MEDIUM
Source
Trivy
ID
AVD-AZU-0028

No threat detections are set

SQL Server can alert for security issues including SQL Injection, vulnerabilities, access anomalies and data exfiltration. Ensure none of these are disabled to benefit from the best protection

Impact

Follow the appropriate remediation steps below to resolve the issue.

Use all provided threat alerts

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
 resource "azurerm_mssql_server_security_alert_policy" "good_example" {
   resource_group_name        = azurerm_resource_group.example.name
   server_name                = azurerm_sql_server.example.name
   state                      = "Enabled"
   storage_endpoint           = azurerm_storage_account.example.primary_blob_endpoint
   storage_account_access_key = azurerm_storage_account.example.primary_access_key
   disabled_alerts = []
   retention_days = 20
 }