Ensure My SQL server enables Threat Detection policy

Error: My SQL server does not enable Threat Detection policy

Bridgecrew Policy ID: BC_AZR_GENERAL_44
Checkov Check ID: CKV_AZURE_127
Severity: LOW

My SQL server does not enable Threat Detection policy

Description

Enable Advanced Threat Detection on your non-Basic tier Azure database for MySQL servers to detect anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases.

Fix - Buildtime

Terraform

  • Resource: azurerm_mysql_server
  • Argument: threat_detection_policy.enabled
resource "azurerm_mysql_server" "example" {
              ... 
+             threat_detection_policy {
+                 enabled = true
              }
            }