az sql db threat-policy
This command group has been deprecated and will be removed in a future release. Use 'sql db advanced-threat-protection-setting' instead.
Manage a database's threat detection policies.
Commands
Name | Description | Type | Status |
---|---|---|---|
az sql db threat-policy show |
Gets a threat detection policy. |
Core | Deprecated |
az sql db threat-policy update |
Update a database's threat detection policy. |
Core | Deprecated |
az sql db threat-policy show
This command is implicitly deprecated because command group 'sql db threat-policy' is deprecated and will be removed in a future release. Use 'sql db advanced-threat-protection-setting' instead.
Gets a threat detection policy.
az sql db threat-policy show [--ids]
[--name]
[--resource-group]
[--server]
[--subscription]
Optional Parameters
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Name of the Azure SQL Database.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Name of the Azure SQL Server. You can configure the default using az configure --defaults sql-server=<name>
.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az sql db threat-policy update
This command is implicitly deprecated because command group 'sql db threat-policy' is deprecated and will be removed in a future release. Use 'sql db advanced-threat-protection-setting' instead.
Update a database's threat detection policy.
If the policy is being enabled, storage_account or both storage_endpoint and storage_account_access_key must be specified.
az sql db threat-policy update [--add]
[--disabled-alerts]
[--email-account-admins]
[--email-addresses]
[--force-string]
[--ids]
[--name]
[--remove]
[--resource-group]
[--retention-days]
[--server]
[--set]
[--state {Disabled, Enabled, New}]
[--storage-account]
[--storage-endpoint]
[--storage-key]
[--subscription]
Examples
Enable by storage account name.
az sql db threat-policy update -g mygroup -s myserver -n mydb \
--state Enabled --storage-account mystorage
Enable by storage endpoint and key.
az sql db threat-policy update -g mygroup -s myserver -n mydb \
--state Enabled --storage-endpoint https://mystorage.blob.core.windows.net \
--storage-key MYKEY==
Disable a subset of alert types.
az sql db threat-policy update -g mygroup -s myserver -n mydb \
--disabled-alerts Sql_Injection_Vulnerability Access_Anomaly
Configure email recipients for a policy.
az sql db threat-policy update -g mygroup -s myserver -n mydb \
--email-addresses me@examlee.com you@example.com \
--email-account-admins Enabled
Disable a threat policy.
az sql db threat-policy update -g mygroup -s myserver -n mydb --state Disabled
Optional Parameters
Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>
.
List of disabled alerts.
Whether the alert is sent to the account administrators.
List of email addresses that alerts are sent to.
When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Name of the Azure SQL Database.
Remove a property or an element from a list. Example: --remove property.list <indexToRemove>
OR --remove propertyToRemove
.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
The number of days to retain threat detection logs.
Name of the Azure SQL Server. You can configure the default using az configure --defaults sql-server=<name>
.
Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>
.
Threat detection policy state.
Name of the storage account.
The storage account endpoint.
Access key for the storage account.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.