Docs Home
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.89.1 published on Sunday, Mar 2, 2025 by Pulumi
azure-native.sql.DatabaseThreatDetectionPolicy
Explore with Pulumi AI
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.89.1 published on Sunday, Mar 2, 2025 by Pulumi
Contains information about a database Threat Detection policy. Azure REST API version: 2014-04-01.
Example Usage
Create database security alert policy max
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var databaseThreatDetectionPolicy = new AzureNative.Sql.DatabaseThreatDetectionPolicy("databaseThreatDetectionPolicy", new()
{
DatabaseName = "testdb",
DisabledAlerts = "Sql_Injection;Usage_Anomaly;",
EmailAccountAdmins = AzureNative.Sql.SecurityAlertPolicyEmailAccountAdmins.Enabled,
EmailAddresses = "test@microsoft.com;user@microsoft.com",
ResourceGroupName = "securityalert-4799",
RetentionDays = 6,
SecurityAlertPolicyName = "default",
ServerName = "securityalert-6440",
State = AzureNative.Sql.SecurityAlertPolicyState.Enabled,
StorageAccountAccessKey = "sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD==",
StorageEndpoint = "https://mystorage.blob.core.windows.net",
UseServerDefault = AzureNative.Sql.SecurityAlertPolicyUseServerDefault.Enabled,
});
});
package main
import (
sql "github.com/pulumi/pulumi-azure-native-sdk/sql/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := sql.NewDatabaseThreatDetectionPolicy(ctx, "databaseThreatDetectionPolicy", &sql.DatabaseThreatDetectionPolicyArgs{
DatabaseName: pulumi.String("testdb"),
DisabledAlerts: pulumi.String("Sql_Injection;Usage_Anomaly;"),
EmailAccountAdmins: pulumi.String(sql.SecurityAlertPolicyEmailAccountAdminsEnabled),
EmailAddresses: pulumi.String("test@microsoft.com;user@microsoft.com"),
ResourceGroupName: pulumi.String("securityalert-4799"),
RetentionDays: pulumi.Int(6),
SecurityAlertPolicyName: pulumi.String("default"),
ServerName: pulumi.String("securityalert-6440"),
State: pulumi.String(sql.SecurityAlertPolicyStateEnabled),
StorageAccountAccessKey: pulumi.String("sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD=="),
StorageEndpoint: pulumi.String("https://mystorage.blob.core.windows.net"),
UseServerDefault: pulumi.String(sql.SecurityAlertPolicyUseServerDefaultEnabled),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.sql.DatabaseThreatDetectionPolicy;
import com.pulumi.azurenative.sql.DatabaseThreatDetectionPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var databaseThreatDetectionPolicy = new DatabaseThreatDetectionPolicy("databaseThreatDetectionPolicy", DatabaseThreatDetectionPolicyArgs.builder()
.databaseName("testdb")
.disabledAlerts("Sql_Injection;Usage_Anomaly;")
.emailAccountAdmins("Enabled")
.emailAddresses("test@microsoft.com;user@microsoft.com")
.resourceGroupName("securityalert-4799")
.retentionDays(6)
.securityAlertPolicyName("default")
.serverName("securityalert-6440")
.state("Enabled")
.storageAccountAccessKey("sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD==")
.storageEndpoint("https://mystorage.blob.core.windows.net")
.useServerDefault("Enabled")
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const databaseThreatDetectionPolicy = new azure_native.sql.DatabaseThreatDetectionPolicy("databaseThreatDetectionPolicy", {
databaseName: "testdb",
disabledAlerts: "Sql_Injection;Usage_Anomaly;",
emailAccountAdmins: azure_native.sql.SecurityAlertPolicyEmailAccountAdmins.Enabled,
emailAddresses: "test@microsoft.com;user@microsoft.com",
resourceGroupName: "securityalert-4799",
retentionDays: 6,
securityAlertPolicyName: "default",
serverName: "securityalert-6440",
state: azure_native.sql.SecurityAlertPolicyState.Enabled,
storageAccountAccessKey: "sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD==",
storageEndpoint: "https://mystorage.blob.core.windows.net",
useServerDefault: azure_native.sql.SecurityAlertPolicyUseServerDefault.Enabled,
});
import pulumi
import pulumi_azure_native as azure_native
database_threat_detection_policy = azure_native.sql.DatabaseThreatDetectionPolicy("databaseThreatDetectionPolicy",
