Managed Database Security Alert Policies - Create Or Update

Service:: SQL Database

API Version:: 2023-08-01

Creates or updates a database's security alert policy.

PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/managedInstances/{managedInstanceName}/databases/{databaseName}/securityAlertPolicies/default?api-version=2023-08-01

URI Parameters

Name	In	Required	Type	Description
databaseName	path	True	string	The name of the managed database for which the security alert policy is defined.
managedInstanceName	path	True	string	The name of the managed instance.
resourceGroupName	path	True	string	The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
securityAlertPolicyName	path	True	SecurityAlertPolicyName	The name of the security alert policy.
subscriptionId	path	True	string	The subscription ID that identifies an Azure subscription.
api-version	query	True	string	The API version to use for the request.

Request Body

Name	Required	Type	Description
properties.state	True	SecurityAlertPolicyState	Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database.
properties.disabledAlerts		string[]	Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action, Brute_Force
properties.emailAccountAdmins		boolean	Specifies that the alert is sent to the account administrators.
properties.emailAddresses		string[]	Specifies an array of e-mail addresses to which the alert is sent.
properties.retentionDays		integer (int32)	Specifies the number of days to keep in the Threat Detection audit logs.
properties.storageAccountAccessKey		string	Specifies the identifier key of the Threat Detection audit storage account.
properties.storageEndpoint		string	Specifies the blob storage endpoint (e.g. `https://MyAccount.blob.core.windows.net`). This blob storage will hold all Threat Detection audit logs.

Responses

Name	Type	Description
200 OK	ManagedDatabaseSecurityAlertPolicy	Successfully set the managed database security alert policy.
201 Created	ManagedDatabaseSecurityAlertPolicy	Successfully created the managed database security alert policy.
Other Status Codes	ErrorResponse	* Error Responses: *

Examples

Update a database's threat detection policy with all parameters

Update a database's threat detection policy with minimal parameters

Update a database's threat detection policy with all parameters

PUT https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-4799/providers/Microsoft.Sql/managedInstances/securityalert-6440/databases/testdb/securityAlertPolicies/default?api-version=2023-08-01

{
  "properties": {
    "state": "Enabled",
    "emailAccountAdmins": true,
    "emailAddresses": [
      "test@contoso.com",
      "user@contoso.com"
    ],
    "disabledAlerts": [
      "Sql_Injection",
      "Usage_Anomaly"
    ],
    "retentionDays": 6,
    "storageAccountAccessKey": "sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD==",
    "storageEndpoint": "https://mystorage.blob.core.windows.net"
  }
}

using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Sql.Models;
using Azure.ResourceManager.Sql;

// Generated from example definition: specification/sql/resource-manager/Microsoft.Sql/stable/2023-08-01/examples/ManagedDatabaseSecurityAlertCreateMax.json
// this example is just showing the usage of "ManagedDatabaseSecurityAlertPolicies_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this ManagedDatabaseSecurityAlertPolicyResource created on azure
// for more information of creating ManagedDatabaseSecurityAlertPolicyResource, please refer to the document of ManagedDatabaseSecurityAlertPolicyResource
string subscriptionId = "00000000-1111-2222-3333-444444444444";
string resourceGroupName = "securityalert-4799";
string managedInstanceName = "securityalert-6440";
string databaseName = "testdb";
SqlSecurityAlertPolicyName securityAlertPolicyName = new SqlSecurityAlertPolicyName("default");
ResourceIdentifier managedDatabaseSecurityAlertPolicyResourceId = ManagedDatabaseSecurityAlertPolicyResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, managedInstanceName, databaseName, securityAlertPolicyName);
ManagedDatabaseSecurityAlertPolicyResource managedDatabaseSecurityAlertPolicy = client.GetManagedDatabaseSecurityAlertPolicyResource(managedDatabaseSecurityAlertPolicyResourceId);

