Microsoft.Sql servers/databases/securityAlertPolicies 2014-04-01
Bicep resource definition
The servers/databases/securityAlertPolicies resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Sql/servers/databases/securityAlertPolicies resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Sql/servers/databases/securityAlertPolicies@2014-04-01' = {
name: 'default'
location: 'string'
parent: resourceSymbolicName
properties: {
disabledAlerts: 'string'
emailAccountAdmins: 'string'
emailAddresses: 'string'
retentionDays: int
state: 'string'
storageAccountAccessKey: 'string'
storageEndpoint: 'string'
useServerDefault: 'string'
}
}
Property values
servers/databases/securityAlertPolicies
| Name | Description | Value |
|---|---|---|
| name | The resource name See how to set names and types for child resources in Bicep. |
'default' |
| location | The geo-location where the resource lives | string |
| parent | In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource. For more information, see Child resource outside parent resource. |
Symbolic name for resource of type: databases |
| properties | Properties of the security alert policy. | DatabaseSecurityAlertPolicyProperties |
DatabaseSecurityAlertPolicyProperties
| Name | Description | Value |
|---|---|---|
| disabledAlerts | Specifies the semicolon-separated list of alerts that are disabled, or empty string to disable no alerts. Possible values: Sql_Injection; Sql_Injection_Vulnerability; Access_Anomaly; Data_Exfiltration; Unsafe_Action. | string |
| emailAccountAdmins | Specifies that the alert is sent to the account administrators. | 'Disabled' 'Enabled' |
| emailAddresses | Specifies the semicolon-separated list of e-mail addresses to which the alert is sent. | string |
| retentionDays | Specifies the number of days to keep in the Threat Detection audit logs. | int |
| state | Specifies the state of the policy. If state is Enabled, storageEndpoint and storageAccountAccessKey are required. | 'Disabled' 'Enabled' 'New' (required) |
| storageAccountAccessKey | Specifies the identifier key of the Threat Detection audit storage account. If state is Enabled, storageAccountAccessKey is required. | string |
| storageEndpoint | Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. If state is Enabled, storageEndpoint is required. |
string |
| useServerDefault | Specifies whether to use the default server policy. | 'Disabled' 'Enabled' |
ARM template resource definition
The servers/databases/securityAlertPolicies resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Sql/servers/databases/securityAlertPolicies resource, add the following JSON to your template.
{
"type": "Microsoft.Sql/servers/databases/securityAlertPolicies",
"apiVersion": "2014-04-01",
"name": "default",
"location": "string",
"properties": {
"disabledAlerts": "string",
"emailAccountAdmins": "string",
"emailAddresses": "string",
"retentionDays": "int",
"state": "string",
"storageAccountAccessKey": "string",
"storageEndpoint": "string",
"useServerDefault": "string"
}
}
Property values
servers/databases/securityAlertPolicies
| Name | Description | Value |
|---|---|---|
| type | The resource type | 'Microsoft.Sql/servers/databases/securityAlertPolicies' |
| apiVersion | The resource api version | '2014-04-01' |
| name | The resource name See how to set names and types for child resources in JSON ARM templates. |
'default' |
| location | The geo-location where the resource lives | string |
| properties | Properties of the security alert policy. | DatabaseSecurityAlertPolicyProperties |
DatabaseSecurityAlertPolicyProperties
| Name | Description | Value |
|---|---|---|
| disabledAlerts | Specifies the semicolon-separated list of alerts that are disabled, or empty string to disable no alerts. Possible values: Sql_Injection; Sql_Injection_Vulnerability; Access_Anomaly; Data_Exfiltration; Unsafe_Action. | string |
| emailAccountAdmins | Specifies that the alert is sent to the account administrators. | 'Disabled' 'Enabled' |
| emailAddresses | Specifies the semicolon-separated list of e-mail addresses to which the alert is sent. | string |
| retentionDays | Specifies the number of days to keep in the Threat Detection audit logs. | int |
| state | Specifies the state of the policy. If state is Enabled, storageEndpoint and storageAccountAccessKey are required. | 'Disabled' 'Enabled' 'New' (required) |
| storageAccountAccessKey | Specifies the identifier key of the Threat Detection audit storage account. If state is Enabled, storageAccountAccessKey is required. | string |
| storageEndpoint | Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. If state is Enabled, storageEndpoint is required. |
string |
| useServerDefault | Specifies whether to use the default server policy. | 'Disabled' 'Enabled' |
Terraform (AzAPI provider) resource definition
The servers/databases/securityAlertPolicies resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Sql/servers/databases/securityAlertPolicies resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Sql/servers/databases/securityAlertPolicies@2014-04-01"
name = "default"
location = "string"
parent_id = "string"
body = jsonencode({
properties = {
disabledAlerts = "string"
emailAccountAdmins = "string"
emailAddresses = "string"
retentionDays = int
state = "string"
storageAccountAccessKey = "string"
storageEndpoint = "string"
useServerDefault = "string"
}
})
}
Property values
servers/databases/securityAlertPolicies
| Name | Description | Value |
|---|---|---|
| type | The resource type | "Microsoft.Sql/servers/databases/securityAlertPolicies@2014-04-01" |
| name | The resource name | "default" |
| location | The geo-location where the resource lives | string |
| parent_id | The ID of the resource that is the parent for this resource. | ID for resource of type: databases |
| properties | Properties of the security alert policy. | DatabaseSecurityAlertPolicyProperties |
DatabaseSecurityAlertPolicyProperties
| Name | Description | Value |
|---|---|---|
| disabledAlerts | Specifies the semicolon-separated list of alerts that are disabled, or empty string to disable no alerts. Possible values: Sql_Injection; Sql_Injection_Vulnerability; Access_Anomaly; Data_Exfiltration; Unsafe_Action. | string |
| emailAccountAdmins | Specifies that the alert is sent to the account administrators. | "Disabled" "Enabled" |
| emailAddresses | Specifies the semicolon-separated list of e-mail addresses to which the alert is sent. | string |
| retentionDays | Specifies the number of days to keep in the Threat Detection audit logs. | int |
| state | Specifies the state of the policy. If state is Enabled, storageEndpoint and storageAccountAccessKey are required. | "Disabled" "Enabled" "New" (required) |
| storageAccountAccessKey | Specifies the identifier key of the Threat Detection audit storage account. If state is Enabled, storageAccountAccessKey is required. | string |
| storageEndpoint | Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. If state is Enabled, storageEndpoint is required. |
string |
| useServerDefault | Specifies whether to use the default server policy. | "Disabled" "Enabled" |