azure-mssql-audit-retention¶
Ensure an audit log retention period greater than 90 days.
Examples¶
Insecure Example
resource "azurerm_mssql_database_extended_auditing_policy" "example" {
database_id = azurerm_mssql_database.example.id
storage_endpoint = azurerm_storage_account.example.primary_blob_endpoint
storage_account_access_key = azurerm_storage_account.example.primary_access_key
storage_account_access_key_is_secondary = false
retention_in_days = 6
}
Secure Example
resource "azurerm_mssql_database_extended_auditing_policy" "example" {
database_id = azurerm_mssql_database.example.id
storage_endpoint = azurerm_storage_account.example.primary_blob_endpoint
storage_account_access_key = azurerm_storage_account.example.primary_access_key
storage_account_access_key_is_secondary = false
retention_in_days = 120
}