// invoke the operation
ManagedDatabaseSecurityAlertPolicyData data = new ManagedDatabaseSecurityAlertPolicyData
{
    State = SecurityAlertPolicyState.Enabled,
    DisabledAlerts = { "Sql_Injection", "Usage_Anomaly" },
    EmailAddresses = { "test@contoso.com", "user@contoso.com" },
    SendToEmailAccountAdmins = true,
    StorageEndpoint = "https://mystorage.blob.core.windows.net",
    StorageAccountAccessKey = "sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD==",
    RetentionDays = 6,
};
ArmOperation<ManagedDatabaseSecurityAlertPolicyResource> lro = await managedDatabaseSecurityAlertPolicy.UpdateAsync(WaitUntil.Completed, data);
ManagedDatabaseSecurityAlertPolicyResource result = lro.Value;

// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
ManagedDatabaseSecurityAlertPolicyData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample response

Status code:: 200

{
  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-4799/providers/Microsoft.Sql/managedInstances/securityalert-6440/databases/testdb",
  "name": "default",
  "type": "Microsoft.Sql/managedInstances/databases/securityAlertPolicies",
  "properties": {
    "state": "Enabled",
    "emailAccountAdmins": true,
    "emailAddresses": [
      "test@contoso.com",
      "user@contoso.com"
    ],
    "disabledAlerts": [
      "Sql_Injection",
      "Usage_Anomaly"
    ],
    "retentionDays": 6,
    "storageAccountAccessKey": "",
    "storageEndpoint": "https://mystorage.blob.core.windows.net"
  }
}

Status code:: 201

{
  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-4799/providers/Microsoft.Sql/managedInstances/securityalert-6440/databases/testdb",
  "name": "default",
  "type": "Microsoft.Sql/managedInstances/databases/securityAlertPolicies",
  "properties": {
    "state": "Enabled",
    "emailAccountAdmins": true,
    "emailAddresses": [
      "test@contoso.com",
      "user@contoso.com"
    ],
    "disabledAlerts": [
      "Access_Anomaly",
      "Usage_Anomaly"
    ],
    "retentionDays": 6,
    "storageAccountAccessKey": "sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD==",
    "storageEndpoint": "https://mystorage.blob.core.windows.net"
  }
}

Update a database's threat detection policy with minimal parameters

Sample request

HTTP
dotnet

PUT https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-4799/providers/Microsoft.Sql/managedInstances/securityalert-6440/databases/testdb/securityAlertPolicies/default?api-version=2023-08-01

{
  "properties": {
    "state": "Enabled"
  }
}

using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Sql.Models;
using Azure.ResourceManager.Sql;

// Generated from example definition: specification/sql/resource-manager/Microsoft.Sql/stable/2023-08-01/examples/ManagedDatabaseSecurityAlertCreateMin.json
// this example is just showing the usage of "ManagedDatabaseSecurityAlertPolicies_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this ManagedDatabaseSecurityAlertPolicyResource created on azure
// for more information of creating ManagedDatabaseSecurityAlertPolicyResource, please refer to the document of ManagedDatabaseSecurityAlertPolicyResource
string subscriptionId = "00000000-1111-2222-3333-444444444444";
string resourceGroupName = "securityalert-4799";
string managedInstanceName = "securityalert-6440";
string databaseName = "testdb";
SqlSecurityAlertPolicyName securityAlertPolicyName = new SqlSecurityAlertPolicyName("default");
ResourceIdentifier managedDatabaseSecurityAlertPolicyResourceId = ManagedDatabaseSecurityAlertPolicyResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, managedInstanceName, databaseName, securityAlertPolicyName);
ManagedDatabaseSecurityAlertPolicyResource managedDatabaseSecurityAlertPolicy = client.GetManagedDatabaseSecurityAlertPolicyResource(managedDatabaseSecurityAlertPolicyResourceId);

