az sql server
Manage SQL servers.
Commands
Name | Description | Type | Status |
---|---|---|---|
az sql server ad-admin |
Manage a server's Active Directory administrator. |
Core | GA |
az sql server ad-admin create |
Create a new server Active Directory administrator. |
Core | GA |
az sql server ad-admin delete |
Sets a server's AD admin. |
Core | GA |
az sql server ad-admin list |
Gets a list of Azure Active Directory administrators in a server. |
Core | GA |
az sql server ad-admin update |
Update an existing server Active Directory administrator. |
Core | GA |
az sql server ad-only-auth |
Manage Azure Active Directory only Authentication settings for this Server. |
Core | GA |
az sql server ad-only-auth disable |
Disable Azure Active Directory only Authentication for this Server. |
Core | GA |
az sql server ad-only-auth enable |
Enable Azure Active Directory only Authentication for this Server. |
Core | GA |
az sql server ad-only-auth get |
Get a specific Azure Active Directory only Authentication property. |
Core | GA |
az sql server advanced-threat-protection-setting |
Manage a server's advanced threat protection setting. |
Core | GA |
az sql server advanced-threat-protection-setting show |
Gets an advanced threat protection setting. |
Core | GA |
az sql server advanced-threat-protection-setting update |
Update a server's advanced threat protection setting. |
Core | GA |
az sql server audit-policy |
Manage a server's auditing policy. |
Core | GA |
az sql server audit-policy show |
Show server audit policy. |
Core | GA |
az sql server audit-policy update |
Update a server's auditing policy. |
Core | GA |
az sql server audit-policy wait |
Place the CLI in a waiting state until a condition of the server's audit policy is met. |
Core | GA |
az sql server conn-policy |
Manage a server's connection policy. |
Core | GA |
az sql server conn-policy show |
Gets a server's secure connection policy. |
Core | GA |
az sql server conn-policy update |
Updates a server's secure connection policy. |
Core | GA |
az sql server create |
Create a server. |
Core | GA |
az sql server delete |
Deletes a server. |
Core | GA |
az sql server dns-alias |
Manage a server's DNS aliases. |
Core | GA |
az sql server dns-alias create |
Creates a server DNS alias. |
Core | GA |
az sql server dns-alias delete |
Deletes the server DNS alias with the given name. |
Core | GA |
az sql server dns-alias list |
Gets a list of server DNS aliases for a server. |
Core | GA |
az sql server dns-alias set |
Sets a server to which DNS alias should point. |
Core | GA |
az sql server dns-alias show |
Gets a server DNS alias. |
Core | GA |
az sql server firewall-rule |
Manage a server's firewall rules. |
Core | GA |
az sql server firewall-rule create |
Create a firewall rule. |
Core | GA |
az sql server firewall-rule delete |
Deletes a firewall rule. |
Core | GA |
az sql server firewall-rule list |
List a server's firewall rules. |
Core | GA |
az sql server firewall-rule show |
Shows the details for a firewall rule. |
Core | GA |
az sql server firewall-rule update |
Update a firewall rule. |
Core | GA |
az sql server ipv6-firewall-rule |
Manage a server's ipv6 firewall rules. |
Core | GA |
az sql server ipv6-firewall-rule create |
Create an ipv6 firewall rule. |
Core | GA |
az sql server ipv6-firewall-rule delete |
Deletes an IPv6 firewall rule. |
Core | GA |
az sql server ipv6-firewall-rule list |
List a server's ipv6 firewall rules. |
Core | GA |
az sql server ipv6-firewall-rule show |
Shows the details for an ipv6 firewall rule. |
Core | GA |
az sql server ipv6-firewall-rule update |
Update an ipv6 firewall rule. |
Core | GA |
az sql server key |
Manage a server's keys. |
Core | GA |
az sql server key create |
Creates a server key. |
Core | GA |
az sql server key delete |
Deletes a server key. |
Core | GA |
az sql server key list |
Gets a list of server keys. |
Core | GA |
az sql server key show |
Shows a server key. |
Core | GA |
az sql server list |
List available servers. |
Core | GA |
az sql server list-usages |
Returns server usages. |
Core | GA |
az sql server ms-support |
Manage a server's Microsoft support operations. |
Core | GA |
az sql server ms-support audit-policy |
Manage a server's Microsoft support operations auditing policy. |
Core | GA |
az sql server ms-support audit-policy show |
Show server Microsoft support operations audit policy. |
Core | GA |
az sql server ms-support audit-policy update |
Update a server's Microsoft support operations auditing policy. |
Core | GA |
az sql server ms-support audit-policy wait |
Place the CLI in a waiting state until a condition of the server's Microsoft support operations audit policy is met. |
Core | GA |
az sql server outbound-firewall-rule |
Manage a server's outbound firewall rules. |
Core | GA |
az sql server outbound-firewall-rule create |
Create a new outbound firewall rule. |