database_name="testdb",
disabled_alerts="Sql_Injection;Usage_Anomaly;",
email_account_admins=azure_native.sql.SecurityAlertPolicyEmailAccountAdmins.ENABLED,
email_addresses="test@microsoft.com;user@microsoft.com",
resource_group_name="securityalert-4799",
retention_days=6,
security_alert_policy_name="default",
server_name="securityalert-6440",
state=azure_native.sql.SecurityAlertPolicyState.ENABLED,
storage_account_access_key="sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD==",
storage_endpoint="https://mystorage.blob.core.windows.net",
use_server_default=azure_native.sql.SecurityAlertPolicyUseServerDefault.ENABLED)
resources:
databaseThreatDetectionPolicy:
type: azure-native:sql:DatabaseThreatDetectionPolicy
properties:
databaseName: testdb
disabledAlerts: Sql_Injection;Usage_Anomaly;
emailAccountAdmins: Enabled
emailAddresses: test@microsoft.com;user@microsoft.com
resourceGroupName: securityalert-4799
retentionDays: 6
securityAlertPolicyName: default
serverName: securityalert-6440
state: Enabled
storageAccountAccessKey: sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD==
storageEndpoint: https://mystorage.blob.core.windows.net
useServerDefault: Enabled
Create database security alert policy min
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var databaseThreatDetectionPolicy = new AzureNative.Sql.DatabaseThreatDetectionPolicy("databaseThreatDetectionPolicy", new()
{
DatabaseName = "testdb",
ResourceGroupName = "securityalert-4799",
SecurityAlertPolicyName = "default",
ServerName = "securityalert-6440",
State = AzureNative.Sql.SecurityAlertPolicyState.Enabled,
StorageAccountAccessKey = "sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD==",
StorageEndpoint = "https://mystorage.blob.core.windows.net",
});
});
package main
import (
sql "github.com/pulumi/pulumi-azure-native-sdk/sql/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := sql.NewDatabaseThreatDetectionPolicy(ctx, "databaseThreatDetectionPolicy", &sql.DatabaseThreatDetectionPolicyArgs{
DatabaseName: pulumi.String("testdb"),
ResourceGroupName: pulumi.String("securityalert-4799"),
SecurityAlertPolicyName: pulumi.String("default"),
ServerName: pulumi.String("securityalert-6440"),
State: pulumi.String(sql.SecurityAlertPolicyStateEnabled),
StorageAccountAccessKey: pulumi.String("sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD=="),
StorageEndpoint: pulumi.String("https://mystorage.blob.core.windows.net"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.sql.DatabaseThreatDetectionPolicy;
import com.pulumi.azurenative.sql.DatabaseThreatDetectionPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var databaseThreatDetectionPolicy = new DatabaseThreatDetectionPolicy("databaseThreatDetectionPolicy", DatabaseThreatDetectionPolicyArgs.builder()
.databaseName("testdb")
.resourceGroupName("securityalert-4799")
.securityAlertPolicyName("default")
.serverName("securityalert-6440")
.state("Enabled")
.storageAccountAccessKey("sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD==")
.storageEndpoint("https://mystorage.blob.core.windows.net")
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const databaseThreatDetectionPolicy = new azure_native.sql.DatabaseThreatDetectionPolicy("databaseThreatDetectionPolicy", {
databaseName: "testdb",
resourceGroupName: "securityalert-4799",
securityAlertPolicyName: "default",
serverName: "securityalert-6440",
state: azure_native.sql.SecurityAlertPolicyState.Enabled,
storageAccountAccessKey: "sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD==",
storageEndpoint: "https://mystorage.blob.core.windows.net",
});
import pulumi
import pulumi_azure_native as azure_native
database_threat_detection_policy = azure_native.sql.DatabaseThreatDetectionPolicy("databaseThreatDetectionPolicy",
database_name="testdb",
resource_group_name="securityalert-4799",
security_alert_policy_name="default",
server_name="securityalert-6440",
state=azure_native.sql.SecurityAlertPolicyState.ENABLED,
