Class ServerSecurityAlertPolicy

Manages a Security Alert Policy for a MSSQL Server.

NOTE Security Alert Policy is currently only available for MS SQL databases.

Example Usage

using Pulumi;
using Azure = Pulumi.Azure;

class MyStack : Stack
{
public MyStack()
{
    var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new Azure.Core.ResourceGroupArgs
    {
        Location = "West US",
    });
    var exampleSqlServer = new Azure.Sql.SqlServer("exampleSqlServer", new Azure.Sql.SqlServerArgs
    {
        ResourceGroupName = exampleResourceGroup.Name,
        Location = exampleResourceGroup.Location,
        Version = "12.0",
        AdministratorLogin = "4dm1n157r470r",
        AdministratorLoginPassword = "4-v3ry-53cr37-p455w0rd",
    });
    var exampleAccount = new Azure.Storage.Account("exampleAccount", new Azure.Storage.AccountArgs
    {
        ResourceGroupName = exampleResourceGroup.Name,
        Location = exampleResourceGroup.Location,
        AccountTier = "Standard",
        AccountReplicationType = "GRS",
    });
    var exampleServerSecurityAlertPolicy = new Azure.MSSql.ServerSecurityAlertPolicy("exampleServerSecurityAlertPolicy", new Azure.MSSql.ServerSecurityAlertPolicyArgs
    {
        ResourceGroupName = exampleResourceGroup.Name,
        ServerName = exampleSqlServer.Name,
        State = "Enabled",
        StorageEndpoint = exampleAccount.PrimaryBlobEndpoint,
        StorageAccountAccessKey = exampleAccount.PrimaryAccessKey,
        DisabledAlerts = 
        {
            "Sql_Injection",
            "Data_Exfiltration",
        },
        RetentionDays = 20,
    });
}

}
Inheritance
System.Object
Resource
CustomResource
ServerSecurityAlertPolicy
Inherited Members
System.Object.Equals(System.Object)
System.Object.Equals(System.Object, System.Object)
System.Object.GetHashCode()
System.Object.GetType()
System.Object.MemberwiseClone()
System.Object.ReferenceEquals(System.Object, System.Object)
System.Object.ToString()
Namespace: Pulumi.Azure.MSSql
Assembly: Pulumi.Azure.dll
Syntax
public class ServerSecurityAlertPolicy : CustomResource

Constructors

View Source

ServerSecurityAlertPolicy(String, ServerSecurityAlertPolicyArgs, CustomResourceOptions)

Create a ServerSecurityAlertPolicy resource with the given unique name, arguments, and options.

Declaration
public ServerSecurityAlertPolicy(string name, ServerSecurityAlertPolicyArgs args, CustomResourceOptions options = null)
Parameters
Type Name Description
System.String name

The unique name of the resource
ServerSecurityAlertPolicyArgs args

The arguments used to populate this resource's properties
CustomResourceOptions options

A bag of options that control this resource's behavior

Properties

View Source

DisabledAlerts

Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action.

Declaration
public Output<ImmutableArray<string>> DisabledAlerts { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>
View Source

EmailAccountAdmins

Boolean flag which specifies if the alert is sent to the account administrators or not. Defaults to false.

Declaration
public Output<bool?> EmailAccountAdmins { get; }
Property Value
Type Description
Output<System.Nullable<System.Boolean>>
View Source

EmailAddresses

Specifies an array of e-mail addresses to which the alert is sent.

Declaration
public Output<ImmutableArray<string>> EmailAddresses { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>
View Source

ResourceGroupName

The name of the resource group that contains the MS SQL Server. Changing this forces a new resource to be created.

Declaration
public Output<string> ResourceGroupName { get; }
Property Value
Type Description
Output<System.String>
View Source

RetentionDays

Specifies the number of days to keep in the Threat Detection audit logs. Defaults to 0.

Declaration
public Output<int?> RetentionDays { get; }
Property Value
Type Description
Output<System.Nullable<System.Int32>>
View Source

ServerName

Specifies the name of the MS SQL Server. Changing this forces a new resource to be created.

Declaration
public Output<string> ServerName { get; }
Property Value
Type Description
Output<System.String>
View Source

State

Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database server. Allowed values are: Disabled, Enabled, New.

Declaration
public Output<string> State { get; }
Property Value
Type Description
Output<System.String>
View Source

StorageAccountAccessKey

Specifies the identifier key of the Threat Detection audit storage account.

Declaration
public Output<string> StorageAccountAccessKey { get; }
Property Value
Type Description
Output<System.String>
View Source

StorageEndpoint

Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.

Declaration
public Output<string> StorageEndpoint { get; }
Property Value
Type Description
Output<System.String>

Methods

View Source

Get(String, Input<String>, ServerSecurityAlertPolicyState, CustomResourceOptions)

Get an existing ServerSecurityAlertPolicy resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

Declaration
public static ServerSecurityAlertPolicy Get(string name, Input<string> id, ServerSecurityAlertPolicyState state = null, CustomResourceOptions options = null)
Parameters
Type Name Description
System.String name

The unique name of the resulting resource.
Input<System.String> id

The unique provider ID of the resource to lookup.
ServerSecurityAlertPolicyState state

Any extra arguments used during the lookup.
CustomResourceOptions options

A bag of options that control this resource's behavior
Returns
Type Description
ServerSecurityAlertPolicy