Database Security Alert Policies - Get
Gets a database's security alert policy.
GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/securityAlertPolicies/Default?api-version=2025-01-01
URI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
database
|
path | True |
string |
The name of the database. |
|
resource
|
path | True |
string minLength: 1maxLength: 90 |
The name of the resource group. The name is case insensitive. |
|
security
|
path | True |
The name of the security alert policy. |
|
|
server
|
path | True |
string |
The name of the server. |
|
subscription
|
path | True |
string (uuid) |
The ID of the target subscription. The value must be an UUID. |
|
api-version
|
query | True |
string minLength: 1 |
The API version to use for this operation. |
Responses
| Name | Type | Description |
|---|---|---|
| 200 OK |
Azure operation completed successfully. |
|
| Other Status Codes |
An unexpected error response. |
Security
azure_auth
Azure Active Directory OAuth2 Flow.
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Name | Description |
|---|---|
| user_impersonation | impersonate your user account |
Examples
Get a database's threat detection policy
Sample request
GET https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-6852/providers/Microsoft.Sql/servers/securityalert-2080/databases/testdb/securityAlertPolicies/Default?api-version=2025-01-01
Sample response
{
"name": "Default",
"type": "Microsoft.Sql/servers/databases/securityAlertPolicies",
"id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-6852/providers/Microsoft.Sql/servers/securityalert-2080/databases/testdb",
"properties": {
"creationTime": "2020-04-03T04:41:33.937Z",
"disabledAlerts": [
"Usage_Anomaly"
],
"emailAccountAdmins": true,
"emailAddresses": [
"test@consoto.com",
"user@consoto.com"
],
"retentionDays": 0,
"state": "Enabled",
"storageAccountAccessKey": ""
},
"systemData": {
"createdAt": "2020-04-03T04:41:33.937Z",
"createdBy": "string",
"createdByType": "User",
"lastModifiedAt": "2020-04-03T04:41:33.937Z",
"lastModifiedBy": "string",
"lastModifiedByType": "User"
}
}
Definitions
| Name | Description |
|---|---|
|
created |
The type of identity that created the resource. |
|
Database |
A database security alert policy. |
|
Error |
The resource management error additional info. |
|
Error |
The error detail. |
|
Error |
Error response |
|
Security |
The name of the security alert policy. |
|
Security |
Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database. |
|
system |
Metadata pertaining to creation and last modification of the resource. |
createdByType
The type of identity that created the resource.
| Value | Description |
|---|---|
| User | |
| Application | |
| ManagedIdentity | |
| Key |
DatabaseSecurityAlertPolicy
A database security alert policy.
| Name | Type | Description |
|---|---|---|
| id |
string (arm-id) |
Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" |
| name |
string |
The name of the resource |
| properties.creationTime |
string (date-time) |
Specifies the UTC creation time of the policy. |
| properties.disabledAlerts |
string[] |
Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action, Brute_Force |
| properties.emailAccountAdmins |
boolean |
Specifies that the alert is sent to the account administrators. |
| properties.emailAddresses |
string[] |
Specifies an array of e-mail addresses to which the alert is sent. |
| properties.retentionDays |
integer (int32) |
Specifies the number of days to keep in the Threat Detection audit logs. |
| properties.state |
Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database. |
|
| properties.storageAccountAccessKey |
string |
Specifies the identifier key of the Threat Detection audit storage account. |
| properties.storageEndpoint |
string |
Specifies the blob storage endpoint (e.g. |
| systemData |
Azure Resource Manager metadata containing createdBy and modifiedBy information. |
|
| type |
string |
The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" |
ErrorAdditionalInfo
The resource management error additional info.
| Name | Type | Description |
|---|---|---|
| info |
object |
The additional info. |
| type |
string |
The additional info type. |
ErrorDetail
The error detail.
| Name | Type | Description |
|---|---|---|
| additionalInfo |
The error additional info. |
|
| code |
string |
The error code. |
| details |
The error details. |
|
| message |
string |
The error message. |
| target |
string |
The error target. |
ErrorResponse
Error response
| Name | Type | Description |
|---|---|---|
| error |
The error object. |
SecurityAlertPolicyName
The name of the security alert policy.
| Value | Description |
|---|---|
| Default |
Default |
SecurityAlertsPolicyState
Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database.
| Value | Description |
|---|---|
| Enabled |
Enabled |
| Disabled |
Disabled |
systemData
Metadata pertaining to creation and last modification of the resource.
| Name | Type | Description |
|---|---|---|
| createdAt |
string (date-time) |
The timestamp of resource creation (UTC). |
| createdBy |
string |
The identity that created the resource. |
| createdByType |
The type of identity that created the resource. |
|
| lastModifiedAt |
string (date-time) |
The timestamp of resource last modification (UTC) |
| lastModifiedBy |
string |
The identity that last modified the resource. |
| lastModifiedByType |
The type of identity that last modified the resource. |