MEDIUM
Source
Trivy
ID
AVD-AZU-0028

No threat detections are set

SQL Server can alert for security issues including SQL Injection, vulnerabilities, access anomalies and data exfiltration. Ensure none of these are disabled to benefit from the best protection

Impact

Follow the appropriate remediation steps below to resolve the issue.

Use all provided threat alerts

1
2
3
4
5
6
7
8
9
resource "azurerm_mssql_server_security_alert_policy" "good_example" {
  resource_group_name        = azurerm_resource_group.example.name
  server_name                = azurerm_sql_server.example.name
  state                      = "Enabled"
  storage_endpoint           = azurerm_storage_account.example.primary_blob_endpoint
  storage_account_access_key = azurerm_storage_account.example.primary_access_key
  disabled_alerts            = []
  retention_days             = 20
}