Ensure SQL servers enable data security policy

Error: SQL servers do not enable data security policy

Bridgecrew Policy ID: BC_AZR_GENERAL_69
Checkov Check ID: CKV2_AZURE_13
Severity: LOW

SQL servers do not enable data security policy

Description

TBA

Fix - Buildtime

Terraform

  • Resource: azurerm_sql_server, azurerm_mssql_server_security_alert_policy
  • Argument: server_name (of azurerm_mssql_server_security_alert_policy )
resource "azurerm_sql_server" "sql_server_good_1" {
  name                         = "mysqlserver"
  resource_group_name          = "group"
  location                     = "location"
  version                      = "12.0"
  administrator_login          = "4dm1n157r470r"
  administrator_login_password = "4-v3ry-53cr37-p455w0rd"
}

resource "azurerm_sql_server" "sql_server_good_2" {
  name                         = "mysqlserver"
  resource_group_name          = "group"
  location                     = "location"
  version                      = "12.0"
  administrator_login          = "4dm1n157r470r"
  administrator_login_password = "4-v3ry-53cr37-p455w0rd"
}


resource "azurerm_mssql_server_security_alert_policy" "alert_policy_good" {
  resource_group_name        = "group"
  server_name                = azurerm_sql_server.sql_server_good_1.name
  state                      = "Enabled"
  retention_days = 20
}

Did this page help you?