github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/azure/database/AVD-AZU-0025/Terraform.md

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/azure/database/AVD-AZU-0025/Terraform.md (about)

     1  
     2  Set retention periods of database auditing to greater than 90 days
     3  
     4  ```hcl
     5   resource "azurerm_mssql_database_extended_auditing_policy" "good_example" {
     6     database_id                             = azurerm_mssql_database.example.id
     7     storage_endpoint                        = azurerm_storage_account.example.primary_blob_endpoint
     8     storage_account_access_key              = azurerm_storage_account.example.primary_access_key
     9     storage_account_access_key_is_secondary = false
    10   }
    11   
    12   resource "azurerm_mssql_database_extended_auditing_policy" "good_example" {
    13     database_id                             = azurerm_mssql_database.example.id
    14     storage_endpoint                        = azurerm_storage_account.example.primary_blob_endpoint
    15     storage_account_access_key              = azurerm_storage_account.example.primary_access_key
    16     storage_account_access_key_is_secondary = false
    17     retention_in_days                       = 90
    18   }
    19   
    20  ```
    21  
    22  #### Remediation Links
    23   - https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mssql_database_extended_auditing_policy
    24  
    25   - https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mssql_server#retention_in_days
    26