The workspaces/sqlPools/securityAlertPolicies resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
To create a Microsoft.Synapse/workspaces/sqlPools/securityAlertPolicies resource, add the following JSON to your template.
{
"type": "Microsoft.Synapse/workspaces/sqlPools/securityAlertPolicies",
"apiVersion": "2021-06-01",
"name": "default",
"properties": {
"disabledAlerts": [ "string" ],
"emailAccountAdmins": "bool",
"emailAddresses": [ "string" ],
"retentionDays": "int",
"state": "string",
"storageAccountAccessKey": "string",
"storageEndpoint": "string"
}
}
Name | Description | Value |
---|---|---|
type | The resource type | 'Microsoft.Synapse/workspaces/sqlPools/securityAlertPolicies' |
apiVersion | The resource api version | '2021-06-01' |
name | The resource name See how to set names and types for child resources in JSON ARM templates. |
'default' |
properties | Resource properties. | SecurityAlertPolicyProperties |
Name | Description | Value |
---|---|---|
disabledAlerts | Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action | string[] |
emailAccountAdmins | Specifies that the alert is sent to the account administrators. | bool |
emailAddresses | Specifies an array of e-mail addresses to which the alert is sent. | string[] |
retentionDays | Specifies the number of days to keep in the Threat Detection audit logs. | int |
state | Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific Sql pool. | 'Disabled' 'Enabled' 'New' (required) |
storageAccountAccessKey | Specifies the identifier key of the Threat Detection audit storage account. | string |
storageEndpoint | Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net ). This blob storage will hold all Threat Detection audit logs. |
string |