az synapse sql pool threat-policy
Manage a SQL pool's threat detection policies.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az synapse sql pool threat-policy show |
Get a SQL pool's threat detection policy. |
Core | GA |
| az synapse sql pool threat-policy update |
Update a SQL pool's threat detection policy. |
Core | GA |
az synapse sql pool threat-policy show
Get a SQL pool's threat detection policy.
az synapse sql pool threat-policy show --security-alert-policy-name
[--ids]
[--name]
[--resource-group]
[--subscription]
[--workspace-name]Examples
Get a SQL pool's threat detection policy.
az synapse sql pool threat-policy show --name sqlpool --workspace-name testsynapseworkspace \
--resource-group rg --security-alert-policy-name threatpolicyRequired Parameters
Name of the security alert policy.
Optional Parameters
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
The SQL pool name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
The workspace name.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az synapse sql pool threat-policy update
Update a SQL pool's threat detection policy.
If the policy is being enabled, storage_account or both storage_endpoint and storage_account_access_key must be specified.
az synapse sql pool threat-policy update [--add]
[--disabled-alerts]
[--email-account-admins {false, true}]
[--email-addresses]
[--force-string]
[--ids]
[--name]
[--remove]
[--resource-group]
[--retention-days]
[--security-alert-policy-name]
[--set]
[--state {Disabled, Enabled, New}]
[--storage-account]
[--storage-endpoint]
[--storage-key]
[--subscription]
[--workspace-name]Examples
Enable by storage account name.
az synapse sql pool threat-policy update --name sqlpool --workspace-name testsynapseworkspace --resource-group rg \
--state Enabled --storage-account mystorageaccount --security-alert-policy-name threatpolicyEnable by storage endpoint and key.
az synapse sql pool threat-policy update --name sqlpool --workspace-name testsynapseworkspace --resource-group rg \
--state Enabled --storage-endpoint https://mystorage.blob.core.windows.net --storage-key MYKEY== \
--security-alert-policy-name threatpolicyDisable a subset of alert types.
az synapse sql pool threat-policy update --name sqlpool --workspace-name testsynapseworkspace --resource-group rg \
--disabled-alerts Sql_Injection_Vulnerability Access_Anomaly --security-alert-policy-name threatpolicyConfigure email recipients for a policy.
az synapse sql pool threat-policy update --name sqlpool --workspace-name testsynapseworkspace --resource-group rg \
--email-addresses me@examlee.com you@example.com --email-account-admins true \
--security-alert-policy-name threatpolicyDisable a threat policy.
az synapse sql pool threat-policy update --name sqlpool --workspace-name testsynapseworkspace --resource-group rg \
--state Disabled --security-alert-policy-name threatpolicyOptional Parameters
Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.
List of disabled alerts.
Whether the alert is sent to the account administrators.
List of email addresses that alerts are sent to.
When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
The SQL pool name.
Remove a property or an element from a list. Example: --remove property.list <indexToRemove> OR --remove propertyToRemove.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
The number of days to retain threat detection logs.
Name of the security alert policy.
Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>.
Threat detection policy state.
Name of the storage account.
The storage account endpoint.
Access key for the storage account.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
The workspace name.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for