Condividi tramite

ServerDevOpsAuditingSettings Class

A server DevOps auditing settings.

Variables are only populated by the server, and will be ignored when sending a request.

Constructor

ServerDevOpsAuditingSettings(*, is_azure_monitor_target_enabled: bool | None = None, is_managed_identity_in_use: bool | None = None, state: str | _models.BlobAuditingPolicyState | None = None, storage_endpoint: str | None = None, storage_account_access_key: str | None = None, storage_account_subscription_id: str | None = None, **kwargs: Any)

Keyword-Only Parameters

Name Description
is_azure_monitor_target_enabled
bool

Specifies whether DevOps audit events are sent to Azure Monitor. In order to send the events to Azure Monitor, specify 'State' as 'Enabled' and 'IsAzureMonitorTargetEnabled' as true.

When using REST API to configure DevOps audit, Diagnostic Settings with 'DevOpsOperationsAudit' diagnostic logs category on the master database should be also created.

Diagnostic Settings URI format: PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/master/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview

For more information, see Diagnostic Settings REST API or Diagnostic Settings PowerShell.

Default value: None
is_managed_identity_in_use
bool

Specifies whether Managed Identity is used to access blob storage.

Default value: None
state
str or BlobAuditingPolicyState

Specifies the state of the audit. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required. Known values are: "Enabled" and "Disabled".

Default value: None
storage_endpoint
str

Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled is required.

Default value: None
storage_account_access_key
str

Specifies the identifier key of the auditing storage account. If state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage. Prerequisites for using managed identity authentication:

  1. Assign SQL Server a system-assigned managed identity in Azure Active Directory (AAD).

#. Grant SQL Server identity access to the storage account by adding 'Storage Blob Data Contributor' RBAC role to the server identity.

For more information, see >>`<<Auditing to storage using Managed Identity authentication

<https://go.microsoft.com/fwlink/?linkid=2114355>`_.

Default value: None
storage_account_subscription_id
str

Specifies the blob storage subscription Id.

Default value: None

Variables

Name Description
id
str

Resource ID.
name
str

Resource name.
type
str

Resource type.
system_data
SystemData

SystemData of ServerDevOpsAuditSettingsResource.
is_azure_monitor_target_enabled
bool

Specifies whether DevOps audit events are sent to Azure Monitor. In order to send the events to Azure Monitor, specify 'State' as 'Enabled' and 'IsAzureMonitorTargetEnabled' as true.

When using REST API to configure DevOps audit, Diagnostic Settings with 'DevOpsOperationsAudit' diagnostic logs category on the master database should be also created.

Diagnostic Settings URI format: PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/master/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview

For more information, see Diagnostic Settings REST API or Diagnostic Settings PowerShell.
is_managed_identity_in_use
bool

Specifies whether Managed Identity is used to access blob storage.
state
str or BlobAuditingPolicyState

Specifies the state of the audit. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required. Known values are: "Enabled" and "Disabled".
storage_endpoint
str

Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled is required.
storage_account_access_key
str

Specifies the identifier key of the auditing storage account. If state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage. Prerequisites for using managed identity authentication:

  1. Assign SQL Server a system-assigned managed identity in Azure Active Directory (AAD).

#. Grant SQL Server identity access to the storage account by adding 'Storage Blob Data Contributor' RBAC role to the server identity.

For more information, see >>`<<Auditing to storage using Managed Identity authentication

<https://go.microsoft.com/fwlink/?linkid=2114355>`_.
storage_account_subscription_id
str

Specifies the blob storage subscription Id.