Server
Manages a Security Alert Policy for a MSSQL Server.
NOTE Security Alert Policy is currently only available for MS SQL databases.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
import * as azurerm from "@pulumi/azurerm";
const example = new azure.core.ResourceGroup("example", {
name: "example-resources",
location: "West Europe",
});
const exampleSqlServer = new azurerm.index.SqlServer("example", {
name: "mysqlserver",
resourceGroupName: example.name,
location: example.location,
version: "12.0",
administratorLogin: "4dm1n157r470r",
administratorLoginPassword: "4-v3ry-53cr37-p455w0rd",
});
const exampleAccount = new azure.storage.Account("example", {
name: "accteststorageaccount",
resourceGroupName: example.name,
location: example.location,
accountTier: "Standard",
accountReplicationType: "GRS",
});
const exampleServerSecurityAlertPolicy = new azure.mssql.ServerSecurityAlertPolicy("example", {
resourceGroupName: example.name,
serverName: exampleSqlServer.name,
state: "Enabled",
storageEndpoint: exampleAccount.primaryBlobEndpoint,
storageAccountAccessKey: exampleAccount.primaryAccessKey,
disabledAlerts: [
"Sql_Injection",
"Data_Exfiltration",
],
retentionDays: 20,
});Content copied to clipboard
import pulumi
import pulumi_azure as azure
import pulumi_azurerm as azurerm
example = azure.core.ResourceGroup("example",
name="example-resources",
location="West Europe")
example_sql_server = azurerm.index.SqlServer("example",
name=mysqlserver,
resource_group_name=example.name,
location=example.location,
version=12.0,
administrator_login=4dm1n157r470r,
administrator_login_password=4-v3ry-53cr37-p455w0rd)
example_account = azure.storage.Account("example",
name="accteststorageaccount",
resource_group_name=example.name,
location=example.location,
account_tier="Standard",
account_replication_type="GRS")
example_server_security_alert_policy = azure.mssql.ServerSecurityAlertPolicy("example",
resource_group_name=example.name,
server_name=example_sql_server["name"],
state="Enabled",
storage_endpoint=example_account.primary_blob_endpoint,
storage_account_access_key=example_account.primary_access_key,
disabled_alerts=[
"Sql_Injection",
"Data_Exfiltration",
],
retention_days=20)Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
using Azurerm = Pulumi.Azurerm;
return await Deployment.RunAsync(() =>
{
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-resources",
Location = "West Europe",
});
var exampleSqlServer = new Azurerm.Index.SqlServer("example", new()
{
Name = "mysqlserver",
ResourceGroupName = example.Name,
Location = example.Location,
Version = "12.0",
AdministratorLogin = "4dm1n157r470r",
AdministratorLoginPassword = "4-v3ry-53cr37-p455w0rd",
});
var exampleAccount = new Azure.Storage.Account("example", new()
{
Name = "accteststorageaccount",
ResourceGroupName = example.Name,
Location = example.Location,
AccountTier = "Standard",
AccountReplicationType = "GRS",
});
var exampleServerSecurityAlertPolicy = new Azure.MSSql.ServerSecurityAlertPolicy("example", new()
{
ResourceGroupName = example.Name,
ServerName = exampleSqlServer.Name,
State = "Enabled",
StorageEndpoint = exampleAccount.PrimaryBlobEndpoint,
StorageAccountAccessKey = exampleAccount.PrimaryAccessKey,
DisabledAlerts = new[]
{
"Sql_Injection",
"Data_Exfiltration",
},
RetentionDays = 20,
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/mssql"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/storage"
"github.com/pulumi/pulumi-azurerm/sdk/go/azurerm"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-resources"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleSqlServer, err := azurerm.NewSqlServer(ctx, "example", &azurerm.SqlServerArgs{
Name: "mysqlserver",
ResourceGroupName: example.Name,
Location: example.Location,
Version: "12.0",
AdministratorLogin: "4dm1n157r470r",
AdministratorLoginPassword: "4-v3ry-53cr37-p455w0rd",
})
if err != nil {
return err
}
exampleAccount, err := storage.NewAccount(ctx, "example", &storage.AccountArgs{
Name: pulumi.String("accteststorageaccount"),
ResourceGroupName: example.Name,
Location: example.Location,
AccountTier: pulumi.String("Standard"),
AccountReplicationType: pulumi.String("GRS"),
})
