Server DevOps Audit Settings - Get

Reference

Service:: SQL Database

API Version:: 2021-02-01-preview

Gets a server's DevOps audit settings.

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/devOpsAuditingSettings/{devOpsAuditingSettingsName}?api-version=2021-02-01-preview

URI Parameters

Name	In	Required	Type	Description
devOpsAuditingSettingsName	path	True	string	The name of the devops audit settings. This should always be 'default'.
resourceGroupName	path	True	string	The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
serverName	path	True	string	The name of the server.
subscriptionId	path	True	string	The subscription ID that identifies an Azure subscription.
api-version	query	True	string	The API version to use for the request.

Responses

Name	Type	Description
200 OK	ServerDevOpsAuditingSettings	Successfully retrieved the server DevOps audit settings.
Other Status Codes		* Error Responses: * 404 SubscriptionDoesNotHaveServer - The requested server was not found 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.

Name

Type

Description

200 OK

ServerDevOpsAuditingSettings

Successfully retrieved the server DevOps audit settings.

Other Status Codes

*** Error Responses: ***

404 SubscriptionDoesNotHaveServer - The requested server was not found
404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.

Examples

Get a server's DevOps audit settings

Sample Request

GET https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/devAuditTestRG/providers/Microsoft.Sql/servers/devOpsAuditTestSvr/devOpsAuditingSettings/default?api-version=2021-02-01-preview

Sample Response

Status code:: 200

{
  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/devAuditTestRG/providers/Microsoft.Sql/servers/devOpsAuditTestSvr/devOpsAuditingSettings/default",
  "name": "default",
  "type": "Microsoft.Sql/servers/devOpsAuditingSettings",
  "properties": {
    "state": "Disabled",
    "storageEndpoint": "",
    "storageAccountSubscriptionId": "00000000-0000-0000-0000-000000000000",
    "isAzureMonitorTargetEnabled": false
  }
}

Definitions

BlobAuditingPolicyState	Specifies the state of the audit. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required.
createdByType	The type of identity that created the resource.
ServerDevOpsAuditingSettings	A server DevOps auditing settings.
systemData	Metadata pertaining to creation and last modification of the resource.

BlobAuditingPolicyState

Specifies the state of the audit. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required.

Name	Type	Description
Disabled	string
Enabled	string

createdByType

The type of identity that created the resource.

Name	Type	Description
Application	string
Key	string
ManagedIdentity	string
User	string

ServerDevOpsAuditingSettings

A server DevOps auditing settings.

Name	Type	Description
id	string	Resource ID.
name	string	Resource name.
properties.isAzureMonitorTargetEnabled	boolean	Specifies whether DevOps audit events are sent to Azure Monitor. In order to send the events to Azure Monitor, specify 'State' as 'Enabled' and 'IsAzureMonitorTargetEnabled' as true. When using REST API to configure DevOps audit, Diagnostic Settings with 'DevOpsOperationsAudit' diagnostic logs category on the master database should be also created. Diagnostic Settings URI format: PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/master/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview For more information, see Diagnostic Settings REST API or Diagnostic Settings PowerShell
properties.state	BlobAuditingPolicyState	Specifies the state of the audit. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required.
properties.storageAccountAccessKey	string	Specifies the identifier key of the auditing storage account. If state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage. Prerequisites for using managed identity authentication: Assign SQL Server a system-assigned managed identity in Azure Active Directory (AAD). Grant SQL Server identity access to the storage account by adding 'Storage Blob Data Contributor' RBAC role to the server identity. For more information, see Auditing to storage using Managed Identity authentication
properties.storageAccountSubscriptionId	string	Specifies the blob storage subscription Id.
properties.storageEndpoint	string	Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled is required.
systemData	systemData	SystemData of ServerDevOpsAuditSettingsResource.
type	string	Resource type.

systemData

Metadata pertaining to creation and last modification of the resource.

Name	Type	Description
createdAt	string	The timestamp of resource creation (UTC).
createdBy	string	The identity that created the resource.
createdByType	createdByType	The type of identity that created the resource.
lastModifiedAt	string	The timestamp of resource last modification (UTC)
lastModifiedBy	string	The identity that last modified the resource.
lastModifiedByType	createdByType	The type of identity that last modified the resource.