Threat detection policy for SqlSever cannot be set to New

hashicorp / terraform-provider-azurerm

Terraform provider for Azure Resource Manager

https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs

Mozilla Public License 2.0

4.52k stars 4.6k forks source link

Threat detection policy for SqlSever cannot be set to New #13901

Closed MelleD closed 2 years ago

MelleD commented 2 years ago

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform (and AzureRM Provider) Version

2.82.0

Affected Resource(s)

azurerm_sql_server

Terraform Configuration Files

  threat_detection_policy {
    state                                   = "New"
  }

Expected Behaviour

"New" can be set

Actual Behaviour

Error:

nError: setting database threat detection policy: sql.ServerSecurityAlertPoliciesClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code=\"DataSecurityInvalidUserSuppliedParameter\" Message=\"Invalid parameter 'state'. Allowed values are 'Enabled' or 'Disabled'.

MelleD commented 2 years ago

Additional "Enabled" cannot be set without a storage account, but a storage account is not needed

Azure portal Storage is no longer required to hold Advanced Threat Protection Alerts. Use the storage picker to remove the storage configuration. Alerts can be viewed in Azure Security Center.

aristosvo commented 2 years ago

Hi @MelleD! To answer your first question: this is a valid value based on the REST API. To not create deprecation issues, the only thing I can do is remove it from the documentation.

With regard to the storage, as seen in other issues you already migrated to the azurerm_mssql_server resource, which has the options you are presumably looking for and more. Based on the docs, it is recommended going forward to use azurerm_mssql_server resource.

Hope this helps! 👍🏽

MelleD commented 2 years ago

IHMO i would remove it from the documentation or you have to describe that "New" is no valid option what can be set

github-actions[bot] commented 2 years ago

This functionality has been released in v2.83.0 of the Terraform Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

github-actions[bot] commented 2 years ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.