exec.azurerm.postgresql.server_security_alert_policy

Azure Resource Manager (ARM) PostgreSQL Server Security Alert Policy Operations Execution Module

New in version 2.0.0.

maintainer:

<devops@eitr.tech>
configuration:

This module requires Azure Resource Manager credentials to be passed as keyword arguments to every function or via acct in order to work properly.

Required provider parameters:

if using username and password:
  • subscription_id
  • username
  • password
if using a service principal:
  • subscription_id
  • tenant
  • client_id
  • secret

Optional provider parameters:

cloud_environment: Used to point the cloud driver to different API endpoints, such as Azure GovCloud. Possible values:

  • AZURE_PUBLIC_CLOUD (default)
  • AZURE_CHINA_CLOUD
  • AZURE_US_GOV_CLOUD
  • AZURE_GERMAN_CLOUD
idem_azurerm.exec.azurerm.postgresql.server_security_alert_policy.create_or_update(hub, ctx, server_name, resource_group, policy_state, disabled_alerts=None, email_addresses=None, email_account_admins=None, storage_endpoint=None, storage_account_access_key=None, retention_days=None, **kwargs)

New in version 2.0.0.

Creates or updates a threat detection policy.

Parameters:
  • server_name – The name of the server.
  • resource_group – The name of the resource group. The name is case insensitive.
  • policy_state – Specifies the state of the policy, whether it is enabled or disabled. Possible values include: ‘Enabled’, ‘Disabled’.
  • disabled_alerts – Specifies an array of alerts that are disabled. Possible values are: ‘Sql_Injection’, ‘Sql_Injection_Vulnerability’, and ‘Access_Anomaly’.
  • email_addresses – Specifies an array of e-mail addresses to which the alert is sent.
  • email_account_admins – A boolean value that specifies whether the alert is sent to the account administrators or not.
  • storage_endpoint – Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.
  • storage_account_access_key – Specifies the identifier key of the Threat Detection audit storage account.
  • retention_days – Specifies the number of days to keep in the Threat Detection audit logs.

CLI Example:

azurerm.postgresql.server_security_alert_policy.create_or_update test_server test_group test_state
idem_azurerm.exec.azurerm.postgresql.server_security_alert_policy.get(hub, ctx, server_name, resource_group, **kwargs)

New in version 2.0.0.

Get a server’s security alert policy.

Parameters:
  • server_name – The name of the server.
  • resource_group – The name of the resource group. The name is case insensitive.

CLI Example:

azurerm.postgresql.server_security_alert_policy.get test_server test_group