Beta - Activity Log Alert For Create or Update SQL Server Firewall Rule Not Configured
- Query id: 1219a37a-9a2c-420d-8b8c-30bdbc3bfeb1
- Query name: Beta - Activity Log Alert For Create or Update SQL Server Firewall Rule Not Configured
- Platform: Terraform
- Severity: Medium
- Category: Observability
- CWE: 778
- Risk score: 3.0
- URL: Github
Description¶
There should be a 'azurerm_monitor_activity_log_alert' resource configured to capture 'create or update SQL server firewall rule' events
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Tests Not Fround
Code samples without security vulnerabilities¶
Negative test num. 1 - tf file
resource "azurerm_monitor_activity_log_alert" "negative1" {
name = "example-activitylogalert"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
scopes = [azurerm_resource_group.example.id]
description = "Negative sample"
criteria {
resource_id = azurerm_storage_account.to_monitor.id
operation_name = "Microsoft.Sql/servers/firewallRules/write"
category = "Administrative"
}
action {
action_group_id = azurerm_monitor_action_group.main.id
webhook_properties = {
from = "terraform"
}
}
}