if err != nil {
return err
}
_, err = mssql.NewServerSecurityAlertPolicy(ctx, "example", &mssql.ServerSecurityAlertPolicyArgs{
ResourceGroupName: example.Name,
ServerName: exampleSqlServer.Name,
State: pulumi.String("Enabled"),
StorageEndpoint: exampleAccount.PrimaryBlobEndpoint,
StorageAccountAccessKey: exampleAccount.PrimaryAccessKey,
DisabledAlerts: pulumi.StringArray{
pulumi.String("Sql_Injection"),
pulumi.String("Data_Exfiltration"),
},
RetentionDays: pulumi.Int(20),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azurerm.sqlServer;
import com.pulumi.azurerm.SqlServerArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import com.pulumi.azure.mssql.ServerSecurityAlertPolicy;
import com.pulumi.azure.mssql.ServerSecurityAlertPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-resources")
.location("West Europe")
.build());
var exampleSqlServer = new SqlServer("exampleSqlServer", SqlServerArgs.builder()
.name("mysqlserver")
.resourceGroupName(example.name())
.location(example.location())
.version("12.0")
.administratorLogin("4dm1n157r470r")
.administratorLoginPassword("4-v3ry-53cr37-p455w0rd")
.build());
var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
.name("accteststorageaccount")
.resourceGroupName(example.name())
.location(example.location())
.accountTier("Standard")
.accountReplicationType("GRS")
.build());
var exampleServerSecurityAlertPolicy = new ServerSecurityAlertPolicy("exampleServerSecurityAlertPolicy", ServerSecurityAlertPolicyArgs.builder()
.resourceGroupName(example.name())
.serverName(exampleSqlServer.name())
.state("Enabled")
.storageEndpoint(exampleAccount.primaryBlobEndpoint())
.storageAccountAccessKey(exampleAccount.primaryAccessKey())
.disabledAlerts(
"Sql_Injection",
"Data_Exfiltration")
.retentionDays(20)
.build());
}
}Content copied to clipboard
resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-resources
location: West Europe
exampleSqlServer:
type: azurerm:sqlServer
name: example
properties:
name: mysqlserver
resourceGroupName: ${example.name}
location: ${example.location}
version: '12.0'
administratorLogin: 4dm1n157r470r
administratorLoginPassword: 4-v3ry-53cr37-p455w0rd
exampleAccount:
type: azure:storage:Account
name: example
properties:
name: accteststorageaccount
resourceGroupName: ${example.name}
location: ${example.location}
accountTier: Standard
accountReplicationType: GRS
exampleServerSecurityAlertPolicy:
type: azure:mssql:ServerSecurityAlertPolicy
name: example
properties:
resourceGroupName: ${example.name}
serverName: ${exampleSqlServer.name}
state: Enabled
storageEndpoint: ${exampleAccount.primaryBlobEndpoint}
storageAccountAccessKey: ${exampleAccount.primaryAccessKey}
disabledAlerts:
- Sql_Injection
- Data_Exfiltration
retentionDays: 20Content copied to clipboard
Import
MS SQL Server Security Alert Policy can be imported using the resource id, e.g.
$ pulumi import azure:mssql/serverSecurityAlertPolicy:ServerSecurityAlertPolicy example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/acceptanceTestResourceGroup1/providers/Microsoft.Sql/servers/mssqlserver/securityAlertPolicies/DefaultContent copied to clipboard
Properties
Link copied to clipboard
Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action.
Link copied to clipboard
Boolean flag which specifies if the alert is sent to the account administrators or not. Defaults to false.
Link copied to clipboard
Specifies an array of email addresses to which the alert is sent.
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
The name of the resource group that contains the MS SQL Server. Changing this forces a new resource to be created.
Link copied to clipboard
Specifies the number of days to keep in the Threat Detection audit logs. Defaults to 0.
Link copied to clipboard
Specifies the name of the MS SQL Server. Changing this forces a new resource to be created.
Link copied to clipboard
Specifies the identifier key of the Threat Detection audit storage account. This is mandatory when you use storage_endpoint to specify a storage account blob endpoint.
Link copied to clipboard
Specifies the blob storage endpoint (e.g. https://example.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.