Core | GA |
az sql server outbound-firewall-rule delete |
Delete the outbound firewall rule. |
Core | GA |
az sql server outbound-firewall-rule list |
List a server's outbound firewall rules. |
Core | GA |
az sql server outbound-firewall-rule show |
Show the details for an outbound firewall rule. |
Core | GA |
az sql server refresh-external-governance-status |
Refreshes external governance status. |
Core | GA |
az sql server show |
Gets a server. |
Core | GA |
az sql server tde-key |
Manage a server's encryption protector. |
Core | GA |
az sql server tde-key revalidate |
Revalidate a server encryption protector. |
Core | GA |
az sql server tde-key set |
Sets the server's encryption protector. Ensure to create the key first https://docs.microsoft.com/en-us/cli/azure/sql/server/key?view=azure-cli-latest#az-sql-server-key-create. |
Core | GA |
az sql server tde-key show |
Gets a server encryption protector. |
Core | GA |
az sql server update |
Update a server. |
Core | GA |
az sql server vnet-rule |
Manage a server's virtual network rules. |
Core | GA |
az sql server vnet-rule create |
Create a virtual network rule to allows access to an Azure SQL Server. |
Core | GA |
az sql server vnet-rule delete |
Deletes the virtual network rule with the given name. |
Core | GA |
az sql server vnet-rule list |
Gets a list of virtual network rules in a server. |
Core | GA |
az sql server vnet-rule show |
Gets a virtual network rule. |
Core | GA |
az sql server vnet-rule update |
Update a virtual network rule. |
Core | GA |
az sql server wait |
Place the CLI in a waiting state until a condition of the SQL server is met. |
Core | GA |
az sql server create
Create a server.
az sql server create --name
--resource-group
[--admin-password]
[--admin-user]
[--assign-identity]
[--enable-ad-only-auth]
[--enable-public-network {false, true}]
[--external-admin-name]
[--external-admin-principal-type]
[--external-admin-sid]
[--federated-client-id]
[--identity-type {None, SystemAssigned, SystemAssigned,UserAssigned, UserAssigned}]
[--key-id]
[--location]
[--minimal-tls-version {1.0, 1.1, 1.2, 1.3}]
[--no-wait]
[--pid]
[--restrict-outbound-network-access {false, true}]
[--user-assigned-identity-id]
Examples
Create a server.
az sql server create -l westus -g mygroup -n myserver -u myadminuser -p myadminpassword
Create a server with disabled public network access to server.
az sql server create -l westus -g mygroup -n myserver -u myadminuser -p myadminpassword -e false
Create a server without SQL Admin, with AD admin and AD Only enabled.
az sql server create --enable-ad-only-auth --external-admin-principal-type User --external-admin-name myUserName --external-admin-sid c5e964e2-6bb2-1111-1111-3b16ec0e1234 -g myResourceGroup -n myServer
Create a server without SQL Admin, with AD admin, AD Only enabled, User ManagedIdenties and Identity Type is SystemAssigned,UserAssigned.
az sql server create --enable-ad-only-auth --external-admin-principal-type User --external-admin-name myUserName \ --external-admin-sid c5e964e2-6bb2-1111-1111-3b16ec0e1234 -g myResourceGroup -n myServer -i \ --user-assigned-identity-id /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi \ --identity-type SystemAssigned,UserAssigned --pid /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi
Create a server without SQL Admin, with AD admin, AD Only enabled, User ManagedIdenties and Identity Type is UserAssigned.
az sql server create --enable-ad-only-auth --external-admin-principal-type User --external-admin-name myUserName \ --external-admin-sid c5e964e2-6bb2-1111-1111-3b16ec0e1234 -g myResourceGroup -n myServer -i \ --user-assigned-identity-id /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi \ --identity-type UserAssigned --pid /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi
Required Parameters
Name of the Azure SQL Server. You can configure the default using az configure --defaults sql-server=<name>
.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Optional Parameters
The administrator login password (required forserver creation).
Administrator username for the server. Oncecreated it cannot be changed.
Generate and assign an Azure Active Directory Identity for this server for use with key management services like Azure KeyVault.
Enable Azure Active Directory Only Authentication for this server.
Set whether public network access to server is allowed or not. When false,only connections made through Private Links can reach this server.
Display name of the Azure AD administrator user, group or application.
User, Group or Application.
The unique ID of the Azure AD administrator. Object Id for User or Group, Client Id for Applications.
The federated client id used in cross tenant CMK scenario.
Type of Identity to be used. Possible values are SystemAsssigned,UserAssigned, SystemAssigned,UserAssigned and None.
The key vault URI for encryption.
