azure-mssql-threat-types¶
Ensure that 'Threat Detection types' is set to 'All'
Doing so will ensure that every type of alert generated when Advanced Threat Protection detects an anomalous activities is reported, ensuring early mitigation of any potential risk detected.
Examples¶
Insecure Example
resource "azurerm_mssql_server_security_alert_policy" "example" {
resource_group_name = azurerm_resource_group.example.name
server_name = azurerm_sql_server.example.name
state = "Enabled"
storage_endpoint = azurerm_storage_account.example.primary_blob_endpoint
storage_account_access_key = azurerm_storage_account.example.primary_access_key
disabled_alerts = [
"Sql_Injection",
"Data_Exfiltration"
]
email_addresses = [] # (default is empty)
email_account_admins = false
retention_days = 20
}
Secure Example
resource "azurerm_mssql_server_security_alert_policy" "example" {
resource_group_name = azurerm_resource_group.example.name
server_name = azurerm_sql_server.example.name
state = "Enabled"
storage_endpoint = azurerm_storage_account.example.primary_blob_endpoint
storage_account_access_key = azurerm_storage_account.example.primary_access_key
disabled_alerts = []
email_addresses = var.mssql_alert_emails
email_account_admins = true
retention_days = 20
}