Microsoft.Sql managedInstances/databases/securityAlertPolicies

The managedInstances/databases/securityAlertPolicies resource type can be deployed to: Resource groups.

To learn about resource group deployments, see Bicep or ARM template.

Template format

To create a Microsoft.Sql/managedInstances/databases/securityAlertPolicies resource, add the following Bicep or JSON to your template.

resource symbolicname 'Microsoft.Sql/managedInstances/databases/securityAlertPolicies@2021-02-01-preview' = {
  name: 'default'
  properties: {
    disabledAlerts: [ 'string' ]
    emailAccountAdmins: bool
    emailAddresses: [ 'string' ]
    retentionDays: int
    state: 'string'
    storageAccountAccessKey: 'string'
    storageEndpoint: 'string'

Property values


Name Description Value
type The resource type

For Bicep, set this value in the resource declaration.
apiVersion The resource api version

For Bicep, set this value in the resource declaration.
name The resource name

See how to set names and types for child resources in Bicep or JSON ARM templates.
properties Properties of a security alert policy. SecurityAlertPolicyProperties


Name Description Value
disabledAlerts Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action, Brute_Force string[]
emailAccountAdmins Specifies that the alert is sent to the account administrators. bool
emailAddresses Specifies an array of e-mail addresses to which the alert is sent. string[]
retentionDays Specifies the number of days to keep in the Threat Detection audit logs. int
state Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database. 'Disabled'
storageAccountAccessKey Specifies the identifier key of the Threat Detection audit storage account. string
storageEndpoint Specifies the blob storage endpoint (e.g. This blob storage will hold all Threat Detection audit logs. string