTPS. |
| Azure activity logs should be archived | Checks that Azure activity logs are archived for audit purposes. |
| Azure Defender should be enabled | Checks that Microsoft Defender for Cloud is enabled on the Azure subscription. |
| Reported incidents should be closed in Microsoft Defender | Checks that incidents detected in Microsoft Defender are closed and resolved. |
| Azure flow logs should be captured | Checks that Azure NSG flow logs are captured. |
| Azure virtual network flow logs should be captured | Checks that Azure Virtual Network flow logs are captured. |
| Azure Cosmos DB should be encrypted | Checks that Azure Cosmos DB is encrypted at rest. |
| Azure Cosmos DB backup should be enabled | Checks that Azure Cosmos DB backups are enabled. |
| Azure Cosmos DB latency should be monitored | Checks that Azure Cosmos DB latency is being monitored. |
| Azure Cosmos DB should be protected from direct internet traffic | Checks that Azure Cosmos DB is not directly exposed to the internet. |
| Azure VMs should be protected from direct internet traffic | Checks that Azure VMs are not directly exposed to the internet. |
| Azure SQL databases should be encrypted | Checks that Azure SQL databases are encrypted at rest. |
| Azure SQL databases should be protected from direct internet traffic | Checks that Azure SQL databases are not directly exposed to the internet. |
| Azure SQL database backup should be enabled | Checks that Azure SQL database backups are enabled. |
| Azure SQL database memory utilization should be monitored | Checks that Azure SQL database memory utilization is being monitored. |
| Azure SQL database CPU utilization should be monitored | Checks that Azure SQL database CPU utilization is being monitored. |
| Azure SQL database IO utilization should be monitored | Checks that Azure SQL database I/O utilization is being monitored. |
| Azure storage accounts should be encrypted | Checks that Azure storage accounts are encrypted at rest. |
| Azure storage account public network access should be disabled | Checks that Azure storage account public network access is disabled. |
| Azure storage account minimum TLS version should be 1.2 | Checks that Azure storage accounts enforce a minimum TLS version of 1.2. |
| Azure storage account secure transfer should be enabled | Checks that secure transfer (HTTPS) is required for Azure storage accounts. |
| Azure storage account default network access rule should be set to deny | Checks that the default network access rule for Azure storage accounts is set to deny. |
| Azure storage account cross-tenant replication should not be enabled | Checks that cross-tenant replication is disabled for Azure storage accounts. |
| Azure storage account anonymous blob access should be disabled | Checks that anonymous blob access is disabled on Azure storage accounts. |
| Azure Web App should use the latest TLS version | Checks that Azure Web Apps are using the latest TLS version. |
| Azure Web App should redirect HTTP to HTTPS | Checks that Azure App Service redirects all HTTP traffic to HTTPS. |
| Azure RBAC Key Vault keys should have expiration dates | Checks that expiration dates are set for all keys in RBAC-enabled Azure Key Vaults. |
| Azure non-RBAC Key Vault keys should have expiration dates | Checks that expiration dates are set for all keys in non-RBAC Azure Key Vaults. |
| Azure Key Vault should be recoverable | Checks that Azure Key Vaults are configured to be recoverable (soft delete enabled). |
| Azure VM CPU utilization should be monitored | Checks that Azure VM CPU utilization is being monitored. |
| Azure PostgreSQL should enforce SSL connections | Checks that Azure PostgreSQL servers enforce SSL connections. |
| Azure PostgreSQL should have infrastructure double encryption enabled | Checks that Azure PostgreSQL servers have infrastructure double encryption enabled. |
| Azure Cache for Redis CPU utilization should be monitored | Checks that Azure Cache for Redis CPU utilization is being monitored. |
| Azure Cache for Redis freeable memory should be monitored | Checks that Azure Cache for Redis freeable memory is being monitored. |
| Azure Cache for Redis client connections should be monitored | Checks that Azure Cache for Redis client connections are being monitored. |
| Azure Databricks workspaces should be encrypted | Checks that Azure Databricks workspaces are encrypted at rest. |
| Azure disks should be encrypted | Checks that Azure managed disks are encrypted at rest. |
| Azure Load Balancer health probe status should be monitored | Checks that Azure Load Balancer health probe status is being monitored. |
| Azure Application Gateway healthy host count should be monitored | Checks that Azure Application Gateway healthy host count is being monitored. |
| Azure Front Door origin health should be monitored | Checks that Azure Front Door origin health is being monitored. |
| Azure AKS node CPU utilization should be monitored | Checks that Azure AKS node CPU utilization is being monitored. |
| Azure AKS node memory working set usage should be monitored | Checks that Azure AKS node memory working set usage is being monitored. |
| Azure disk backup should be enabled | Checks that Azure disk backups are enabled. |
| Azure Databricks health should be monitored | Checks that Azure Databricks cluster health is being monitored. |
| Azure Databricks CPU utilization should be monitored | Checks that Azure Databricks CPU utilization is being monitored. |
| Azure access should be removed for offboarded users | Checks that Azure access is revoked for offboarded users. |
| Azure Databricks workspace backup should be enabled | Checks that Azure Databricks workspace backups are enabled. |
Troubleshooting
Integration shows Disconnected
Integration shows Disconnected
Re-authenticate from Integrations → Microsoft Azure → Reconnect. This usually happens when API tokens expire.
Data is not syncing
Data is not syncing
Verify the connected account has admin permissions. Try a manual sync from the integration settings.