Docs
Packagesazure-native.sql.DatabaseSecurityAlertPolicy
Explore with Pulumi AI
A database security alert policy. API Version: 2020-11-01-preview.
Example Usage
Update a database's threat detection policy with all parameters
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var databaseSecurityAlertPolicy = new AzureNative.Sql.DatabaseSecurityAlertPolicy("databaseSecurityAlertPolicy", new()
{
DatabaseName = "testdb",
DisabledAlerts = new[]
{
"Sql_Injection",
"Usage_Anomaly",
},
EmailAccountAdmins = true,
EmailAddresses = new[]
{
"test@microsoft.com",
"user@microsoft.com",
},
ResourceGroupName = "securityalert-4799",
RetentionDays = 6,
SecurityAlertPolicyName = "Default",
ServerName = "securityalert-6440",
State = AzureNative.Sql.SecurityAlertsPolicyState.Enabled,
StorageAccountAccessKey = "sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD==",
StorageEndpoint = "https://mystorage.blob.core.windows.net",
});
});
package main
import (
sql "github.com/pulumi/pulumi-azure-native-sdk/sql"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := sql.NewDatabaseSecurityAlertPolicy(ctx, "databaseSecurityAlertPolicy", &sql.DatabaseSecurityAlertPolicyArgs{
DatabaseName: pulumi.String("testdb"),
DisabledAlerts: pulumi.StringArray{
pulumi.String("Sql_Injection"),
pulumi.String("Usage_Anomaly"),
},
EmailAccountAdmins: pulumi.Bool(true),
EmailAddresses: pulumi.StringArray{
pulumi.String("test@microsoft.com"),
pulumi.String("user@microsoft.com"),
},
ResourceGroupName: pulumi.String("securityalert-4799"),
RetentionDays: pulumi.Int(6),
SecurityAlertPolicyName: pulumi.String("Default"),
ServerName: pulumi.String("securityalert-6440"),
State: sql.SecurityAlertsPolicyStateEnabled,
StorageAccountAccessKey: pulumi.String("sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD=="),
StorageEndpoint: pulumi.String("https://mystorage.blob.core.windows.net"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.sql.DatabaseSecurityAlertPolicy;
import com.pulumi.azurenative.sql.DatabaseSecurityAlertPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var databaseSecurityAlertPolicy = new DatabaseSecurityAlertPolicy("databaseSecurityAlertPolicy", DatabaseSecurityAlertPolicyArgs.builder()
.databaseName("testdb")
.disabledAlerts(
"Sql_Injection",
"Usage_Anomaly")
.emailAccountAdmins(true)
.emailAddresses(
"test@microsoft.com",
"user@microsoft.com")
.resourceGroupName("securityalert-4799")
.retentionDays(6)
.securityAlertPolicyName("Default")
.serverName("securityalert-6440")
.state("Enabled")
.storageAccountAccessKey("sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD==")
.storageEndpoint("https://mystorage.blob.core.windows.net")
.build());
}
}
import pulumi
import pulumi_azure_native as azure_native
database_security_alert_policy = azure_native.sql.DatabaseSecurityAlertPolicy("databaseSecurityAlertPolicy",
database_name="testdb",
disabled_alerts=[
"Sql_Injection",
"Usage_Anomaly",
],
email_account_admins=True,
email_addresses=[
"test@microsoft.com",
"user@microsoft.com",
],
resource_group_name="securityalert-4799",
retention_days=6,
security_alert_policy_name="Default",
server_name="securityalert-6440",
state=azure_native.sql.SecurityAlertsPolicyState.ENABLED,
storage_account_access_key="sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD==",
storage_endpoint="https://mystorage.blob.core.windows.net")
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const databaseSecurityAlertPolicy = new azure_native.sql.DatabaseSecurityAlertPolicy("databaseSecurityAlertPolicy", {
databaseName: "testdb",
disabledAlerts: [
"Sql_Injection",
"Usage_Anomaly",
],
emailAccountAdmins: true,
emailAddresses: [
"test@microsoft.com",
"user@microsoft.com",
],
resourceGroupName: "securityalert-4799",
retentionDays: 6,
securityAlertPolicyName: "Default",
serverName: "securityalert-6440",
state: azure_native.sql.SecurityAlertsPolicyState.Enabled,
storageAccountAccessKey: "sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD==",
storageEndpoint: "https://mystorage.blob.core.windows.net",
});
resources:
databaseSecurityAlertPolicy:
type: azure-native:sql:DatabaseSecurityAlertPolicy
properties:
databaseName: testdb
disabledAlerts:
- Sql_Injection
- Usage_Anomaly
emailAccountAdmins: true
emailAddresses:
- test@microsoft.com
- user@microsoft.com
resourceGroupName: securityalert-4799
retentionDays: 6
securityAlertPolicyName: Default
serverName: securityalert-6440
state: Enabled
storageAccountAccessKey: sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD==
storageEndpoint: https://mystorage.blob.core.windows.net
