Related command
az sql server audit-policy update --predicate-expression "sqlserver.server_principal_name LIKE '%@domain.com'"
Is your feature request related to a problem? Please describe.
The argument --predicate-expression does not exist in the az powershell but in the AzureRM powershell it does.
As an example we are capable of:
Set-AzSqlServerAudit `
-ResourceGroupName "someRG" `
-ServerName "someServer" `
-BlobStorageTargetState "Enabled" `
-StorageAccountResourceId "someStorageAccountResourceId" `
-PredicateExpression "sqlserver.server_principal_name LIKE '%@domain.com'"
This is a problem because AzureRM will be deprecated in 2024.
This is important to us because we are in a situation where we would like to audit only activity performed by an employee with access to azure and not our hosted services. (example could be a developer running queries in the Azure Sql Query Editor)
Perhaps you can further clarify that if we enable this audit policy with predicate expression will that stop functioning once AzureRM deprecates ? Or are we from then on just not able to create more audit policies of the like ?
Describe the solution you'd like
add the argument --predicate-expression to az sql server audit-policy update as we know it from AzureRM
Describe alternatives you've considered
Perhaps not your area but the entire subject of Audit policies does not seem accessible from Azure portal which would probably be preferable for transparency for other co-developers
Related command
az sql server audit-policy update --predicate-expression "sqlserver.server_principal_name LIKE '%@domain.com'"Is your feature request related to a problem? Please describe.
The argument --predicate-expression does not exist in the az powershell but in the AzureRM powershell it does.
As an example we are capable of:
This is a problem because AzureRM will be deprecated in 2024.
This is important to us because we are in a situation where we would like to audit only activity performed by an employee with access to azure and not our hosted services. (example could be a developer running queries in the Azure Sql Query Editor)
Perhaps you can further clarify that if we enable this audit policy with predicate expression will that stop functioning once AzureRM deprecates ? Or are we from then on just not able to create more audit policies of the like ?
Describe the solution you'd like
add the argument
--predicate-expressiontoaz sql server audit-policy updateas we know it from AzureRMDescribe alternatives you've considered
Perhaps not your area but the entire subject of Audit policies does not seem accessible from Azure portal which would probably be preferable for transparency for other co-developers