Microsoft Azure

Microsoft Azure Database Threat Detection Policy APIs

The Microsoft Azure Database Threat Detection Policy APIs provide a set of tools and resources to help organizations better protect their data and mitigate potential security threats in their Azure databases. These APIs allow users to define and customize policies for detecting and responding to suspicious activities, such as unauthorized access attempts, data breaches, or unusual database activity.

GitHub OpenAPI

Documentation

📖
Documentation
https://learn.microsoft.com/en-us/rest/api/sql/database-threat-detection-policies/get?view=rest-sql-2014-04-01

Specifications

OpenAPI
https://raw.githubusercontent.com/api-evangelist/microsoft-azure/refs/heads/main/openapi/database-threat-detection-policy-apis-openapi-original.yml

OpenAPI Specification

database-threat-detection-policy-apis-openapi-original.yml Raw ↑ 
swagger: '2.0'
info:
  title: Microsoft Azure Database Threat Detection Policy APIs
  description: >-
    Provides create, read and update functionality for database Threat Detection
    policies.
  version: '2014-04-01'
host: management.azure.com
schemes:
  - https
consumes:
  - application/json
produces:
  - application/json
paths:
  ? /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/securityAlertPolicies/{securityAlertPolicyName}
  : get:
      tags:
        - SecurityAlert
      description: Gets a database's threat detection policy.
      operationId: microsoftAzureDatabasethreatdetectionpoliciesGet
      x-ms-examples:
        Get database security alert policy:
          $ref: ./examples/DatabaseSecurityAlertGet.json
      parameters:
        - $ref: ../../../common/v1/types.json#/parameters/SubscriptionIdParameter
        - $ref: ../../../common/v1/types.json#/parameters/ResourceGroupParameter
        - $ref: '#/parameters/ServerNameParameter'
        - name: databaseName
          in: path
          description: >-
            The name of the database for which database Threat Detection policy
            is defined.
          required: true
          type: string
        - name: securityAlertPolicyName
          in: path
          required: true
          type: string
          enum:
            - default
          description: The name of the security alert policy.
          x-ms-enum:
            modelAsString: true
            name: SecurityAlertPolicyName
        - $ref: ../../../common/v1/types.json#/parameters/ApiVersionParameter
      responses:
        '200':
          description: Successfully retrieved the database Threat Detection policy.
          schema:
            $ref: '#/definitions/DatabaseSecurityAlertPolicy'
        default:
          description: |-
            *** Error Responses: ***

             * 500 GetDatabaseSecurityAlertPolicyFailed - Failed to get database Threat Detection security alert policies. * 500 DatabaseIsUnavailable - Your settings are currently unavailable, please try again later
      summary: >-
        Microsoft Azure Get Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Sql Servers Servername Databases Databasename Securityalertpolicies Securityalertpolicyname
    put:
      tags:
        - SecurityAlert
      description: Creates or updates a database's threat detection policy.
      operationId: microsoftAzureDatabasethreatdetectionpoliciesCreateorupdate
      x-ms-examples:
        Create database security alert policy min:
          $ref: ./examples/DatabaseSecurityAlertCreateMin.json
        Create database security alert policy max:
          $ref: ./examples/DatabaseSecurityAlertCreateMax.json
      parameters:
        - $ref: ../../../common/v1/types.json#/parameters/SubscriptionIdParameter
        - $ref: ../../../common/v1/types.json#/parameters/ResourceGroupParameter
        - $ref: '#/parameters/ServerNameParameter'
        - name: databaseName
          in: path
          description: >-
            The name of the database for which database Threat Detection policy
            is defined.
          required: true
          type: string
        - name: securityAlertPolicyName
          in: path
          required: true
          type: string
          enum:
            - default
          description: The name of the security alert policy.
          x-ms-enum:
            modelAsString: true
            name: SecurityAlertPolicyName
        - name: parameters
          in: body
          description: The database Threat Detection policy.
          required: true
          schema:
            $ref: '#/definitions/DatabaseSecurityAlertPolicy'
        - $ref: ../../../common/v1/types.json#/parameters/ApiVersionParameter
      responses:
        '200':
          description: Successfully updated the database Threat Detection policy.
          schema:
            $ref: '#/definitions/DatabaseSecurityAlertPolicy'
        '201':
          description: Successfully created the database Threat Detection policy.
          schema:
            $ref: '#/definitions/DatabaseSecurityAlertPolicy'
        default:
          description: |-
            *** Error Responses: ***

             * 500 UpsertDatabaseSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later * 500 DatabaseIsUnavailable - Your settings are currently unavailable, please try again later
      summary: >-
        Microsoft Azure Put Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Sql Servers Servername Databases Databasename Securityalertpolicies Securityalertpolicyname
definitions:
  DatabaseSecurityAlertPolicy:
    description: Contains information about a database Threat Detection policy.
    type: object
    properties:
      location:
        type: string
        x-ms-mutability:
          - read
          - create
        description: The geo-location where the resource lives
      kind:
        readOnly: true
        type: string
        description: Resource kind.
      properties:
        $ref: '#/definitions/DatabaseSecurityAlertPolicyProperties'
        x-ms-client-flatten: true
        description: Properties of the security alert policy.
    allOf:
      - $ref: ../../../common/v1/types.json#/definitions/ProxyResource
  DatabaseSecurityAlertPolicyProperties:
    description: Properties for a database Threat Detection policy.
    type: object
    properties:
      state:
        description: >-
          Specifies the state of the policy. If state is Enabled,
          storageEndpoint and storageAccountAccessKey are required.
        type: string
        enum:
          - New
          - Enabled
          - Disabled
        x-ms-enum:
          name: SecurityAlertPolicyState
      disabledAlerts:
        description: >-
          Specifies the semicolon-separated list of alerts that are disabled, or
          empty string to disable no alerts. Possible values: Sql_Injection;
          Sql_Injection_Vulnerability; Access_Anomaly; Data_Exfiltration;
          Unsafe_Action.
        type: string
      emailAddresses:
        description: >-
          Specifies the semicolon-separated list of e-mail addresses to which
          the alert is sent.
        type: string
      emailAccountAdmins:
        description: Specifies that the alert is sent to the account administrators.
        type: string
        enum:
          - Enabled
          - Disabled
        x-ms-enum:
          name: SecurityAlertPolicyEmailAccountAdmins
      storageEndpoint:
        description: >-
          Specifies the blob storage endpoint (e.g.
          https://MyAccount.blob.core.windows.net). This blob storage will hold
          all Threat Detection audit logs. If state is Enabled, storageEndpoint
          is required.
        type: string
      storageAccountAccessKey:
        description: >-
          Specifies the identifier key of the Threat Detection audit storage
          account. If state is Enabled, storageAccountAccessKey is required.
        type: string
        x-ms-mutability:
          - create
          - update
      retentionDays:
        format: int32
        description: >-
          Specifies the number of days to keep in the Threat Detection audit
          logs.
        type: integer
      useServerDefault:
        description: Specifies whether to use the default server policy.
        type: string
        enum:
          - Enabled
          - Disabled
        x-ms-enum:
          name: SecurityAlertPolicyUseServerDefault
    required:
      - state
parameters:
  ServerNameParameter:
    name: serverName
    in: path
    required: true
    type: string
    description: The name of the server.
    x-ms-parameter-location: method
securityDefinitions:
  azure_auth:
    type: oauth2
    description: Azure Active Directory OAuth2 Flow
    flow: implicit
    authorizationUrl: https://login.microsoftonline.com/common/oauth2/authorize
    scopes:
      user_impersonation: impersonate your user account
tags:
  - name: SecurityAlert