Set-AzureRmSqlDatabaseThreatDetectionPolicy
Sets a threat detection policy on a database.
Warning
The AzureRM PowerShell module has been officially deprecated as of February 29, 2024. Users are advised to migrate from AzureRM to the Az PowerShell module to ensure continued support and updates.
Although the AzureRM module may still function, it's no longer maintained or supported, placing any continued use at the user's discretion and risk. Please refer to our migration resources for guidance on transitioning to the Az module.
Syntax
Set-AzureRmSqlDatabaseThreatDetectionPolicy
[-PassThru]
[-NotificationRecipientsEmails <String>]
[-EmailAdmins <Boolean>]
[-ExcludedDetectionType <DetectionType[]>]
[-StorageAccountName <String>]
[-RetentionInDays <UInt32>]
[-ServerName] <String>
[-DatabaseName] <String>
[-ResourceGroupName] <String>
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
The Set-AzureRmSqlDatabaseThreatDetectionPolicy cmdlet sets a threat detection policy on an Azure SQL database. In order to enable threat detection on a database an auditing policy must be enabled on that database. To use this cmdlet, specify the ResourceGroupName, ServerName and DatabaseName parameters to identify the database. This cmdlet is also supported by the SQL Server Stretch Database service on Azure.
Examples
Example 1: Set the threat detection policy for a database
PS C:\>Set-AzureRmSqlDatabaseThreatDetectionPolicy -ResourceGroupName "ResourceGroup11" -ServerName "Server01" -DatabaseName "Database01" -NotificationRecipientsEmails "admin01@contoso.com;secadmin@contoso.com" -EmailAdmins $False -ExcludedDetectionType "Sql_Injection_Vulnerability", "SQL_Injection" -StorageAccountName "mystorageAccount"This command sets the threat detection policy for a database named Database01 on the server named Server01.
Parameters
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DatabaseName
Specifies the name of the database where the policy is set.
| Type: | String |
| Position: | 2 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with azure
| Type: | IAzureContextContainer |
| Aliases: | AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-EmailAdmins
Specifies whether the threat detection policy contacts administrators by using email.
| Type: | Nullable<T>[Boolean] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-ExcludedDetectionType
Specifies an array of detection types to exclude from the policy. The acceptable values for this parameter are:
- Sql_Injection
- Sql_Injection_Vulnerability
- Access_Anomaly
- None
| Type: | DetectionType[] |
| Accepted values: | Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, None |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-NotificationRecipientsEmails
Specifies a semicolon-separated list of email addresses to which the policy sends alerts.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-PassThru
Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ResourceGroupName
Specifies the name of the resource group to which the server is assigned.
| Type: | String |
| Position: | 0 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-RetentionInDays
The number of retention days for the audit logs
| Type: | Nullable<T>[UInt32] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-ServerName
Specifies the name of the server.
| Type: | String |
| Position: | 1 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-StorageAccountName
Specifies the name of the storage account to be used. Wildcards are not permitted. This parameter is not required. When this parameter is not provided, the cmdlet will use the storage account that was defined previously as part of the threat detection policy of the database. If this is the first time a database threat detection policy is defined and this parameter is not provided, the cmdlet will fail.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
Nullable<T>[[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]
Nullable<T>[[System.UInt32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]
Outputs
DatabaseThreatDetectionPolicyModel