Location. Values from: az account list-locations
. You can configure the default location using az configure --defaults location=<location>
.
The minimal TLS version enforced by the sql server for inbound connections.
Do not wait for the long-running operation to finish.
The ID of the primary user managed identity.
Set whether outbound network access to server is restricted or not. When true,the outbound connections from the server will be restricted.
Generate and assign an User Managed Identity(UMI) for this server.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az sql server delete
Deletes a server.
az sql server delete [--ids]
[--name]
[--resource-group]
[--subscription]
[--yes]
Optional Parameters
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Name of the Azure SQL Server. You can configure the default using az configure --defaults sql-server=<name>
.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Do not prompt for confirmation.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az sql server list
List available servers.
az sql server list [--expand-ad-admin]
[--resource-group]
Examples
List all servers in the current subscription.
az sql server list
List all servers in a resource group.
az sql server list -g mygroup
Optional Parameters
Expand the Active Directory Administrator for the server.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az sql server list-usages
Returns server usages.
az sql server list-usages [--ids]
[--name]
[--resource-group]
[--subscription]
Optional Parameters
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Name of the Azure SQL Server. You can configure the default using az configure --defaults sql-server=<name>
.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az sql server refresh-external-governance-status
Refreshes external governance status.
az sql server refresh-external-governance-status [--ids]
[--resource-group]
[--server]
[--subscription]
Examples
Refresh external governance status for server
az sql server refresh-external-governance-status --resource-group MyResourceGroup --server MyServer
Optional Parameters
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Name of the Azure SQL Server. You can configure the default using az configure --defaults sql-server=<name>
.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az sql server show
Gets a server.
az sql server show [--expand-ad-admin]
[--ids]
[--name]
[--resource-group]
[--subscription]
Optional Parameters
Expand the Active Directory Administrator for the server.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Name of the Azure SQL Server. You can configure the default using az configure --defaults sql-server=<name>
.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az sql server update
Update a server.
az sql server update [--add]
[--admin-password]
[--assign_identity]
[--enable-public-network {false, true}]
[--federated-client-id]
[--force-string]
[--identity-type {None, SystemAssigned, SystemAssigned,UserAssigned, UserAssigned}]
[--ids]
[--key-id]
[--minimal-tls-version {1.0, 1.1, 1.2, 1.3}]
[--name]
[--no-wait]
[--pid]
[--remove]
[--resource-group]
[--restrict-outbound-network-access {false, true}]
[--set]
[--subscription]
[--user-assigned-identity-id]
Examples
Update a server. (autogenerated)
az sql server update --admin-password myadminpassword --name MyAzureSQLServer --resource-group MyResourceGroup
Update a server with User Managed Identies and Identity Type is SystemAssigned,UserAssigned.
az sql server update -g myResourceGroup -n myServer -i \ --user-assigned-identity-id /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi \ --identity-type SystemAssigned,UserAssigned --pid /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi
Update a server with User Managed Identies and Identity Type is UserAssigned.
az sql server update -g myResourceGroup -n myServer -i \ --user-assigned-identity-id /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi \ --identity-type UserAssigned --pid /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi
Optional Parameters
Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>
.
The administrator login password.
Generate and assign an Azure Active Directory Identity for this server for use with key management services like Azure KeyVault.
Set whether public network access to server is allowed or not. When false,only connections made through Private Links can reach this server.
The federated client id used in cross tenant CMK scenario.
When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.
Type of Identity to be used. Possible values are SystemAsssigned,UserAssigned, SystemAssigned,UserAssigned and None.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
The key vault URI for encryption.
The minimal TLS version enforced by the sql server for inbound connections.
Name of the Azure SQL Server. You can configure the default using az configure --defaults sql-server=<name>
.
Do not wait for the long-running operation to finish.
The ID of the primary user managed identity.
Remove a property or an element from a list. Example: --remove property.list <indexToRemove>
OR --remove propertyToRemove
.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Set whether outbound network access to server is restricted or not. When true,the outbound connections from the server will be restricted.
Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>
.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Generate and assign an User Managed Identity(UMI) for this server.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az sql server wait
Place the CLI in a waiting state until a condition of the SQL server is met.
az sql server wait [--created]
[--custom]
[--deleted]
[--exists]
[--expand]
[--ids]
[--interval]
[--name]
[--resource-group]
[--subscription]
[--timeout]
[--updated]
Optional Parameters
Wait until created with 'provisioningState' at 'Succeeded'.
Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].
Wait until deleted.
Wait until the resource exists.
The child resources to include in the response. Default value is None.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Polling interval in seconds.
Name of the Azure SQL Server. You can configure the default using az configure --defaults sql-server=<name>
.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Maximum wait in seconds.
Wait until updated with provisioningState at 'Succeeded'.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.