Terraform

Terraform

By DeepSource

Azure SQL server audit log retention is lesser than 90 days TF-S1024

Security

Audit Logs can be used to check for anomalies and give insight into suspected breaches or misuse of information and access. We recommend configuring SQL server audit retention to be more than 90 days.

Examples

Recommended

resource "azurerm_sql_server" "recommended" {
    ...
    extended_auditing_policy {
      storage_endpoint            = azurerm_storage_account.example.primary_blob_endpoint
      storage_account_access_key  = azurerm_storage_account.example.primary_access_key
      storage_account_access_key_is_secondary = true
      retention_in_days                       = <90 or greater>
    }
}

References