github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/azure/database/AVD-AZU-0027/Terraform.md

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/azure/database/AVD-AZU-0027/Terraform.md (about)

     1  
     2  Enable auditing on Azure SQL databases
     3  
     4  ```hcl
     5   resource "azurerm_sql_server" "good_example" {
     6     name                         = "mssqlserver"
     7     resource_group_name          = azurerm_resource_group.example.name
     8     location                     = azurerm_resource_group.example.location
     9     version                      = "12.0"
    10     administrator_login          = "mradministrator"
    11     administrator_login_password = "terrasecRocks"
    12   
    13     extended_auditing_policy {
    14       storage_endpoint                        = azurerm_storage_account.example.primary_blob_endpoint
    15       storage_account_access_key              = azurerm_storage_account.example.primary_access_key
    16       storage_account_access_key_is_secondary = true
    17       retention_in_days                       = 6
    18     }
    19   }
    20   
    21  ```
    22  
    23  #### Remediation Links
    24   - https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_server#extended_auditing_policy
    25