Skip to content

azure-mssql-threat-types

Ensure that 'Threat Detection types' is set to 'All'

Doing so will ensure that every type of alert generated when Advanced Threat Protection detects an anomalous activities is reported, ensuring early mitigation of any potential risk detected.

Examples

Insecure Example

resource "azurerm_mssql_server_security_alert_policy" "example" {
  resource_group_name        = azurerm_resource_group.example.name
  server_name                = azurerm_sql_server.example.name
  state                      = "Enabled"
  storage_endpoint           = azurerm_storage_account.example.primary_blob_endpoint
  storage_account_access_key = azurerm_storage_account.example.primary_access_key
  disabled_alerts = [
    "Sql_Injection",
    "Data_Exfiltration"
  ]
  email_addresses            = []  # (default is empty)
  email_account_admins       = false
  retention_days = 20
}

Secure Example

resource "azurerm_mssql_server_security_alert_policy" "example" {
  resource_group_name        = azurerm_resource_group.example.name
  server_name                = azurerm_sql_server.example.name
  state                      = "Enabled"
  storage_endpoint           = azurerm_storage_account.example.primary_blob_endpoint
  storage_account_access_key = azurerm_storage_account.example.primary_access_key
  disabled_alerts = []
  email_addresses            = var.mssql_alert_emails
  email_account_admins       = true
  retention_days = 20
}

More information