Microsoft.Sql servers/databases/securityAlertPolicies 2014-04-01

Template format

To create a Microsoft.Sql/servers/databases/securityAlertPolicies resource, add the following JSON to the resources section of your template.

  "name": "string",
  "type": "Microsoft.Sql/servers/databases/securityAlertPolicies",
  "apiVersion": "2014-04-01",
  "location": "string",
  "properties": {
    "state": "string",
    "disabledAlerts": "string",
    "emailAddresses": "string",
    "emailAccountAdmins": "string",
    "storageEndpoint": "string",
    "storageAccountAccessKey": "string",
    "retentionDays": "integer",
    "useServerDefault": "string"

Property values

The following tables describe the values you need to set in the schema.

Microsoft.Sql/servers/databases/securityAlertPolicies object

Name Type Required Value
name string Yes The name of the security alert policy.
type enum Yes securityAlertPolicies

See Set name and type for child resources.
apiVersion enum Yes 2014-04-01
location string No The geo-location where the resource lives
properties object Yes Properties of the security alert policy. - DatabaseSecurityAlertPolicyProperties object

DatabaseSecurityAlertPolicyProperties object

Name Type Required Value
state enum Yes Specifies the state of the policy. If state is Enabled, storageEndpoint and storageAccountAccessKey are required. - New, Enabled, Disabled
disabledAlerts string No Specifies the semicolon-separated list of alerts that are disabled, or empty string to disable no alerts. Possible values: Sql_Injection; Sql_Injection_Vulnerability; Access_Anomaly; Data_Exfiltration; Unsafe_Action.
emailAddresses string No Specifies the semicolon-separated list of e-mail addresses to which the alert is sent.
emailAccountAdmins enum No Specifies that the alert is sent to the account administrators. - Enabled or Disabled
storageEndpoint string No Specifies the blob storage endpoint (e.g. This blob storage will hold all Threat Detection audit logs. If state is Enabled, storageEndpoint is required.
storageAccountAccessKey string No Specifies the identifier key of the Threat Detection audit storage account. If state is Enabled, storageAccountAccessKey is required.
retentionDays integer No Specifies the number of days to keep in the Threat Detection audit logs.
useServerDefault enum No Specifies whether to use the default server policy. - Enabled or Disabled

Quickstart templates

The following quickstart templates deploy this resource type.

Template Description
Azure SQL Server + multiple SQL DBs with Threat Detection

Deploy to Azure
This template allows you to deploy an Azure SQL Server and a user-defined number of Azure SQL Databases with Threat Detection enabled, with an email address to receive alerts for each database.