import * as pulumi from "@pulumi/pulumi"; /** * Manages a MS SQL Database Extended Auditing Policy. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as azure from "@pulumi/azure"; * * const example = new azure.core.ResourceGroup("example", { * name: "example-resources", * location: "West Europe", * }); * const exampleServer = new azure.mssql.Server("example", { * name: "example-sqlserver", * resourceGroupName: example.name, * location: example.location, * version: "12.0", * administratorLogin: "missadministrator", * administratorLoginPassword: "AdminPassword123!", * }); * const exampleDatabase = new azure.mssql.Database("example", { * name: "example-db", * serverId: exampleServer.id, * }); * const exampleAccount = new azure.storage.Account("example", { * name: "examplesa", * resourceGroupName: example.name, * location: example.location, * accountTier: "Standard", * accountReplicationType: "LRS", * }); * const exampleDatabaseExtendedAuditingPolicy = new azure.mssql.DatabaseExtendedAuditingPolicy("example", { * databaseId: exampleDatabase.id, * storageEndpoint: exampleAccount.primaryBlobEndpoint, * storageAccountAccessKey: exampleAccount.primaryAccessKey, * storageAccountAccessKeyIsSecondary: false, * retentionInDays: 6, * }); * ``` * * ## API Providers * * * This resource uses the following Azure API Providers: * * * `Microsoft.Sql` - 2023-08-01-preview * * ## Import * * MS SQL Database Extended Auditing Policies can be imported using the `resource id`, e.g. * * ```sh * $ pulumi import azure:mssql/databaseExtendedAuditingPolicy:DatabaseExtendedAuditingPolicy example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Sql/servers/sqlServer1/databases/db1/extendedAuditingSettings/default * ``` */ export declare class DatabaseExtendedAuditingPolicy extends pulumi.CustomResource { /** * Get an existing DatabaseExtendedAuditingPolicy resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: DatabaseExtendedAuditingPolicyState, opts?: pulumi.CustomResourceOptions): DatabaseExtendedAuditingPolicy; /** * Returns true if the given object is an instance of DatabaseExtendedAuditingPolicy. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is DatabaseExtendedAuditingPolicy; /** * The ID of the SQL database to set the extended auditing policy. Changing this forces a new resource to be created. */ readonly databaseId: pulumi.Output; /** * Whether to enable the extended auditing policy. Possible values are `true` and `false`. Defaults to `true`. * * > **Note:** If `enabled` is `true`, `storageEndpoint` or `logMonitoringEnabled` are required. */ readonly enabled: pulumi.Output; /** * Enable audit events to Azure Monitor? Defaults to `true`. * * > **Note:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. * To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. */ readonly logMonitoringEnabled: pulumi.Output; /** * The number of days to retain logs for in the storage account. Defaults to `0`. */ readonly retentionInDays: pulumi.Output; /** * The access key to use for the auditing storage account. */ readonly storageAccountAccessKey: pulumi.Output; /** * Is `storageAccountAccessKey` value the storage's secondary key? */ readonly storageAccountAccessKeyIsSecondary: pulumi.Output; /** * The blob storage endpoint (e.g. ). This blob storage will hold all extended auditing logs. */ readonly storageEndpoint: pulumi.Output; /** * Create a DatabaseExtendedAuditingPolicy resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: DatabaseExtendedAuditingPolicyArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering DatabaseExtendedAuditingPolicy resources. */ export interface DatabaseExtendedAuditingPolicyState { /** * The ID of the SQL database to set the extended auditing policy. Changing this forces a new resource to be created. */ databaseId?: pulumi.Input; /** * Whether to enable the extended auditing policy. Possible values are `true` and `false`. Defaults to `true`. * * > **Note:** If `enabled` is `true`, `storageEndpoint` or `logMonitoringEnabled` are required. */ enabled?: pulumi.Input; /** * Enable audit events to Azure Monitor? Defaults to `true`. * * > **Note:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. * To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. */ logMonitoringEnabled?: pulumi.Input; /** * The number of days to retain logs for in the storage account. Defaults to `0`. */ retentionInDays?: pulumi.Input; /** * The access key to use for the auditing storage account. */ storageAccountAccessKey?: pulumi.Input; /** * Is `storageAccountAccessKey` value the storage's secondary key? */ storageAccountAccessKeyIsSecondary?: pulumi.Input; /** * The blob storage endpoint (e.g. ). This blob storage will hold all extended auditing logs. */ storageEndpoint?: pulumi.Input; } /** * The set of arguments for constructing a DatabaseExtendedAuditingPolicy resource. */ export interface DatabaseExtendedAuditingPolicyArgs { /** * The ID of the SQL database to set the extended auditing policy. Changing this forces a new resource to be created. */ databaseId: pulumi.Input; /** * Whether to enable the extended auditing policy. Possible values are `true` and `false`. Defaults to `true`. * * > **Note:** If `enabled` is `true`, `storageEndpoint` or `logMonitoringEnabled` are required. */ enabled?: pulumi.Input; /** * Enable audit events to Azure Monitor? Defaults to `true`. * * > **Note:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. * To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. */ logMonitoringEnabled?: pulumi.Input; /** * The number of days to retain logs for in the storage account. Defaults to `0`. */ retentionInDays?: pulumi.Input; /** * The access key to use for the auditing storage account. */ storageAccountAccessKey?: pulumi.Input; /** * Is `storageAccountAccessKey` value the storage's secondary key? */ storageAccountAccessKeyIsSecondary?: pulumi.Input; /** * The blob storage endpoint (e.g. ). This blob storage will hold all extended auditing logs. */ storageEndpoint?: pulumi.Input; }