Support for Event Hub destination in `azurerm_mssql_server_microsoft_support_auditing_policy`

[CherylFlowers]

Is there an existing issue for this?

• [X] I have searched the existing issues

Community Note

• Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave comments along the lines of "+1", "me too" or "any updates", they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Description

In the Azure portal, the Auditing >> Auditing of Microsoft support operations supports writing events to an Event Hub, however the azurerm resource only supports writing to a storage account. This feature request is to enhance the functionality of the azurerm_mssql_server_microsoft_support_auditing_policy resource to support writing to an Event Hub.

New or Affected Resource(s)/Data Source(s)

azurerm_mssql_server_microsoft_support_auditing_policy

Potential Terraform Configuration

resource "azurerm_mssql_server_extended_auditing_policy" "policy" {
  server_id = "/subscriptions/..."
  eventhub = {
    name                  = "your_eventhub_name"
    authorization_rule_id = "your_eventhub_authorization_rule_id"
  }
}

References

No response

[dipesharora]

You can configure the above using below Terraform configuration.

provider "azurerm" {
  features {}
}

resource "azurerm_resource_group" "example" {
  name     = "example-resources"
  location = "East US"
}

resource "azurerm_mssql_server" "example" {
  name                         = "example-sqlserver"
  resource_group_name          = azurerm_resource_group.example.name
  location                     = azurerm_resource_group.example.location
  version                      = "12.0"
  administrator_login          = "missadministrator"
  administrator_login_password = "AdminPassword123!"
}

resource "azurerm_eventhub_namespace" "example" {
  name                = "example-eventhub-namespace"
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name
  sku                 = "Standard"
}

resource "azurerm_eventhub" "example" {
  name                = "example-eventhub"
  namespace_name      = azurerm_eventhub_namespace.example.name
  resource_group_name = azurerm_resource_group.example.name
  partition_count     = 2
  message_retention   = 1
}

resource "azurerm_eventhub_namespace_authorization_rule" "example" {
  name                = "example-eventhub-auth-rule"
  namespace_name      = azurerm_eventhub_namespace.example.name
  resource_group_name = azurerm_resource_group.example.name
  listen              = true
  send                = true
  manage              = true
}

resource "azurerm_mssql_server_microsoft_support_auditing_policy" "example" {
  server_id              = azurerm_mssql_server.example.id
  log_monitoring_enabled = true
}

resource "azurerm_monitor_diagnostic_setting" "example" {
  name                           = "example-diagnotic-setting"
  target_resource_id             = "${azurerm_mssql_server.example.id}/databases/master"
  eventhub_authorization_rule_id = azurerm_eventhub_namespace_authorization_rule.example.id
  eventhub_name                  = azurerm_eventhub.example.name

  enabled_log {
    category = "DevOpsOperationsAudit"
  }
}