// invoke the operation
ManagedDatabaseSecurityAlertPolicyData data = new ManagedDatabaseSecurityAlertPolicyData
{
    State = SecurityAlertPolicyState.Enabled,
};
ArmOperation<ManagedDatabaseSecurityAlertPolicyResource> lro = await managedDatabaseSecurityAlertPolicy.UpdateAsync(WaitUntil.Completed, data);
ManagedDatabaseSecurityAlertPolicyResource result = lro.Value;

// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
ManagedDatabaseSecurityAlertPolicyData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample response

Status code:: 200

{
  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-4799/providers/Microsoft.Sql/managedInstances/securityalert-6440/databases/testdb",
  "name": "default",
  "type": "Microsoft.Sql/managedInstance/databases/securityAlertPolicies",
  "properties": {
    "state": "Enabled",
    "emailAccountAdmins": true,
    "emailAddresses": [],
    "disabledAlerts": [],
    "retentionDays": 0,
    "storageAccountAccessKey": "",
    "storageEndpoint": ""
  }
}

Status code:: 201

{
  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-4799/providers/Microsoft.Sql/managedInstances/securityalert-6440/databases/testdb",
  "name": "default",
  "type": "Microsoft.Sql/managedInstance/databases/securityAlertPolicies",
  "properties": {
    "state": "Enabled",
    "emailAccountAdmins": true,
    "emailAddresses": [],
    "disabledAlerts": [],
    "retentionDays": 0,
    "storageAccountAccessKey": "",
    "storageEndpoint": ""
  }
}

Definitions

Name	Description
ErrorAdditionalInfo	The resource management error additional info.
ErrorDetail	The error detail.
ErrorResponse	Error response
ManagedDatabaseSecurityAlertPolicy	A managed database security alert policy.
SecurityAlertPolicyName	The name of the security alert policy.
SecurityAlertPolicyState	Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database.

ErrorAdditionalInfo

Object

The resource management error additional info.

Name	Type	Description
info	object	The additional info.
type	string	The additional info type.

ErrorDetail

Object

The error detail.

Name	Type	Description
additionalInfo	ErrorAdditionalInfo[]	The error additional info.
code	string	The error code.
details	ErrorDetail[]	The error details.
message	string	The error message.
target	string	The error target.

ErrorResponse

Object

Error response

Name	Type	Description
error	ErrorDetail	The error object.

ManagedDatabaseSecurityAlertPolicy

Object

A managed database security alert policy.

Name	Type	Description
id	string	Resource ID.
name	string	Resource name.
properties.creationTime	string (date-time)	Specifies the UTC creation time of the policy.
properties.disabledAlerts	string[]	Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action, Brute_Force
properties.emailAccountAdmins	boolean	Specifies that the alert is sent to the account administrators.
properties.emailAddresses	string[]	Specifies an array of e-mail addresses to which the alert is sent.
properties.retentionDays	integer (int32)	Specifies the number of days to keep in the Threat Detection audit logs.
properties.state	SecurityAlertPolicyState	Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database.
properties.storageAccountAccessKey	string	Specifies the identifier key of the Threat Detection audit storage account.
properties.storageEndpoint	string	Specifies the blob storage endpoint (e.g. `https://MyAccount.blob.core.windows.net`). This blob storage will hold all Threat Detection audit logs.
type	string	Resource type.

SecurityAlertPolicyName

Enumeration

The name of the security alert policy.

Value	Description
default

SecurityAlertPolicyState

Enumeration

Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database.

Value	Description
New
Enabled
Disabled

Share via

Managed Database Security Alert Policies - Create Or Update

URI Parameters

Request Body

Responses

Examples

Update a database's threat detection policy with all parameters

Sample request

Sample response

Update a database's threat detection policy with minimal parameters

Sample request

Sample response

Definitions

ErrorAdditionalInfo

ErrorDetail

ErrorResponse

ManagedDatabaseSecurityAlertPolicy

SecurityAlertPolicyName

SecurityAlertPolicyState