Enable Advanced Threat Protection on Azure DB for MySQL

[siddthota]

Hello,

I'm looking for this feature on TF to Enable Advanced Threat Protection on the MySQL DB and I don't find it in the documentation. Azure says it's in preview state since very long, but we have few security constraints to have this feature enabled to get into production. Can you please add this feature?

Potential Terraform Configuration

enable_advanced_threat_protection = true

[tombuildsstuff]

hi @siddthota

Thanks for opening this issue.

Support for this functionality has been added in #4848 which will ship in version 1.40 of the Azure Provider - as such you should be able to utilize this when this version is released. I've assigned this issue to the 1.40 Milestone - as such when this version is released @hashibot will comment to let you know when you can start using this.

Thanks!

[ghost]

This has been released in version 1.40.0 of the provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. As an example:

provider "azurerm" {
    version = "~> 1.40.0"
}
# ... other configuration ...

[tehyatt]

Hello @tombuildsstuff, I upgraded to 1.43.0 this morning and attempted to use the new azurerm_advanced_threat_protection resource, but got the following error. Seems the new resource only supports the storage account, not mysql server.

The documentation for #4848 seems to be specific to storage accounts as well.

Should this issue be reopened, or am I missing something?

Thanks!

Snippet of log below.

`
Error: Error updating Advanced Threat protection for resource "/subscriptions/****/resourceGroups/demo-group/providers/Microsoft.DBforMySQL/servers/demo-server": security.AdvancedThreatProtectionClient#Create: Failure responding to request: StatusCode=400 -- Original Error: autorest/azure: Service returned an error. Status=400 Code="Not Supported" Message="Atp settings are not supported on resources of type servers"

on ../../main.tf line 25, in resource "azurerm_advanced_threat_protection" "mysql_advanced_threat_protection":
25: resource "azurerm_advanced_threat_protection" "mysql_advanced_threat_protection" {
`

[tehyatt]

In addition, the new provider only supports enabling it. The ability to specify an email address and to enable or disable the option to "Also send email notification to admins and subscription owners" is not available in the new provider.

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 hashibot-feedback@hashicorp.com. Thanks!