com.pulumi.azure.mssql.kotlin.ServerSecurityAlertPolicyArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-azure-kotlin Show documentation
Show all versions of pulumi-azure-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.azure.mssql.kotlin
import com.pulumi.azure.mssql.ServerSecurityAlertPolicyArgs.builder
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import kotlin.Boolean
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.collections.List
import kotlin.jvm.JvmName
/**
* Manages a Security Alert Policy for a MSSQL Server.
* > **NOTE** Security Alert Policy is currently only available for MS SQL databases.
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azure from "@pulumi/azure";
* const example = new azure.core.ResourceGroup("example", {
* name: "example-resources",
* location: "West Europe",
* });
* const exampleSqlServer = new azure.sql.SqlServer("example", {
* name: "mysqlserver",
* resourceGroupName: example.name,
* location: example.location,
* version: "12.0",
* administratorLogin: "4dm1n157r470r",
* administratorLoginPassword: "4-v3ry-53cr37-p455w0rd",
* });
* const exampleAccount = new azure.storage.Account("example", {
* name: "accteststorageaccount",
* resourceGroupName: example.name,
* location: example.location,
* accountTier: "Standard",
* accountReplicationType: "GRS",
* });
* const exampleServerSecurityAlertPolicy = new azure.mssql.ServerSecurityAlertPolicy("example", {
* resourceGroupName: example.name,
* serverName: exampleSqlServer.name,
* state: "Enabled",
* storageEndpoint: exampleAccount.primaryBlobEndpoint,
* storageAccountAccessKey: exampleAccount.primaryAccessKey,
* disabledAlerts: [
* "Sql_Injection",
* "Data_Exfiltration",
* ],
* retentionDays: 20,
* });
* ```
* ```python
* import pulumi
* import pulumi_azure as azure
* example = azure.core.ResourceGroup("example",
* name="example-resources",
* location="West Europe")
* example_sql_server = azure.sql.SqlServer("example",
* name="mysqlserver",
* resource_group_name=example.name,
* location=example.location,
* version="12.0",
* administrator_login="4dm1n157r470r",
* administrator_login_password="4-v3ry-53cr37-p455w0rd")
* example_account = azure.storage.Account("example",
* name="accteststorageaccount",
* resource_group_name=example.name,
* location=example.location,
* account_tier="Standard",
* account_replication_type="GRS")
* example_server_security_alert_policy = azure.mssql.ServerSecurityAlertPolicy("example",
* resource_group_name=example.name,
* server_name=example_sql_server.name,
* state="Enabled",
* storage_endpoint=example_account.primary_blob_endpoint,
* storage_account_access_key=example_account.primary_access_key,
* disabled_alerts=[
* "Sql_Injection",
* "Data_Exfiltration",
* ],
* retention_days=20)
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Azure = Pulumi.Azure;
* return await Deployment.RunAsync(() =>
* {
* var example = new Azure.Core.ResourceGroup("example", new()
* {
* Name = "example-resources",
* Location = "West Europe",
* });
* var exampleSqlServer = new Azure.Sql.SqlServer("example", new()
* {
* Name = "mysqlserver",
* ResourceGroupName = example.Name,
* Location = example.Location,
* Version = "12.0",
* AdministratorLogin = "4dm1n157r470r",
* AdministratorLoginPassword = "4-v3ry-53cr37-p455w0rd",
* });
* var exampleAccount = new Azure.Storage.Account("example", new()
* {
* Name = "accteststorageaccount",
* ResourceGroupName = example.Name,
* Location = example.Location,
* AccountTier = "Standard",
* AccountReplicationType = "GRS",
* });
* var exampleServerSecurityAlertPolicy = new Azure.MSSql.ServerSecurityAlertPolicy("example", new()
* {
* ResourceGroupName = example.Name,
* ServerName = exampleSqlServer.Name,
* State = "Enabled",
* StorageEndpoint = exampleAccount.PrimaryBlobEndpoint,
* StorageAccountAccessKey = exampleAccount.PrimaryAccessKey,
* DisabledAlerts = new[]
* {
* "Sql_Injection",
* "Data_Exfiltration",
* },
* RetentionDays = 20,
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/mssql"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/sql"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
* Name: pulumi.String("example-resources"),
* Location: pulumi.String("West Europe"),
* })
* if err != nil {
* return err
* }
* exampleSqlServer, err := sql.NewSqlServer(ctx, "example", &sql.SqlServerArgs{
* Name: pulumi.String("mysqlserver"),
* ResourceGroupName: example.Name,
* Location: example.Location,
* Version: pulumi.String("12.0"),