Update a database's threat detection policy with minimal parameters
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var databaseSecurityAlertPolicy = new AzureNative.Sql.DatabaseSecurityAlertPolicy("databaseSecurityAlertPolicy", new()
{
DatabaseName = "testdb",
ResourceGroupName = "securityalert-4799",
SecurityAlertPolicyName = "Default",
ServerName = "securityalert-6440",
State = AzureNative.Sql.SecurityAlertsPolicyState.Enabled,
});
});
package main
import (
sql "github.com/pulumi/pulumi-azure-native-sdk/sql"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := sql.NewDatabaseSecurityAlertPolicy(ctx, "databaseSecurityAlertPolicy", &sql.DatabaseSecurityAlertPolicyArgs{
DatabaseName: pulumi.String("testdb"),
ResourceGroupName: pulumi.String("securityalert-4799"),
SecurityAlertPolicyName: pulumi.String("Default"),
ServerName: pulumi.String("securityalert-6440"),
State: sql.SecurityAlertsPolicyStateEnabled,
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.sql.DatabaseSecurityAlertPolicy;
import com.pulumi.azurenative.sql.DatabaseSecurityAlertPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var databaseSecurityAlertPolicy = new DatabaseSecurityAlertPolicy("databaseSecurityAlertPolicy", DatabaseSecurityAlertPolicyArgs.builder()
.databaseName("testdb")
.resourceGroupName("securityalert-4799")
.securityAlertPolicyName("Default")
.serverName("securityalert-6440")
.state("Enabled")
.build());
}
}
import pulumi
import pulumi_azure_native as azure_native
database_security_alert_policy = azure_native.sql.DatabaseSecurityAlertPolicy("databaseSecurityAlertPolicy",
database_name="testdb",
resource_group_name="securityalert-4799",
security_alert_policy_name="Default",
server_name="securityalert-6440",
state=azure_native.sql.SecurityAlertsPolicyState.ENABLED)
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const databaseSecurityAlertPolicy = new azure_native.sql.DatabaseSecurityAlertPolicy("databaseSecurityAlertPolicy", {
databaseName: "testdb",
resourceGroupName: "securityalert-4799",
securityAlertPolicyName: "Default",
serverName: "securityalert-6440",
state: azure_native.sql.SecurityAlertsPolicyState.Enabled,
});
resources:
databaseSecurityAlertPolicy:
type: azure-native:sql:DatabaseSecurityAlertPolicy
properties:
databaseName: testdb
resourceGroupName: securityalert-4799
securityAlertPolicyName: Default
serverName: securityalert-6440
state: Enabled
Create DatabaseSecurityAlertPolicy Resource
new DatabaseSecurityAlertPolicy(name: string, args: DatabaseSecurityAlertPolicyArgs, opts?: CustomResourceOptions);@overload
def DatabaseSecurityAlertPolicy(resource_name: str,
opts: Optional[ResourceOptions] = None,
database_name: Optional[str] = None,
disabled_alerts: Optional[Sequence[str]] = None,
email_account_admins: Optional[bool] = None,
email_addresses: Optional[Sequence[str]] = None,
resource_group_name: Optional[str] = None,
retention_days: Optional[int] = None,
security_alert_policy_name: Optional[str] = None,
server_name: Optional[str] = None,
state: Optional[SecurityAlertsPolicyState] = None,
storage_account_access_key: Optional[str] = None,
storage_endpoint: Optional[str] = None)
@overload
def DatabaseSecurityAlertPolicy(resource_name: str,
args: DatabaseSecurityAlertPolicyArgs,
opts: Optional[ResourceOptions] = None)func NewDatabaseSecurityAlertPolicy(ctx *Context, name string, args DatabaseSecurityAlertPolicyArgs, opts ...ResourceOption) (*DatabaseSecurityAlertPolicy, error)public DatabaseSecurityAlertPolicy(string name, DatabaseSecurityAlertPolicyArgs args, CustomResourceOptions? opts = null)
public DatabaseSecurityAlertPolicy(String name, DatabaseSecurityAlertPolicyArgs args)
public DatabaseSecurityAlertPolicy(String name, DatabaseSecurityAlertPolicyArgs args, CustomResourceOptions options)
type: azure-native:sql:DatabaseSecurityAlertPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DatabaseSecurityAlertPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args DatabaseSecurityAlertPolicyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args DatabaseSecurityAlertPolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DatabaseSecurityAlertPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args DatabaseSecurityAlertPolicyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
DatabaseSecurityAlertPolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The DatabaseSecurityAlertPolicy resource accepts the following input properties:
- Database
Name string The name of the database for which the security alert policy is defined.