storage_account_access_key="sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD==",
storage_endpoint="https://mystorage.blob.core.windows.net")
resources:
databaseThreatDetectionPolicy:
type: azure-native:sql:DatabaseThreatDetectionPolicy
properties:
databaseName: testdb
resourceGroupName: securityalert-4799
securityAlertPolicyName: default
serverName: securityalert-6440
state: Enabled
storageAccountAccessKey: sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD==
storageEndpoint: https://mystorage.blob.core.windows.net
Create DatabaseThreatDetectionPolicy Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new DatabaseThreatDetectionPolicy(name: string, args: DatabaseThreatDetectionPolicyArgs, opts?: CustomResourceOptions);@overload
def DatabaseThreatDetectionPolicy(resource_name: str,
args: DatabaseThreatDetectionPolicyArgs,
opts: Optional[ResourceOptions] = None)
@overload
def DatabaseThreatDetectionPolicy(resource_name: str,
opts: Optional[ResourceOptions] = None,
resource_group_name: Optional[str] = None,
state: Optional[Union[str, SecurityAlertPolicyState]] = None,
server_name: Optional[str] = None,
database_name: Optional[str] = None,
email_addresses: Optional[str] = None,
location: Optional[str] = None,
retention_days: Optional[int] = None,
security_alert_policy_name: Optional[str] = None,
email_account_admins: Optional[Union[str, SecurityAlertPolicyEmailAccountAdmins]] = None,
disabled_alerts: Optional[str] = None,
storage_account_access_key: Optional[str] = None,
storage_endpoint: Optional[str] = None,
use_server_default: Optional[Union[str, SecurityAlertPolicyUseServerDefault]] = None)func NewDatabaseThreatDetectionPolicy(ctx *Context, name string, args DatabaseThreatDetectionPolicyArgs, opts ...ResourceOption) (*DatabaseThreatDetectionPolicy, error)public DatabaseThreatDetectionPolicy(string name, DatabaseThreatDetectionPolicyArgs args, CustomResourceOptions? opts = null)
public DatabaseThreatDetectionPolicy(String name, DatabaseThreatDetectionPolicyArgs args)
public DatabaseThreatDetectionPolicy(String name, DatabaseThreatDetectionPolicyArgs args, CustomResourceOptions options)
type: azure-native:sql:DatabaseThreatDetectionPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args DatabaseThreatDetectionPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args DatabaseThreatDetectionPolicyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args DatabaseThreatDetectionPolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DatabaseThreatDetectionPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args DatabaseThreatDetectionPolicyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var databaseThreatDetectionPolicyResource = new AzureNative.Sql.DatabaseThreatDetectionPolicy("databaseThreatDetectionPolicyResource", new()
{
ResourceGroupName = "string",
State = "string",
ServerName = "string",
DatabaseName = "string",
EmailAddresses = "string",
Location = "string",
RetentionDays = 0,
SecurityAlertPolicyName = "string",
EmailAccountAdmins = "string",
DisabledAlerts = "string",
StorageAccountAccessKey = "string",
StorageEndpoint = "string",
UseServerDefault = "string",
});
example, err := sql.NewDatabaseThreatDetectionPolicy(ctx, "databaseThreatDetectionPolicyResource", &sql.DatabaseThreatDetectionPolicyArgs{
ResourceGroupName: pulumi.String("string"),
State: pulumi.String("string"),
ServerName: pulumi.String("string"),
DatabaseName: pulumi.String("string"),
EmailAddresses: pulumi.String("string"),
Location: pulumi.String("string"),
RetentionDays: pulumi.Int(0),
SecurityAlertPolicyName: pulumi.String("string"),
EmailAccountAdmins: pulumi.String("string"),
DisabledAlerts: pulumi.String("string"),
StorageAccountAccessKey: pulumi.String("string"),
StorageEndpoint: pulumi.String("string"),
UseServerDefault: pulumi.String("string"),
})
var databaseThreatDetectionPolicyResource = new DatabaseThreatDetectionPolicy("databaseThreatDetectionPolicyResource", DatabaseThreatDetectionPolicyArgs.builder()
.resourceGroupName("string")
.state("string")
.serverName("string")
