Ensure Azure SQL server audit log retention is greater than 90 days org.openrewrite.terraform.azure.EnsureAzureSQLServerAuditLogRetentionIsGreaterThan90Days
Ensure Azure SQL server audit log retention is greater than 90 days.
Tags
Recipe source
GitHub , Issue Tracker , Maven Central
groupId: org.openrewrite.recipe
artifactId: rewrite-terraform
This recipe is composed of more than one recipe. If you want to customize the set of recipes this is composed of, you can find and copy the GitHub source for the recipe from the link above.
Usage
This recipe has no required configuration options. It can be activated by adding a dependency on org.openrewrite.recipe:rewrite-terraform:2.2.0
in your build file or by running a shell command (in which case no build changes are needed):
Gradle Gradle init script Maven POM Maven Command Line Moderne CLI
Add the following to your build.gradle
file:
Copy plugins {
id( "org.openrewrite.rewrite" ) version( "6.12.0" )
}
rewrite {
activeRecipe( "org.openrewrite.terraform.azure.EnsureAzureSQLServerAuditLogRetentionIsGreaterThan90Days" )
}
repositories {
mavenCentral()
}
dependencies {
rewrite( "org.openrewrite.recipe:rewrite-terraform:2.2.0" )
}
Run gradle rewriteRun
to run the recipe.
Create a file named init.gradle
in the root of your project.
Copy initscript {
repositories {
maven { url "https://plugins.gradle.org/m2" }
}
dependencies { classpath( "org.openrewrite:plugin:6.12.0" ) }
}
rootProject {
plugins . apply( org.openrewrite.gradle.RewritePlugin )
dependencies {
rewrite( "org.openrewrite.recipe:rewrite-terraform:2.2.0" )
}
rewrite {
activeRecipe( "org.openrewrite.terraform.azure.EnsureAzureSQLServerAuditLogRetentionIsGreaterThan90Days" )
}
afterEvaluate {
if (repositories . isEmpty()) {
repositories {
mavenCentral()
}
}
}
}
Run gradle --init-script init.gradle rewriteRun
to run the recipe.
Add the following to your pom.xml
file:
Copy < project >
< build >
< plugins >
< plugin >
< groupId >org.openrewrite.maven</ groupId >
< artifactId >rewrite-maven-plugin</ artifactId >
< version >5.29.0</ version >
< configuration >
< activeRecipes >
< recipe >org.openrewrite.terraform.azure.EnsureAzureSQLServerAuditLogRetentionIsGreaterThan90Days</ recipe >
</ activeRecipes >
</ configuration >
< dependencies >
< dependency >
< groupId >org.openrewrite.recipe</ groupId >
< artifactId >rewrite-terraform</ artifactId >
< version >2.2.0</ version >
</ dependency >
</ dependencies >
</ plugin >
</ plugins >
</ build >
</ project >
Run mvn rewrite:run
to run the recipe.
Copy mvn -U org.openrewrite.maven:rewrite-maven-plugin:run -Drewrite.recipeArtifactCoordinates=org.openrewrite.recipe:rewrite-terraform:RELEASE -Drewrite.activeRecipes=org.openrewrite.terraform.azure.EnsureAzureSQLServerAuditLogRetentionIsGreaterThan90Days
You will need to have configured the Moderne CLI on your machine before you can run the following command.
Copy mod run . --recipe EnsureAzureSQLServerAuditLogRetentionIsGreaterThan90Days
Definition
Recipe List Yaml Recipe List
Copy ---
type : specs.openrewrite.org/v1beta/recipe
name : org.openrewrite.terraform.azure.EnsureAzureSQLServerAuditLogRetentionIsGreaterThan90Days
displayName : Ensure Azure SQL server audit log retention is greater than 90 days
description : Ensure Azure SQL server audit log retention is greater than 90 days.
tags :
- Azure
- terraform
- CKV_AZURE_24
recipeList :
- org.openrewrite.terraform.AddConfiguration :
resourceName : azurerm_sql_server
content : extended_auditing_policy {
retention_in_days = 90
}
- org.openrewrite.terraform.AddConfiguration :
resourceName : azurerm_mssql_server
content : extended_auditing_policy {
retention_in_days = 90
}
See how this recipe works across multiple open-source repositories
The community edition of the Moderne platform enables you to easily run recipes across thousands of open-source repositories.
Please contact Moderne for more information about safely running the recipes on your own codebase in a private SaaS.
Contributors
Jonathan Schneider , Aaron Gershman , pocan101 , Kun Li , Knut Wannheden , Sam Snyder