* AdministratorLogin: pulumi.String("4dm1n157r470r"),
* AdministratorLoginPassword: pulumi.String("4-v3ry-53cr37-p455w0rd"),
* })
* if err != nil {
* return err
* }
* exampleAccount, err := storage.NewAccount(ctx, "example", &storage.AccountArgs{
* Name: pulumi.String("accteststorageaccount"),
* ResourceGroupName: example.Name,
* Location: example.Location,
* AccountTier: pulumi.String("Standard"),
* AccountReplicationType: pulumi.String("GRS"),
* })
* if err != nil {
* return err
* }
* _, err = mssql.NewServerSecurityAlertPolicy(ctx, "example", &mssql.ServerSecurityAlertPolicyArgs{
* ResourceGroupName: example.Name,
* ServerName: exampleSqlServer.Name,
* State: pulumi.String("Enabled"),
* StorageEndpoint: exampleAccount.PrimaryBlobEndpoint,
* StorageAccountAccessKey: exampleAccount.PrimaryAccessKey,
* DisabledAlerts: pulumi.StringArray{
* pulumi.String("Sql_Injection"),
* pulumi.String("Data_Exfiltration"),
* },
* RetentionDays: pulumi.Int(20),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.sql.SqlServer;
* import com.pulumi.azure.sql.SqlServerArgs;
* import com.pulumi.azure.storage.Account;
* import com.pulumi.azure.storage.AccountArgs;
* import com.pulumi.azure.mssql.ServerSecurityAlertPolicy;
* import com.pulumi.azure.mssql.ServerSecurityAlertPolicyArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var example = new ResourceGroup("example", ResourceGroupArgs.builder()
* .name("example-resources")
* .location("West Europe")
* .build());
* var exampleSqlServer = new SqlServer("exampleSqlServer", SqlServerArgs.builder()
* .name("mysqlserver")
* .resourceGroupName(example.name())
* .location(example.location())
* .version("12.0")
* .administratorLogin("4dm1n157r470r")
* .administratorLoginPassword("4-v3ry-53cr37-p455w0rd")
* .build());
* var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
* .name("accteststorageaccount")
* .resourceGroupName(example.name())
* .location(example.location())
* .accountTier("Standard")
* .accountReplicationType("GRS")
* .build());
* var exampleServerSecurityAlertPolicy = new ServerSecurityAlertPolicy("exampleServerSecurityAlertPolicy", ServerSecurityAlertPolicyArgs.builder()
* .resourceGroupName(example.name())
* .serverName(exampleSqlServer.name())
* .state("Enabled")
* .storageEndpoint(exampleAccount.primaryBlobEndpoint())
* .storageAccountAccessKey(exampleAccount.primaryAccessKey())
* .disabledAlerts(
* "Sql_Injection",
* "Data_Exfiltration")
* .retentionDays(20)
* .build());
* }
* }
* ```
* ```yaml
* resources:
* example:
* type: azure:core:ResourceGroup
* properties:
* name: example-resources
* location: West Europe
* exampleSqlServer:
* type: azure:sql:SqlServer
* name: example
* properties:
* name: mysqlserver
* resourceGroupName: ${example.name}
* location: ${example.location}
* version: '12.0'
* administratorLogin: 4dm1n157r470r
* administratorLoginPassword: 4-v3ry-53cr37-p455w0rd
* exampleAccount:
* type: azure:storage:Account
* name: example
* properties:
* name: accteststorageaccount
* resourceGroupName: ${example.name}
* location: ${example.location}
* accountTier: Standard
* accountReplicationType: GRS
* exampleServerSecurityAlertPolicy:
* type: azure:mssql:ServerSecurityAlertPolicy
* name: example
* properties:
* resourceGroupName: ${example.name}
* serverName: ${exampleSqlServer.name}
* state: Enabled
* storageEndpoint: ${exampleAccount.primaryBlobEndpoint}
* storageAccountAccessKey: ${exampleAccount.primaryAccessKey}
* disabledAlerts:
* - Sql_Injection
* - Data_Exfiltration
* retentionDays: 20
* ```
*
* ## Import
* MS SQL Server Security Alert Policy can be imported using the `resource id`, e.g.
* ```sh
* $ pulumi import azure:mssql/serverSecurityAlertPolicy:ServerSecurityAlertPolicy example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/acceptanceTestResourceGroup1/providers/Microsoft.Sql/servers/mssqlserver/securityAlertPolicies/Default
* ```
* @property disabledAlerts Specifies an array of alerts that are disabled. Allowed values are: `Sql_Injection`, `Sql_Injection_Vulnerability`, `Access_Anomaly`, `Data_Exfiltration`, `Unsafe_Action`.
* @property emailAccountAdmins Boolean flag which specifies if the alert is sent to the account administrators or not. Defaults to `false`.
* @property emailAddresses Specifies an array of email addresses to which the alert is sent.
* @property resourceGroupName The name of the resource group that contains the MS SQL Server. Changing this forces a new resource to be created.
