Pattern: Disabled threat detection for Azure MySQL database
Issue: -
Threat detection helps prevent compromise by alerting on threat detections.
Resolution: enable threat detection on MySQL database.
Example of incorrect code:
resource "azurerm_mysql_server" "bad_example" {
name = "bad_example"
public_network_access_enabled = true
ssl_enforcement_enabled = false
ssl_minimal_tls_version_enforced = "TLS1_2"
threat_detection_policy {
enabled = false
}
}Example of correct code:
resource "azurerm_mysql_server" "good_example" {
name = "good_example"
public_network_access_enabled = false
ssl_enforcement_enabled = false
ssl_minimal_tls_version_enforced = "TLS1_2"
threat_detection_policy {
enabled = true
}
}