- Resource
Group stringName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
- Server
Name string The name of the server.
- State
Pulumi.
Azure Native. Sql. Security Alerts Policy State Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database.
- Disabled
Alerts List<string> Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action, Brute_Force
- Email
Account boolAdmins Specifies that the alert is sent to the account administrators.
- Email
Addresses List<string> Specifies an array of e-mail addresses to which the alert is sent.
- Retention
Days int Specifies the number of days to keep in the Threat Detection audit logs.
- Security
Alert stringPolicy Name The name of the security alert policy.
- Storage
Account stringAccess Key Specifies the identifier key of the Threat Detection audit storage account.
- Storage
Endpoint string Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.
- Database
Name string The name of the database for which the security alert policy is defined.
- Resource
Group stringName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
- Server
Name string The name of the server.
- State
Security
Alerts Policy State Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database.
- Disabled
Alerts []string Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action, Brute_Force
- Email
Account boolAdmins Specifies that the alert is sent to the account administrators.
- Email
Addresses []string Specifies an array of e-mail addresses to which the alert is sent.
- Retention
Days int Specifies the number of days to keep in the Threat Detection audit logs.
- Security
Alert stringPolicy Name The name of the security alert policy.
- Storage
Account stringAccess Key Specifies the identifier key of the Threat Detection audit storage account.
- Storage
Endpoint string Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.
- database
Name String The name of the database for which the security alert policy is defined.
- resource
Group StringName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
- server
Name String The name of the server.
- state
Security
Alerts Policy State Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database.
- disabled
Alerts List<String> Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action, Brute_Force
- email
Account BooleanAdmins Specifies that the alert is sent to the account administrators.
- email
Addresses List<String> Specifies an array of e-mail addresses to which the alert is sent.
- retention
Days Integer Specifies the number of days to keep in the Threat Detection audit logs.
- security
Alert StringPolicy Name The name of the security alert policy.
- storage
Account StringAccess Key Specifies the identifier key of the Threat Detection audit storage account.
- storage
Endpoint String Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.
- database
Name string The name of the database for which the security alert policy is defined.
- resource
Group stringName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
- server
Name string The name of the server.
- state
Security
Alerts Policy State Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database.
- disabled
Alerts string[] Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action, Brute_Force
- email
Account booleanAdmins Specifies that the alert is sent to the account administrators.
- email
Addresses string[] Specifies an array of e-mail addresses to which the alert is sent.
- retention
Days number Specifies the number of days to keep in the Threat Detection audit logs.
- security
Alert stringPolicy Name The name of the security alert policy.
- storage
Account stringAccess Key Specifies the identifier key of the Threat Detection audit storage account.
- storage
Endpoint string Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.
- database_
name str The name of the database for which the security alert policy is defined.
- resource_
group_ strname The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
- server_
name str The name of the server.
- state
Security
Alerts Policy State Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database.
- disabled_
alerts Sequence[str] Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action, Brute_Force
- email_
account_ booladmins Specifies that the alert is sent to the account administrators.
- email_
addresses Sequence[str] Specifies an array of e-mail addresses to which the alert is sent.
- retention_
days int Specifies the number of days to keep in the Threat Detection audit logs.
- security_
alert_ strpolicy_ name The name of the security alert policy.
- storage_
account_ straccess_ key Specifies the identifier key of the Threat Detection audit storage account.
- storage_
endpoint str Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.
- database
Name String The name of the database for which the security alert policy is defined.
- resource
Group StringName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
- server
Name String The name of the server.
- state "Enabled" | "Disabled"
Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database.
- disabled
Alerts List<String> Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action, Brute_Force
- email
Account BooleanAdmins Specifies that the alert is sent to the account administrators.
- email
Addresses List<String> Specifies an array of e-mail addresses to which the alert is sent.
- retention
Days Number Specifies the number of days to keep in the Threat Detection audit logs.
- security
Alert StringPolicy Name The name of the security alert policy.
- storage
Account StringAccess Key Specifies the identifier key of the Threat Detection audit storage account.
