Database Security Alert Policies - Get

Gets a database's security alert policy.

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/securityAlertPolicies/Default?api-version=2025-01-01

URI Parameters

Name In Required Type Description
databaseName
path True

string

The name of the database.

resourceGroupName
path True

string

minLength: 1
maxLength: 90

The name of the resource group. The name is case insensitive.

securityAlertPolicyName
path True

SecurityAlertPolicyName

The name of the security alert policy.

serverName
path True

string

The name of the server.

subscriptionId
path True

string (uuid)

The ID of the target subscription. The value must be an UUID.

api-version
query True

string

minLength: 1

The API version to use for this operation.

Responses

Name Type Description
200 OK

DatabaseSecurityAlertPolicy

Azure operation completed successfully.

Other Status Codes

ErrorResponse

An unexpected error response.

Security

azure_auth

Azure Active Directory OAuth2 Flow.

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name Description
user_impersonation impersonate your user account

Examples

Get a database's threat detection policy

Sample request

GET https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-6852/providers/Microsoft.Sql/servers/securityalert-2080/databases/testdb/securityAlertPolicies/Default?api-version=2025-01-01

Sample response

{
  "name": "Default",
  "type": "Microsoft.Sql/servers/databases/securityAlertPolicies",
  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-6852/providers/Microsoft.Sql/servers/securityalert-2080/databases/testdb",
  "properties": {
    "creationTime": "2020-04-03T04:41:33.937Z",
    "disabledAlerts": [
      "Usage_Anomaly"
    ],
    "emailAccountAdmins": true,
    "emailAddresses": [
      "test@consoto.com",
      "user@consoto.com"
    ],
    "retentionDays": 0,
    "state": "Enabled",
    "storageAccountAccessKey": ""
  },
  "systemData": {
    "createdAt": "2020-04-03T04:41:33.937Z",
    "createdBy": "string",
    "createdByType": "User",
    "lastModifiedAt": "2020-04-03T04:41:33.937Z",
    "lastModifiedBy": "string",
    "lastModifiedByType": "User"
  }
}

Definitions

Name Description
createdByType

The type of identity that created the resource.

DatabaseSecurityAlertPolicy

A database security alert policy.

ErrorAdditionalInfo

The resource management error additional info.

ErrorDetail

The error detail.

ErrorResponse

Error response

SecurityAlertPolicyName

The name of the security alert policy.

SecurityAlertsPolicyState

Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database.

systemData

Metadata pertaining to creation and last modification of the resource.

createdByType

The type of identity that created the resource.

Value Description
User
Application
ManagedIdentity
Key

DatabaseSecurityAlertPolicy

A database security alert policy.

Name Type Description
id

string (arm-id)

Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"

name

string

The name of the resource

properties.creationTime

string (date-time)

Specifies the UTC creation time of the policy.

properties.disabledAlerts

string[]

Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action, Brute_Force

properties.emailAccountAdmins

boolean

Specifies that the alert is sent to the account administrators.

properties.emailAddresses

string[]

Specifies an array of e-mail addresses to which the alert is sent.

properties.retentionDays

integer (int32)

Specifies the number of days to keep in the Threat Detection audit logs.

properties.state

SecurityAlertsPolicyState

Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database.

properties.storageAccountAccessKey

string

Specifies the identifier key of the Threat Detection audit storage account.

properties.storageEndpoint

string

Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.

systemData

systemData

Azure Resource Manager metadata containing createdBy and modifiedBy information.

type

string

The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"

ErrorAdditionalInfo

The resource management error additional info.

Name Type Description
info

object

The additional info.

type

string

The additional info type.

ErrorDetail

The error detail.

Name Type Description
additionalInfo

ErrorAdditionalInfo[]

The error additional info.

code

string

The error code.

details

ErrorDetail[]

The error details.

message

string

The error message.

target

string

The error target.

ErrorResponse

Error response

Name Type Description
error

ErrorDetail

The error object.

SecurityAlertPolicyName

The name of the security alert policy.

Value Description
Default

Default

SecurityAlertsPolicyState

Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database.

Value Description
Enabled

Enabled

Disabled

Disabled

systemData

Metadata pertaining to creation and last modification of the resource.

Name Type Description
createdAt

string (date-time)

The timestamp of resource creation (UTC).

createdBy

string

The identity that created the resource.

createdByType

createdByType

The type of identity that created the resource.

lastModifiedAt

string (date-time)

The timestamp of resource last modification (UTC)

lastModifiedBy

string

The identity that last modified the resource.

lastModifiedByType

createdByType

The type of identity that last modified the resource.