Microsoft.Sql servers/securityAlertPolicies 2021-02-01-preview

Bicep resource definition

The servers/securityAlertPolicies resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Sql/servers/securityAlertPolicies resource, add the following Bicep to your template.

resource symbolicname 'Microsoft.Sql/servers/securityAlertPolicies@2021-02-01-preview' = {
  parent: resourceSymbolicName
  name: 'string'
  properties: {
    disabledAlerts: [
      'string'
    ]
    emailAccountAdmins: bool
    emailAddresses: [
      'string'
    ]
    retentionDays: int
    state: 'string'
    storageAccountAccessKey: 'string'
    storageEndpoint: 'string'
  }
}

Property values

Microsoft.Sql/servers/securityAlertPolicies

Name Description Value
name The resource name 'Default' (required)
parent In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource.

For more information, see Child resource outside parent resource.
Symbolic name for resource of type: servers
properties Resource properties. SecurityAlertsPolicyProperties

SecurityAlertsPolicyProperties

Name Description Value
disabledAlerts Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action, Brute_Force string[]
emailAccountAdmins Specifies that the alert is sent to the account administrators. bool
emailAddresses Specifies an array of e-mail addresses to which the alert is sent. string[]
retentionDays Specifies the number of days to keep in the Threat Detection audit logs. int
state Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database. 'Disabled'
'Enabled' (required)
storageAccountAccessKey Specifies the identifier key of the Threat Detection audit storage account. string
storageEndpoint Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. string

Quickstart samples

The following quickstart samples deploy this resource type.

Bicep File Description
Dedicated SQL pool with Transparent Encryption Creates a SQL Server and a Dedicated SQL pool (formerly SQL DW) with Transparent Data Encryption.

ARM template resource definition

The servers/securityAlertPolicies resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Sql/servers/securityAlertPolicies resource, add the following JSON to your template.

{
  "type": "Microsoft.Sql/servers/securityAlertPolicies",
  "apiVersion": "2021-02-01-preview",
  "name": "string",
  "properties": {
    "disabledAlerts": [ "string" ],
    "emailAccountAdmins": "bool",
    "emailAddresses": [ "string" ],
    "retentionDays": "int",
    "state": "string",
    "storageAccountAccessKey": "string",
    "storageEndpoint": "string"
  }
}

Property values

Microsoft.Sql/servers/securityAlertPolicies

Name Description Value
apiVersion The api version '2021-02-01-preview'
name The resource name 'Default' (required)
properties Resource properties. SecurityAlertsPolicyProperties
type The resource type 'Microsoft.Sql/servers/securityAlertPolicies'

SecurityAlertsPolicyProperties

Name Description Value
disabledAlerts Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action, Brute_Force string[]
emailAccountAdmins Specifies that the alert is sent to the account administrators. bool
emailAddresses Specifies an array of e-mail addresses to which the alert is sent. string[]
retentionDays Specifies the number of days to keep in the Threat Detection audit logs. int
state Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database. 'Disabled'
'Enabled' (required)
storageAccountAccessKey Specifies the identifier key of the Threat Detection audit storage account. string
storageEndpoint Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. string

Quickstart templates

The following quickstart templates deploy this resource type.

Template Description
Dedicated SQL pool with Transparent Encryption

Deploy to Azure
Creates a SQL Server and a Dedicated SQL pool (formerly SQL DW) with Transparent Data Encryption.

Terraform (AzAPI provider) resource definition

The servers/securityAlertPolicies resource type can be deployed with operations that target:

  • Resource groups

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Sql/servers/securityAlertPolicies resource, add the following Terraform to your template.

resource "azapi_resource" "symbolicname" {
  type = "Microsoft.Sql/servers/securityAlertPolicies@2021-02-01-preview"
  name = "string"
  body = jsonencode({
    properties = {
      disabledAlerts = [
        "string"
      ]
      emailAccountAdmins = bool
      emailAddresses = [
        "string"
      ]
      retentionDays = int
      state = "string"
      storageAccountAccessKey = "string"
      storageEndpoint = "string"
    }
  })
}

Property values

Microsoft.Sql/servers/securityAlertPolicies

Name Description Value
name The resource name 'Default' (required)
parent_id The ID of the resource that is the parent for this resource. ID for resource of type: servers
properties Resource properties. SecurityAlertsPolicyProperties
type The resource type "Microsoft.Sql/servers/securityAlertPolicies@2021-02-01-preview"

SecurityAlertsPolicyProperties

Name Description Value
disabledAlerts Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action, Brute_Force string[]
emailAccountAdmins Specifies that the alert is sent to the account administrators. bool
emailAddresses Specifies an array of e-mail addresses to which the alert is sent. string[]
retentionDays Specifies the number of days to keep in the Threat Detection audit logs. int
state Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database. 'Disabled'
'Enabled' (required)
storageAccountAccessKey Specifies the identifier key of the Threat Detection audit storage account. string
storageEndpoint Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. string