- storage
Endpoint String Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.
Outputs
All input properties are implicitly available as output properties. Additionally, the DatabaseSecurityAlertPolicy resource produces the following output properties:
- Creation
Time string Specifies the UTC creation time of the policy.
- Id string
The provider-assigned unique ID for this managed resource.
- Name string
Resource name.
- System
Data Pulumi.Azure Native. Sql. Outputs. System Data Response SystemData of SecurityAlertPolicyResource.
- Type string
Resource type.
- Creation
Time string Specifies the UTC creation time of the policy.
- Id string
The provider-assigned unique ID for this managed resource.
- Name string
Resource name.
- System
Data SystemData Response SystemData of SecurityAlertPolicyResource.
- Type string
Resource type.
- creation
Time String Specifies the UTC creation time of the policy.
- id String
The provider-assigned unique ID for this managed resource.
- name String
Resource name.
- system
Data SystemData Response SystemData of SecurityAlertPolicyResource.
- type String
Resource type.
- creation
Time string Specifies the UTC creation time of the policy.
- id string
The provider-assigned unique ID for this managed resource.
- name string
Resource name.
- system
Data SystemData Response SystemData of SecurityAlertPolicyResource.
- type string
Resource type.
- creation_
time str Specifies the UTC creation time of the policy.
- id str
The provider-assigned unique ID for this managed resource.
- name str
Resource name.
- system_
data SystemData Response SystemData of SecurityAlertPolicyResource.
- type str
Resource type.
- creation
Time String Specifies the UTC creation time of the policy.
- id String
The provider-assigned unique ID for this managed resource.
- name String
Resource name.
- system
Data Property Map SystemData of SecurityAlertPolicyResource.
- type String
Resource type.
Supporting Types
SecurityAlertsPolicyState
- Enabled
- Enabled
- Disabled
- Disabled
- Security
Alerts Policy State Enabled - Enabled
- Security
Alerts Policy State Disabled - Disabled
- Enabled
- Enabled
- Disabled
- Disabled
- Enabled
- Enabled
- Disabled
- Disabled
- ENABLED
- Enabled
- DISABLED
- Disabled
- "Enabled"
- Enabled
- "Disabled"
- Disabled
SystemDataResponse
- Created
At string The timestamp of resource creation (UTC).
- Created
By string The identity that created the resource.
- Created
By stringType The type of identity that created the resource.
- Last
Modified stringAt The timestamp of resource last modification (UTC)
- Last
Modified stringBy The identity that last modified the resource.
- Last
Modified stringBy Type The type of identity that last modified the resource.
- Created
At string The timestamp of resource creation (UTC).
- Created
By string The identity that created the resource.
- Created
By stringType The type of identity that created the resource.
- Last
Modified stringAt The timestamp of resource last modification (UTC)
- Last
Modified stringBy The identity that last modified the resource.
- Last
Modified stringBy Type The type of identity that last modified the resource.
- created
At String The timestamp of resource creation (UTC).
- created
By String The identity that created the resource.
- created
By StringType The type of identity that created the resource.
- last
Modified StringAt The timestamp of resource last modification (UTC)
- last
Modified StringBy The identity that last modified the resource.
- last
Modified StringBy Type The type of identity that last modified the resource.
- created
At string The timestamp of resource creation (UTC).
- created
By string The identity that created the resource.
- created
By stringType The type of identity that created the resource.
- last
Modified stringAt The timestamp of resource last modification (UTC)
- last
Modified stringBy The identity that last modified the resource.
- last
Modified stringBy Type The type of identity that last modified the resource.
- created_
at str The timestamp of resource creation (UTC).
- created_
by str The identity that created the resource.
- created_
by_ strtype The type of identity that created the resource.
- last_
modified_ strat The timestamp of resource last modification (UTC)
- last_
modified_ strby The identity that last modified the resource.
- last_
modified_ strby_ type The type of identity that last modified the resource.
- created
At String The timestamp of resource creation (UTC).
- created
By String The identity that created the resource.
- created
By StringType The type of identity that created the resource.
- last
Modified StringAt The timestamp of resource last modification (UTC)
- last
Modified StringBy The identity that last modified the resource.
- last
Modified StringBy Type The type of identity that last modified the resource.
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:sql:DatabaseSecurityAlertPolicy Default /subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-4799/providers/Microsoft.Sql/servers/securityalert-6440/databases/testdb
Package Details
- Repository
- Azure Native pulumi/pulumi-azure-native
- License
- Apache-2.0