import * as pulumi from "@pulumi/pulumi"; /** * Manages a Security Alert Policy for a Synapse SQL Pool. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as azure from "@pulumi/azure"; * * const example = new azure.core.ResourceGroup("example", { * name: "example-resources", * location: "West Europe", * }); * const exampleAccount = new azure.storage.Account("example", { * name: "examplestorageacc", * resourceGroupName: example.name, * location: example.location, * accountTier: "Standard", * accountReplicationType: "LRS", * accountKind: "StorageV2", * isHnsEnabled: true, * }); * const exampleDataLakeGen2Filesystem = new azure.storage.DataLakeGen2Filesystem("example", { * name: "example", * storageAccountId: exampleAccount.id, * }); * const exampleWorkspace = new azure.synapse.Workspace("example", { * name: "example", * resourceGroupName: example.name, * location: example.location, * storageDataLakeGen2FilesystemId: exampleDataLakeGen2Filesystem.id, * sqlAdministratorLogin: "sqladminuser", * sqlAdministratorLoginPassword: "H@Sh1CoR3!", * aadAdmin: [{ * login: "AzureAD Admin", * objectId: "00000000-0000-0000-0000-000000000000", * tenantId: "00000000-0000-0000-0000-000000000000", * }], * identity: { * type: "SystemAssigned", * }, * tags: { * Env: "production", * }, * }); * const exampleSqlPool = new azure.synapse.SqlPool("example", { * name: "examplesqlpool", * synapseWorkspaceId: exampleWorkspace.id, * skuName: "DW100c", * createMode: "Default", * }); * const auditLogs = new azure.storage.Account("audit_logs", { * name: "examplesa", * resourceGroupName: example.name, * location: example.location, * accountTier: "Standard", * accountReplicationType: "LRS", * }); * const exampleSqlPoolSecurityAlertPolicy = new azure.synapse.SqlPoolSecurityAlertPolicy("example", { * sqlPoolId: exampleSqlPool.id, * policyState: "Enabled", * storageEndpoint: auditLogs.primaryBlobEndpoint, * storageAccountAccessKey: auditLogs.primaryAccessKey, * disabledAlerts: [ * "Sql_Injection", * "Data_Exfiltration", * ], * retentionDays: 20, * }); * ``` * * ## Import * * Synapse SQL Pool Security Alert Policies can be imported using the `resource id`, e.g. * * ```sh * $ pulumi import azure:synapse/sqlPoolSecurityAlertPolicy:SqlPoolSecurityAlertPolicy example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Synapse/workspaces/workspace1/sqlPools/sqlPool1/securityAlertPolicies/default * ``` */ export declare class SqlPoolSecurityAlertPolicy extends pulumi.CustomResource { /** * Get an existing SqlPoolSecurityAlertPolicy resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: SqlPoolSecurityAlertPolicyState, opts?: pulumi.CustomResourceOptions): SqlPoolSecurityAlertPolicy; /** * Returns true if the given object is an instance of SqlPoolSecurityAlertPolicy. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is SqlPoolSecurityAlertPolicy; /** * Specifies an array of alerts that are disabled. Allowed values are: `Sql_Injection`, `Sql_Injection_Vulnerability`, `Access_Anomaly`, `Data_Exfiltration`, `Unsafe_Action`. */ readonly disabledAlerts: pulumi.Output; /** * Boolean flag which specifies if the alert is sent to the account administrators or not. Defaults to `false`. */ readonly emailAccountAdminsEnabled: pulumi.Output; /** * Specifies an array of email addresses to which the alert is sent. */ readonly emailAddresses: pulumi.Output; /** * Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific SQL pool. Possible values are `Disabled`, `Enabled` and `New`. */ readonly policyState: pulumi.Output; /** * Specifies the number of days to keep in the Threat Detection audit logs. Defaults to `0`. */ readonly retentionDays: pulumi.Output; /** * Specifies the ID of the Synapse SQL Pool. Changing this forces a new resource to be created. */ readonly sqlPoolId: pulumi.Output; /** * Specifies the identifier key of the Threat Detection audit storage account. */ readonly storageAccountAccessKey: pulumi.Output; /** * Specifies the blob storage endpoint (e.g. ). This blob storage will hold all Threat Detection audit logs. */ readonly storageEndpoint: pulumi.Output; /** * Create a SqlPoolSecurityAlertPolicy resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: SqlPoolSecurityAlertPolicyArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering SqlPoolSecurityAlertPolicy resources. */ export interface SqlPoolSecurityAlertPolicyState { /** * Specifies an array of alerts that are disabled. Allowed values are: `Sql_Injection`, `Sql_Injection_Vulnerability`, `Access_Anomaly`, `Data_Exfiltration`, `Unsafe_Action`. */ disabledAlerts?: pulumi.Input[]>; /** * Boolean flag which specifies if the alert is sent to the account administrators or not. Defaults to `false`. */ emailAccountAdminsEnabled?: pulumi.Input; /** * Specifies an array of email addresses to which the alert is sent. */ emailAddresses?: pulumi.Input[]>; /** * Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific SQL pool. Possible values are `Disabled`, `Enabled` and `New`. */ policyState?: pulumi.Input; /** * Specifies the number of days to keep in the Threat Detection audit logs. Defaults to `0`. */ retentionDays?: pulumi.Input; /** * Specifies the ID of the Synapse SQL Pool. Changing this forces a new resource to be created. */ sqlPoolId?: pulumi.Input; /** * Specifies the identifier key of the Threat Detection audit storage account. */ storageAccountAccessKey?: pulumi.Input; /** * Specifies the blob storage endpoint (e.g. ). This blob storage will hold all Threat Detection audit logs. */ storageEndpoint?: pulumi.Input; } /** * The set of arguments for constructing a SqlPoolSecurityAlertPolicy resource. */ export interface SqlPoolSecurityAlertPolicyArgs { /** * Specifies an array of alerts that are disabled. Allowed values are: `Sql_Injection`, `Sql_Injection_Vulnerability`, `Access_Anomaly`, `Data_Exfiltration`, `Unsafe_Action`. */ disabledAlerts?: pulumi.Input[]>; /** * Boolean flag which specifies if the alert is sent to the account administrators or not. Defaults to `false`. */ emailAccountAdminsEnabled?: pulumi.Input; /** * Specifies an array of email addresses to which the alert is sent. */ emailAddresses?: pulumi.Input[]>; /** * Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific SQL pool. Possible values are `Disabled`, `Enabled` and `New`. */ policyState: pulumi.Input; /** * Specifies the number of days to keep in the Threat Detection audit logs. Defaults to `0`. */ retentionDays?: pulumi.Input; /** * Specifies the ID of the Synapse SQL Pool. Changing this forces a new resource to be created. */ sqlPoolId: pulumi.Input; /** * Specifies the identifier key of the Threat Detection audit storage account. */ storageAccountAccessKey?: pulumi.Input; /** * Specifies the blob storage endpoint (e.g. ). This blob storage will hold all Threat Detection audit logs. */ storageEndpoint?: pulumi.Input; }