.databaseName("string")
.emailAddresses("string")
.location("string")
.retentionDays(0)
.securityAlertPolicyName("string")
.emailAccountAdmins("string")
.disabledAlerts("string")
.storageAccountAccessKey("string")
.storageEndpoint("string")
.useServerDefault("string")
.build());
database_threat_detection_policy_resource = azure_native.sql.DatabaseThreatDetectionPolicy("databaseThreatDetectionPolicyResource",
resource_group_name="string",
state="string",
server_name="string",
database_name="string",
email_addresses="string",
location="string",
retention_days=0,
security_alert_policy_name="string",
email_account_admins="string",
disabled_alerts="string",
storage_account_access_key="string",
storage_endpoint="string",
use_server_default="string")
const databaseThreatDetectionPolicyResource = new azure_native.sql.DatabaseThreatDetectionPolicy("databaseThreatDetectionPolicyResource", {
resourceGroupName: "string",
state: "string",
serverName: "string",
databaseName: "string",
emailAddresses: "string",
location: "string",
retentionDays: 0,
securityAlertPolicyName: "string",
emailAccountAdmins: "string",
disabledAlerts: "string",
storageAccountAccessKey: "string",
storageEndpoint: "string",
useServerDefault: "string",
});
type: azure-native:sql:DatabaseThreatDetectionPolicy
properties:
databaseName: string
disabledAlerts: string
emailAccountAdmins: string
emailAddresses: string
location: string
resourceGroupName: string
retentionDays: 0
securityAlertPolicyName: string
serverName: string
state: string
storageAccountAccessKey: string
storageEndpoint: string
useServerDefault: string
DatabaseThreatDetectionPolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The DatabaseThreatDetectionPolicy resource accepts the following input properties:
- Database
Name string - The name of the database for which database Threat Detection policy is defined.
- Resource
Group stringName - The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
- Server
Name string - The name of the server.
- State
string | Pulumi.
Azure Native. Sql. Security Alert Policy State - Specifies the state of the policy. If state is Enabled, storageEndpoint and storageAccountAccessKey are required.
- Disabled
Alerts string - Specifies the semicolon-separated list of alerts that are disabled, or empty string to disable no alerts. Possible values: Sql_Injection; Sql_Injection_Vulnerability; Access_Anomaly; Data_Exfiltration; Unsafe_Action.
- Email
Account string | Pulumi.Admins Azure Native. Sql. Security Alert Policy Email Account Admins - Specifies that the alert is sent to the account administrators.
- Email
Addresses string - Specifies the semicolon-separated list of e-mail addresses to which the alert is sent.
- Location string
- The geo-location where the resource lives
- Retention
Days int - Specifies the number of days to keep in the Threat Detection audit logs.
- Security
Alert stringPolicy Name - The name of the security alert policy.
- Storage
Account stringAccess Key - Specifies the identifier key of the Threat Detection audit storage account. If state is Enabled, storageAccountAccessKey is required.
- Storage
Endpoint string - Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. If state is Enabled, storageEndpoint is required.
- Use
Server string | Pulumi.Default Azure Native. Sql. Security Alert Policy Use Server Default - Specifies whether to use the default server policy.
- Database
Name string - The name of the database for which database Threat Detection policy is defined.
- Resource
Group stringName - The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
- Server
Name string - The name of the server.
- State
string | Security
Alert Policy State - Specifies the state of the policy. If state is Enabled, storageEndpoint and storageAccountAccessKey are required.
- Disabled
Alerts string - Specifies the semicolon-separated list of alerts that are disabled, or empty string to disable no alerts. Possible values: Sql_Injection; Sql_Injection_Vulnerability; Access_Anomaly; Data_Exfiltration; Unsafe_Action.