* @property retentionDays Specifies the number of days to keep in the Threat Detection audit logs. Defaults to `0`.
* @property serverName Specifies the name of the MS SQL Server. Changing this forces a new resource to be created.
* @property state Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database server. Possible values are `Disabled`, `Enabled` and `New`.
* @property storageAccountAccessKey Specifies the identifier key of the Threat Detection audit storage account. This is mandatory when you use `storage_endpoint` to specify a storage account blob endpoint.
* > **NOTE:** Please note that storage accounts configured with `shared_access_key_enabled = false` cannot be used to configure `azure.mssql.ServerSecurityAlertPolicy` with `storage_endpoint` for now.
* @property storageEndpoint Specifies the blob storage endpoint (e.g. ). This blob storage will hold all Threat Detection audit logs.
*/
public data class ServerSecurityAlertPolicyArgs(
public val disabledAlerts: Output>? = null,
public val emailAccountAdmins: Output? = null,
public val emailAddresses: Output>? = null,
public val resourceGroupName: Output? = null,
public val retentionDays: Output? = null,
public val serverName: Output? = null,
public val state: Output? = null,
public val storageAccountAccessKey: Output? = null,
public val storageEndpoint: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.azure.mssql.ServerSecurityAlertPolicyArgs =
com.pulumi.azure.mssql.ServerSecurityAlertPolicyArgs.builder()
.disabledAlerts(disabledAlerts?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.emailAccountAdmins(emailAccountAdmins?.applyValue({ args0 -> args0 }))
.emailAddresses(emailAddresses?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.resourceGroupName(resourceGroupName?.applyValue({ args0 -> args0 }))
.retentionDays(retentionDays?.applyValue({ args0 -> args0 }))
.serverName(serverName?.applyValue({ args0 -> args0 }))
.state(state?.applyValue({ args0 -> args0 }))
.storageAccountAccessKey(storageAccountAccessKey?.applyValue({ args0 -> args0 }))
.storageEndpoint(storageEndpoint?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [ServerSecurityAlertPolicyArgs].
*/
@PulumiTagMarker
public class ServerSecurityAlertPolicyArgsBuilder internal constructor() {
private var disabledAlerts: Output>? = null
private var emailAccountAdmins: Output? = null
private var emailAddresses: Output>? = null
private var resourceGroupName: Output? = null
private var retentionDays: Output? = null
private var serverName: Output? = null
private var state: Output? = null
private var storageAccountAccessKey: Output? = null
private var storageEndpoint: Output? = null
/**
* @param value Specifies an array of alerts that are disabled. Allowed values are: `Sql_Injection`, `Sql_Injection_Vulnerability`, `Access_Anomaly`, `Data_Exfiltration`, `Unsafe_Action`.
*/
@JvmName("oplbmlrbrregmyqy")
public suspend fun disabledAlerts(`value`: Output>) {
this.disabledAlerts = value
}
@JvmName("rjkmrbumamlejrny")
public suspend fun disabledAlerts(vararg values: Output) {
this.disabledAlerts = Output.all(values.asList())
}
/**
* @param values Specifies an array of alerts that are disabled. Allowed values are: `Sql_Injection`, `Sql_Injection_Vulnerability`, `Access_Anomaly`, `Data_Exfiltration`, `Unsafe_Action`.
*/
@JvmName("uqtnretidkttalgm")
public suspend fun disabledAlerts(values: List>) {
this.disabledAlerts = Output.all(values)
}
/**
* @param value Boolean flag which specifies if the alert is sent to the account administrators or not. Defaults to `false`.
*/
@JvmName("wagioinuncidimyx")
public suspend fun emailAccountAdmins(`value`: Output) {
this.emailAccountAdmins = value
}
/**
* @param value Specifies an array of email addresses to which the alert is sent.
*/
@JvmName("cgxuxkkfeaoybacp")
public suspend fun emailAddresses(`value`: Output>) {
this.emailAddresses = value
}
@JvmName("vtqgefrffifxtlqe")
public suspend fun emailAddresses(vararg values: Output) {
this.emailAddresses = Output.all(values.asList())
}
/**
* @param values Specifies an array of email addresses to which the alert is sent.
*/
@JvmName("nqmugtsuylnqdbst")
public suspend fun emailAddresses(values: List>) {
this.emailAddresses = Output.all(values)
}
/**
* @param value The name of the resource group that contains the MS SQL Server. Changing this forces a new resource to be created.
*/
@JvmName("byhmyhfdjjnnkltv")
public suspend fun resourceGroupName(`value`: Output) {
this.resourceGroupName = value
}
/**
* @param value Specifies the number of days to keep in the Threat Detection audit logs. Defaults to `0`.
