.alter managed_identity policy

The command sets the ManagedIdentity policy of the cluster or the specified database, overriding the existing policy.

Note

Managed identities should be assigned to the cluster (see instructions) before you can assign them to the ManagedIdentity policy.

Syntax

  • .alter cluster policy managed_identity ArrayOfPolicyObjects
  • .alter database DatabaseName policy managed_identity ArrayOfPolicyObjects

Arguments

Name Type Required Description
ArrayOfPolicyObjects array An array with zero or more ManagedIdentity policy objects defined.
DatabaseName string The name of the database.

Note

Policy objects must define the ObjectId and AllowedUsages properties. Other properties are automatically populated.

Getting the managed identity object ID

The object ID is available in the Azure portal on the managed identity's overview page.

Look for 'Object (principal) ID.

Returns

The command sets the cluster's or database's ManagedIdentity policy object, overriding any current policy, and then returns the output of the corresponding .show managed identity policy command.

If any of the specified managed identities is not assigned to the cluster, an error will be returned and the ManagedIdentity policy will not be modified.

Example

.alter database db policy managed_identity ```
[
  {
    "ObjectId": "d99c9846-1615-a2f9-a96f-78e136ba93eb",
    "AllowedUsages": "NativeIngestion, ExternalTable"
  }
]
```