pulumi-azure-kotlin/com.pulumi.azure.synapse.kotlin/WorkspaceSecurityAlertPolicy

WorkspaceSecurityAlertPolicy

class WorkspaceSecurityAlertPolicy : KotlinCustomResource

Manages a Security Alert Policy for a Synapse Workspace.

Example Usage

resources:
  example:
    type: azure:core:ResourceGroup
    properties:
      name: example-resources
      location: West Europe
  exampleAccount:
    type: azure:storage:Account
    name: example
    properties:
      name: examplestorageacc
      resourceGroupName: ${example.name}
      location: ${example.location}
      accountTier: Standard
      accountReplicationType: LRS
      accountKind: StorageV2
      isHnsEnabled: 'true'
  exampleDataLakeGen2Filesystem:
    type: azure:storage:DataLakeGen2Filesystem
    name: example
    properties:
      name: example
      storageAccountId: ${exampleAccount.id}
  exampleWorkspace:
    type: azure:synapse:Workspace
    name: example
    properties:
      name: example
      resourceGroupName: ${example.name}
      location: ${example.location}
      storageDataLakeGen2FilesystemId: ${exampleDataLakeGen2Filesystem.id}
      sqlAdministratorLogin: sqladminuser
      sqlAdministratorLoginPassword: H@Sh1CoR3!
      aadAdmin:
        - login: AzureAD Admin
          objectId: 00000000-0000-0000-0000-000000000000
          tenantId: 00000000-0000-0000-0000-000000000000
      identity:
        type: SystemAssigned
      tags:
        Env: production
  auditLogs:
    type: azure:storage:Account
    name: audit_logs
    properties:
      name: examplesa
      resourceGroupName: ${example.name}
      location: ${example.location}
      accountTier: Standard
      accountReplicationType: LRS
  exampleWorkspaceSecurityAlertPolicy:
    type: azure:synapse:WorkspaceSecurityAlertPolicy
    name: example
    properties:
      synapseWorkspaceId: ${exampleWorkspace.id}
      policyState: Enabled
      storageEndpoint: ${auditLogs.primaryBlobEndpoint}
      storageAccountAccessKey: ${auditLogs.primaryAccessKey}
      disabledAlerts:
        - Sql_Injection
        - Data_Exfiltration
      retentionDays: 20

Import

Synapse Workspace Security Alert Policies can be imported using the resource id, e.g.

$ pulumi import azure:synapse/workspaceSecurityAlertPolicy:WorkspaceSecurityAlertPolicy example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Synapse/workspaces/workspace1/securityAlertPolicies/Default

Properties

disabledAlerts

val disabledAlerts: Output<List<String>>?

Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action.

emailAccountAdminsEnabled

val emailAccountAdminsEnabled: Output<Boolean>?

Boolean flag which specifies if the alert is sent to the account administrators or not. Defaults to false.

emailAddresses

val emailAddresses: Output<List<String>>?

Specifies an array of email addresses to which the alert is sent.

val id: Output<String>

policyState

val policyState: Output<String>

Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific workspace. Possible values are Disabled, Enabled and New.

pulumiChildResources

val pulumiChildResources: Set<KotlinResource>

pulumiResourceName

val pulumiResourceName: String

pulumiResourceType

val pulumiResourceType: String

retentionDays

val retentionDays: Output<Int>?

Specifies the number of days to keep in the Threat Detection audit logs. Defaults to 0.

storageAccountAccessKey

val storageAccountAccessKey: Output<String>?

Specifies the identifier key of the Threat Detection audit storage account.