Workspace
data class WorkspaceSecurityAlertPolicyArgs(val disabledAlerts: Output<List<String>>? = null, val emailAccountAdminsEnabled: Output<Boolean>? = null, val emailAddresses: Output<List<String>>? = null, val policyState: Output<String>? = null, val retentionDays: Output<Int>? = null, val storageAccountAccessKey: Output<String>? = null, val storageEndpoint: Output<String>? = null, val synapseWorkspaceId: Output<String>? = null) : ConvertibleToJava<WorkspaceSecurityAlertPolicyArgs>
Manages a Security Alert Policy for a Synapse Workspace.
Example Usage
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import com.pulumi.azure.storage.DataLakeGen2Filesystem;
import com.pulumi.azure.storage.DataLakeGen2FilesystemArgs;
import com.pulumi.azure.synapse.Workspace;
import com.pulumi.azure.synapse.WorkspaceArgs;
import com.pulumi.azure.synapse.inputs.WorkspaceAadAdminArgs;
import com.pulumi.azure.synapse.inputs.WorkspaceIdentityArgs;
import com.pulumi.azure.synapse.WorkspaceSecurityAlertPolicy;
import com.pulumi.azure.synapse.WorkspaceSecurityAlertPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
.location("West Europe")
.build());
var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
.resourceGroupName(exampleResourceGroup.name())
.location(exampleResourceGroup.location())
.accountTier("Standard")
.accountReplicationType("LRS")
.accountKind("StorageV2")
.isHnsEnabled("true")
.build());
var exampleDataLakeGen2Filesystem = new DataLakeGen2Filesystem("exampleDataLakeGen2Filesystem", DataLakeGen2FilesystemArgs.builder()
.storageAccountId(exampleAccount.id())
.build());
var exampleWorkspace = new Workspace("exampleWorkspace", WorkspaceArgs.builder()
.resourceGroupName(exampleResourceGroup.name())
.location(exampleResourceGroup.location())
.storageDataLakeGen2FilesystemId(exampleDataLakeGen2Filesystem.id())
.sqlAdministratorLogin("sqladminuser")
.sqlAdministratorLoginPassword("H@Sh1CoR3!")
.aadAdmin(WorkspaceAadAdminArgs.builder()
.login("AzureAD Admin")
.objectId("00000000-0000-0000-0000-000000000000")
.tenantId("00000000-0000-0000-0000-000000000000")
.build())
.identity(WorkspaceIdentityArgs.builder()
.type("SystemAssigned")
.build())
.tags(Map.of("Env", "production"))
.build());
var auditLogs = new Account("auditLogs", AccountArgs.builder()
.resourceGroupName(exampleResourceGroup.name())
.location(exampleResourceGroup.location())
.accountTier("Standard")
.accountReplicationType("LRS")
.build());
var exampleWorkspaceSecurityAlertPolicy = new WorkspaceSecurityAlertPolicy("exampleWorkspaceSecurityAlertPolicy", WorkspaceSecurityAlertPolicyArgs.builder()
.synapseWorkspaceId(exampleWorkspace.id())
.policyState("Enabled")
.storageEndpoint(auditLogs.primaryBlobEndpoint())
.storageAccountAccessKey(auditLogs.primaryAccessKey())
.disabledAlerts(
"Sql_Injection",
"Data_Exfiltration")
.retentionDays(20)
.build());
}
}Content copied to clipboard
Import
Synapse Workspace Security Alert Policies can be imported using the resource id, e.g.
$ pulumi import azure:synapse/workspaceSecurityAlertPolicy:WorkspaceSecurityAlertPolicy example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Synapse/workspaces/workspace1/securityAlertPolicies/DefaultContent copied to clipboard
Constructors
Link copied to clipboard
fun WorkspaceSecurityAlertPolicyArgs(disabledAlerts: Output<List<String>>? = null, emailAccountAdminsEnabled: Output<Boolean>? = null, emailAddresses: Output<List<String>>? = null, policyState: Output<String>? = null, retentionDays: Output<Int>? = null, storageAccountAccessKey: Output<String>? = null, storageEndpoint: Output<String>? = null, synapseWorkspaceId: Output<String>? = null)
Functions
Properties
Link copied to clipboard
Specifies the blob storage endpoint (e.g. https://example.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.