Description

Subscription owners should be notified when there are security alerts. By ensuring the administrators of the account have been notified they can quickly assist in any required remediation

Resolution: Enable email to subscription owners.

Examples

Example of incorrect code:

resource "azurerm_mssql_server_security_alert_policy" "bad_example" {
  resource_group_name        = azurerm_resource_group.example.name
  server_name                = azurerm_sql_server.example.name
  state                      = "Enabled"
  storage_endpoint           = azurerm_storage_account.example.primary_blob_endpoint
  storage_account_access_key = azurerm_storage_account.example.primary_access_key
  disabled_alerts = [
  ]
  email_account_admins = false
}

Example of correct code:

resource "azurerm_mssql_server_security_alert_policy" "good_example" {
  resource_group_name        = azurerm_resource_group.example.name
  server_name                = azurerm_sql_server.example.name
  state                      = "Enabled"
  storage_endpoint           = azurerm_storage_account.example.primary_blob_endpoint
  storage_account_access_key = azurerm_storage_account.example.primary_access_key
  disabled_alerts = []

  email_account_admins = true
}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Files

azure-mssql-threat-alert-email-to-owner.md

azure-mssql-threat-alert-email-to-owner.md

Description

Examples

Files

azure-mssql-threat-alert-email-to-owner.md

Latest commit

History

azure-mssql-threat-alert-email-to-owner.md

File metadata and controls

Description

Examples