Add an example of sql security alert policy (#241)

* add example of sql security alert policy

---------

Co-authored-by: Nanxuan Xu <nanxu@microsoft.com>

quickstart/101-sql-security-alert-policy/main.tf

@@ -0,0 +1,46 @@
+resource "random_pet" "rg_name" {
+  prefix = var.resource_group_name_prefix
+}
+
+resource "azurerm_resource_group" "rg" {
+  name     = random_pet.rg_name.id
+  location = var.resource_group_location
+}
+
+resource "random_pet" "azurerm_mssql_server_name" {
+  prefix = "sql"
+}
+
+resource "random_password" "admin_password" {
+  count       = var.admin_password == null ? 1 : 0
+  length      = 20
+  special     = true
+  min_numeric = 1
+  min_upper   = 1
+  min_lower   = 1
+  min_special = 1
+}
+
+locals {
+  admin_password = try(random_password.admin_password[0].result, var.admin_password)
+}
+
+resource "azurerm_mssql_server" "server" {
+  name                         = random_pet.azurerm_mssql_server_name.id
+  resource_group_name          = azurerm_resource_group.rg.name
+  location                     = azurerm_resource_group.rg.location
+  administrator_login          = var.admin_username
+  administrator_login_password = local.admin_password
+  version                      = "12.0"
+}
+
+resource "azurerm_mssql_server_security_alert_policy" "example" {
+  resource_group_name        = azurerm_resource_group.rg.name
+  server_name                = azurerm_mssql_server.server.name
+  state                      = "Enabled"
+  disabled_alerts = [
+    "Sql_Injection",
+    "Data_Exfiltration"
+  ]
+  retention_days = 20
+}

quickstart/101-sql-security-alert-policy/outputs.tf

@@ -0,0 +1,12 @@
+output "resource_group_name" {
+  value = azurerm_resource_group.rg.name
+}
+
+output "sql_server_name" {
+  value = azurerm_mssql_server.server.name
+}
+
+output "admin_password" {
+  sensitive = true
+  value     = local.admin_password
+}

quickstart/101-sql-security-alert-policy/providers.tf

@@ -0,0 +1,16 @@
+terraform {
+  required_version = ">=1.0"
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "~>3.0"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = "~>3.0"
+    }
+  }
+}
+provider "azurerm" {
+  features {}
+}

quickstart/101-sql-security-alert-policy/variables.tf

@@ -0,0 +1,30 @@
+variable "resource_group_location" {
+  type        = string
+  description = "Location for all resources."
+  default     = "eastus"
+}
+
+variable "resource_group_name_prefix" {
+  type        = string
+  description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription."
+  default     = "rg"
+}
+
+variable "sql_db_name" {
+  type        = string
+  description = "The name of the SQL Database."
+  default     = "SampleDB"
+}
+
+variable "admin_username" {
+  type        = string
+  description = "The administrator username of the SQL logical server."
+  default     = "azureadmin"
+}
+
+variable "admin_password" {
+  type        = string
+  description = "The administrator password of the SQL logical server."
+  sensitive   = true
+  default     = null
+}