- Email
Account string | SecurityAdmins Alert Policy Email Account Admins - Specifies that the alert is sent to the account administrators.
- Email
Addresses string - Specifies the semicolon-separated list of e-mail addresses to which the alert is sent.
- Location string
- The geo-location where the resource lives
- Retention
Days int - Specifies the number of days to keep in the Threat Detection audit logs.
- Security
Alert stringPolicy Name - The name of the security alert policy.
- Storage
Account stringAccess Key - Specifies the identifier key of the Threat Detection audit storage account. If state is Enabled, storageAccountAccessKey is required.
- Storage
Endpoint string - Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. If state is Enabled, storageEndpoint is required.
- Use
Server string | SecurityDefault Alert Policy Use Server Default - Specifies whether to use the default server policy.
- database
Name String - The name of the database for which database Threat Detection policy is defined.
- resource
Group StringName - The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
- server
Name String - The name of the server.
- state
String | Security
Alert Policy State - Specifies the state of the policy. If state is Enabled, storageEndpoint and storageAccountAccessKey are required.
- disabled
Alerts String - Specifies the semicolon-separated list of alerts that are disabled, or empty string to disable no alerts. Possible values: Sql_Injection; Sql_Injection_Vulnerability; Access_Anomaly; Data_Exfiltration; Unsafe_Action.
- email
Account String | SecurityAdmins Alert Policy Email Account Admins - Specifies that the alert is sent to the account administrators.
- email
Addresses String - Specifies the semicolon-separated list of e-mail addresses to which the alert is sent.
- location String
- The geo-location where the resource lives
- retention
Days Integer - Specifies the number of days to keep in the Threat Detection audit logs.
- security
Alert StringPolicy Name - The name of the security alert policy.
- storage
Account StringAccess Key - Specifies the identifier key of the Threat Detection audit storage account. If state is Enabled, storageAccountAccessKey is required.
- storage
Endpoint String - Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. If state is Enabled, storageEndpoint is required.
- use
Server String | SecurityDefault Alert Policy Use Server Default - Specifies whether to use the default server policy.
- database
Name string - The name of the database for which database Threat Detection policy is defined.
- resource
Group stringName - The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
- server
Name string - The name of the server.
- state
string | Security
Alert Policy State - Specifies the state of the policy. If state is Enabled, storageEndpoint and storageAccountAccessKey are required.
- disabled
Alerts string - Specifies the semicolon-separated list of alerts that are disabled, or empty string to disable no alerts. Possible values: Sql_Injection; Sql_Injection_Vulnerability; Access_Anomaly; Data_Exfiltration; Unsafe_Action.
- email
Account string | SecurityAdmins Alert Policy Email Account Admins - Specifies that the alert is sent to the account administrators.
- email
Addresses string - Specifies the semicolon-separated list of e-mail addresses to which the alert is sent.
- location string
- The geo-location where the resource lives
- retention
Days number - Specifies the number of days to keep in the Threat Detection audit logs.
- security
Alert stringPolicy Name - The name of the security alert policy.
- storage
Account stringAccess Key - Specifies the identifier key of the Threat Detection audit storage account. If state is Enabled, storageAccountAccessKey is required.
- storage
Endpoint string - Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. If state is Enabled, storageEndpoint is required.
- use
Server string | SecurityDefault Alert Policy Use Server Default - Specifies whether to use the default server policy.
- database_
name str - The name of the database for which database Threat Detection policy is defined.
- resource_
group_ strname - The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
- server_
name str - The name of the server.
- state
str | Security
Alert Policy State - Specifies the state of the policy. If state is Enabled, storageEndpoint and storageAccountAccessKey are required.
- disabled_
alerts str - Specifies the semicolon-separated list of alerts that are disabled, or empty string to disable no alerts. Possible values: Sql_Injection; Sql_Injection_Vulnerability; Access_Anomaly; Data_Exfiltration; Unsafe_Action.
- email_
account_ str | Securityadmins Alert Policy Email Account Admins - Specifies that the alert is sent to the account administrators.
- email_
addresses str - Specifies the semicolon-separated list of e-mail addresses to which the alert is sent.
- location str
- The geo-location where the resource lives
- retention_
days int - Specifies the number of days to keep in the Threat Detection audit logs.
- security_
alert_ strpolicy_ name - The name of the security alert policy.
- storage_
account_ straccess_ key - Specifies the identifier key of the Threat Detection audit storage account. If state is Enabled, storageAccountAccessKey is required.
- storage_
endpoint str - Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. If state is Enabled, storageEndpoint is required.
- use_
server_ str | Securitydefault Alert Policy Use Server Default - Specifies whether to use the default server policy.
- database
Name String - The name of the database for which database Threat Detection policy is defined.
- resource
Group StringName - The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
- server
Name String - The name of the server.
- state String | "New" | "Enabled" | "Disabled"
- Specifies the state of the policy. If state is Enabled, storageEndpoint and storageAccountAccessKey are required.
- disabled
Alerts String - Specifies the semicolon-separated list of alerts that are disabled, or empty string to disable no alerts. Possible values: Sql_Injection; Sql_Injection_Vulnerability; Access_Anomaly; Data_Exfiltration; Unsafe_Action.
- email
Account String | "Enabled" | "Disabled"Admins - Specifies that the alert is sent to the account administrators.
- email
Addresses String - Specifies the semicolon-separated list of e-mail addresses to which the alert is sent.
- location String
- The geo-location where the resource lives
- retention
Days Number - Specifies the number of days to keep in the Threat Detection audit logs.
- security
Alert StringPolicy Name - The name of the security alert policy.
- storage
Account StringAccess Key - Specifies the identifier key of the Threat Detection audit storage account. If state is Enabled, storageAccountAccessKey is required.
- storage
Endpoint String - Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. If state is Enabled, storageEndpoint is required.
- use
Server String | "Enabled" | "Disabled"Default - Specifies whether to use the default server policy.
Outputs
All input properties are implicitly available as output properties. Additionally, the DatabaseThreatDetectionPolicy resource produces the following output properties:
Supporting Types
SecurityAlertPolicyEmailAccountAdmins, SecurityAlertPolicyEmailAccountAdminsArgs
- Enabled
- Enabled
- Disabled
- Disabled
- Security
Alert Policy Email Account Admins Enabled - Enabled
- Security
Alert Policy Email Account Admins Disabled - Disabled
- Enabled
- Enabled
- Disabled
- Disabled
- Enabled
- Enabled
- Disabled
- Disabled
- ENABLED
- Enabled
- DISABLED
- Disabled
- "Enabled"
- Enabled
- "Disabled"
- Disabled
SecurityAlertPolicyState, SecurityAlertPolicyStateArgs
- New
- New
- Enabled
- Enabled
- Disabled
- Disabled
- Security
Alert Policy State New - New
- Security
Alert Policy State Enabled - Enabled
- Security
Alert Policy State Disabled - Disabled
- New
- New
- Enabled
- Enabled
- Disabled
- Disabled
- New
- New
- Enabled
- Enabled
- Disabled
- Disabled
- NEW
- New
- ENABLED
- Enabled
- DISABLED
- Disabled
- "New"
- New
- "Enabled"
- Enabled
- "Disabled"
- Disabled
SecurityAlertPolicyUseServerDefault, SecurityAlertPolicyUseServerDefaultArgs
- Enabled
- Enabled
- Disabled
- Disabled
- Security
Alert Policy Use Server Default Enabled - Enabled
- Security
Alert Policy Use Server Default Disabled - Disabled
- Enabled
- Enabled
- Disabled
- Disabled
- Enabled
- Enabled
- Disabled
- Disabled
- ENABLED
- Enabled
- DISABLED
- Disabled
- "Enabled"
- Enabled
- "Disabled"
- Disabled
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:sql:DatabaseThreatDetectionPolicy default /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/securityAlertPolicies/{securityAlertPolicyName}
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Native pulumi/pulumi-azure-native
- License
- Apache-2.0
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.89.1 published on Sunday, Mar 2, 2025 by Pulumi