Share via


az sql db threat-policy

This command group has been deprecated and will be removed in a future release. Use 'sql db advanced-threat-protection-setting' instead.

Manage a database's threat detection policies.

Commands

Name Description Type Status
az sql db threat-policy show

Gets a threat detection policy.

Core Deprecated
az sql db threat-policy update

Update a database's threat detection policy.

Core Deprecated

az sql db threat-policy show

Deprecated

This command is implicitly deprecated because command group 'sql db threat-policy' is deprecated and will be removed in a future release. Use 'sql db advanced-threat-protection-setting' instead.

Gets a threat detection policy.

az sql db threat-policy show [--ids]
                             [--name]
                             [--resource-group]
                             [--server]
                             [--subscription]

Optional Parameters

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

Name of the Azure SQL Database.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--server -s

Name of the Azure SQL Server. You can configure the default using az configure --defaults sql-server=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az sql db threat-policy update

Deprecated

This command is implicitly deprecated because command group 'sql db threat-policy' is deprecated and will be removed in a future release. Use 'sql db advanced-threat-protection-setting' instead.

Update a database's threat detection policy.

If the policy is being enabled, storage_account or both storage_endpoint and storage_account_access_key must be specified.

az sql db threat-policy update [--add]
                               [--disabled-alerts]
                               [--email-account-admins]
                               [--email-addresses]
                               [--force-string]
                               [--ids]
                               [--name]
                               [--remove]
                               [--resource-group]
                               [--retention-days]
                               [--server]
                               [--set]
                               [--state {Disabled, Enabled, New}]
                               [--storage-account]
                               [--storage-endpoint]
                               [--storage-key]
                               [--subscription]

Examples

Enable by storage account name.

az sql db threat-policy update -g mygroup -s myserver -n mydb \
    --state Enabled --storage-account mystorage

Enable by storage endpoint and key.

az sql db threat-policy update -g mygroup -s myserver -n mydb \
    --state Enabled --storage-endpoint https://mystorage.blob.core.windows.net \
    --storage-key MYKEY==

Disable a subset of alert types.

az sql db threat-policy update -g mygroup -s myserver -n mydb \
    --disabled-alerts Sql_Injection_Vulnerability Access_Anomaly

Configure email recipients for a policy.

az sql db threat-policy update -g mygroup -s myserver -n mydb \
    --email-addresses me@examlee.com you@example.com \
    --email-account-admins Enabled

Disable a threat policy.

az sql db threat-policy update -g mygroup -s myserver -n mydb --state Disabled

Optional Parameters

--add

Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.

Default value: []
--disabled-alerts

List of disabled alerts.

--email-account-admins

Whether the alert is sent to the account administrators.

--email-addresses

List of email addresses that alerts are sent to.

--force-string

When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.

Default value: False
--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

Name of the Azure SQL Database.

--remove

Remove a property or an element from a list. Example: --remove property.list <indexToRemove> OR --remove propertyToRemove.

Default value: []
--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--retention-days

The number of days to retain threat detection logs.

--server -s

Name of the Azure SQL Server. You can configure the default using az configure --defaults sql-server=<name>.

--set

Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>.

Default value: []
--state

Threat detection policy state.

Accepted values: Disabled, Enabled, New
--storage-account

Name of the storage account.

--storage-endpoint

The storage account endpoint.

--storage-key

Access key for the storage account.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.