*/
@JvmName("silmdnwpjkmsqkoj")
public suspend fun retentionDays(`value`: Output) {
this.retentionDays = value
}
/**
* @param value Specifies the name of the MS SQL Server. Changing this forces a new resource to be created.
*/
@JvmName("mluhhbsmjinslluj")
public suspend fun serverName(`value`: Output) {
this.serverName = value
}
/**
* @param value Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database server. Possible values are `Disabled`, `Enabled` and `New`.
*/
@JvmName("edgrcyqkghxnxsit")
public suspend fun state(`value`: Output) {
this.state = value
}
/**
* @param value Specifies the identifier key of the Threat Detection audit storage account. This is mandatory when you use `storage_endpoint` to specify a storage account blob endpoint.
* > **NOTE:** Please note that storage accounts configured with `shared_access_key_enabled = false` cannot be used to configure `azure.mssql.ServerSecurityAlertPolicy` with `storage_endpoint` for now.
*/
@JvmName("euerwrawstdwjbbq")
public suspend fun storageAccountAccessKey(`value`: Output) {
this.storageAccountAccessKey = value
}
/**
* @param value Specifies the blob storage endpoint (e.g. ). This blob storage will hold all Threat Detection audit logs.
*/
@JvmName("tnddtpmhyybougxf")
public suspend fun storageEndpoint(`value`: Output) {
this.storageEndpoint = value
}
/**
* @param value Specifies an array of alerts that are disabled. Allowed values are: `Sql_Injection`, `Sql_Injection_Vulnerability`, `Access_Anomaly`, `Data_Exfiltration`, `Unsafe_Action`.
*/
@JvmName("klvrmsgoowcskglg")
public suspend fun disabledAlerts(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.disabledAlerts = mapped
}
/**
* @param values Specifies an array of alerts that are disabled. Allowed values are: `Sql_Injection`, `Sql_Injection_Vulnerability`, `Access_Anomaly`, `Data_Exfiltration`, `Unsafe_Action`.
*/
@JvmName("sfxejtnvsxuaqxle")
public suspend fun disabledAlerts(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.disabledAlerts = mapped
}
/**
* @param value Boolean flag which specifies if the alert is sent to the account administrators or not. Defaults to `false`.
*/
@JvmName("duqvulddqxthaane")
public suspend fun emailAccountAdmins(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.emailAccountAdmins = mapped
}
/**
* @param value Specifies an array of email addresses to which the alert is sent.
*/
@JvmName("rbkwnnequdptrolf")
public suspend fun emailAddresses(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.emailAddresses = mapped
}
/**
* @param values Specifies an array of email addresses to which the alert is sent.
*/
@JvmName("xbcflayikqkxrtbw")
public suspend fun emailAddresses(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.emailAddresses = mapped
}
/**
* @param value The name of the resource group that contains the MS SQL Server. Changing this forces a new resource to be created.
*/
@JvmName("gycjhcqmfdhdnsef")
public suspend fun resourceGroupName(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.resourceGroupName = mapped
}
/**
* @param value Specifies the number of days to keep in the Threat Detection audit logs. Defaults to `0`.
*/
@JvmName("ngegsqjmwijcexrd")
public suspend fun retentionDays(`value`: Int?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.retentionDays = mapped
}
/**
* @param value Specifies the name of the MS SQL Server. Changing this forces a new resource to be created.
*/
@JvmName("hucgctrjowhueury")
public suspend fun serverName(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.serverName = mapped
}
/**
* @param value Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database server. Possible values are `Disabled`, `Enabled` and `New`.
*/
@JvmName("cennvlslyffduxfa")
public suspend fun state(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.state = mapped
}
/**
* @param value Specifies the identifier key of the Threat Detection audit storage account. This is mandatory when you use `storage_endpoint` to specify a storage account blob endpoint.
* > **NOTE:** Please note that storage accounts configured with `shared_access_key_enabled = false` cannot be used to configure `azure.mssql.ServerSecurityAlertPolicy` with `storage_endpoint` for now.
*/
@JvmName("lqhwujxmkanwehvo")
public suspend fun storageAccountAccessKey(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.storageAccountAccessKey = mapped
}
/**
* @param value Specifies the blob storage endpoint (e.g. ). This blob storage will hold all Threat Detection audit logs.
*/
@JvmName("ogihmquuklyqrwev")
public suspend fun storageEndpoint(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.storageEndpoint = mapped
}
internal fun build(): ServerSecurityAlertPolicyArgs = ServerSecurityAlertPolicyArgs(
disabledAlerts = disabledAlerts,
emailAccountAdmins = emailAccountAdmins,
emailAddresses = emailAddresses,
resourceGroupName = resourceGroupName,
retentionDays = retentionDays,
serverName = serverName,
state = state,
storageAccountAccessKey = storageAccountAccessKey,
storageEndpoint = storageEndpoint,
)
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy