Usare PowerShell per configurare il controllo e il rilevamento delle minacce per il database SQLUse PowerShell to configure SQL Database auditing and threat detection

Questo esempio di script di PowerShell configura il controllo e il rilevamento delle minacce del database SQL.This PowerShell script example configures SQL Database auditing and threat detection.

Questo esempio richiede il modulo Azure PowerShell 4.0 o versioni successive.This sample requires the Azure PowerShell module version 4.0 or later. Eseguire Get-Module -ListAvailable AzureRM per trovare la versione.Run Get-Module -ListAvailable AzureRM to find the version. Se è necessario eseguire l'installazione o l'aggiornamento, vedere come installare il modulo Azure PowerShell.If you need to install or upgrade, see Install Azure PowerShell module.

Eseguire Login-AzureRmAccount per creare una connessione con Azure.Run Login-AzureRmAccount to create a connection with Azure.

Script di esempioSample script

# Login-AzureRmAccount
# Set the resource group name and location for your server
$resourcegroupname = "myResourceGroup-$(Get-Random)"
$location = "southcentralus"
# Set an admin login and password for your server
$adminlogin = "ServerAdmin"
$password = "ChangeYourAdminPassword1"
# The logical server name has to be unique in the system
$servername = "server-$(Get-Random)"
# The sample database name
$databasename = "mySampleDatabase"
# The ip address range that you want to allow to access your server
$startip = "0.0.0.0"
$endip = "0.0.0.0"
# The storage account name has to be unique in the system
$storageaccountname = $("sql$(Get-Random)")
# Specify the email recipients for the threat detection alerts
$notificationemailreceipient = "changeto@your.email;changeto@your.email"

# Create a new resource group
$resourcegroup = New-AzureRmResourceGroup -Name $resourcegroupname -Location $location

# Create a new server with a system wide unique server name
$server = New-AzureRmSqlServer -ResourceGroupName $resourcegroupname `
    -ServerName $servername `
    -Location $location `
    -SqlAdministratorCredentials $(New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $adminlogin, $(ConvertTo-SecureString -String $password -AsPlainText -Force))

# Create a server firewall rule that allows access from the specified IP range
$serverfirewallrule = New-AzureRmSqlServerFirewallRule -ResourceGroupName $resourcegroupname `
    -ServerName $servername `
    -FirewallRuleName "AllowedIPs" -StartIpAddress $startip -EndIpAddress $endip

# Create a blank database with S0 performance level
$database = New-AzureRmSqlDatabase  -ResourceGroupName $resourcegroupname `
    -ServerName $servername `
    -DatabaseName $databasename -RequestedServiceObjectiveName "S0"
    
# Create a Storage Account 
$storageaccount = New-AzureRmStorageAccount -ResourceGroupName $resourcegroupname `
    -AccountName $storageaccountname `
    -Location $location `
    -Type "Standard_LRS"

# Set an auditing policy
Set-AzureRmSqlDatabaseAuditing -State Enabled `
    -ResourceGroupName $resourcegroupname `
    -ServerName $servername `
    -DatabaseName $databasename `
    -StorageAccountName $storageaccountname 

# Set a threat detection policy
Set-AzureRmSqlDatabaseThreatDetectionPolicy -ResourceGroupName $resourcegroupname `
    -ServerName $servername `
    -DatabaseName $databasename `
    -StorageAccountName $storageaccountname `
    -NotificationRecipientsEmails $notificationemailreceipient `
    -EmailAdmins $False

# Clean up deployment 
# Remove-AzureRmResourceGroup -ResourceGroupName $resourcegroupname

Pulire la distribuzioneClean up deployment

Dopo l'esecuzione dello script di esempio, è possibile usare il comando seguente per rimuovere il gruppo di risorse e tutte le risorse ad esso associate.After the script sample has been run, the following command can be used to remove the resource group and all resources associated with it.

Remove-AzureRmResourceGroup -ResourceGroupName $resourcegroupname

Spiegazione dello scriptScript explanation

Questo script usa i comandi seguenti.This script uses the following commands. Ogni comando della tabella include collegamenti alla documentazione specifica del comando.Each command in the table links to command specific documentation.

ComandoCommand NoteNotes
New-AzureRmResourceGroupNew-AzureRmResourceGroup Consente di creare un gruppo di risorse in cui sono archiviate tutte le risorse.Creates a resource group in which all resources are stored.
New-AzureRmSqlServerNew-AzureRmSqlServer Crea un server logico che ospita un database o un pool elastico.Creates a logical server that hosts a database or elastic pool.
New-AzureRmSqlDatabaseNew-AzureRmSqlDatabase Crea un database in un server logico come database singolo o in pool.Creates a database in a logical server as a single or a pooled database.
New-AzureRmStorageAccountNew-AzureRmStorageAccount Crea un account di archiviazione.Creates a Storage account.
Set-AzureRmSqlDatabaseAuditingPolicySet-AzureRmSqlDatabaseAuditingPolicy Imposta i criteri di controllo per un database.Sets the auditing policy for a database.
Set-AzureRmSqlDatabaseThreatDetectionPolicySet-AzureRmSqlDatabaseThreatDetectionPolicy Imposta i criteri di rilevamento delle minacce in un database.Sets a threat detection policy on a database.
Remove-AzureRmResourceGroupRemove-AzureRmResourceGroup Consente di eliminare un gruppo di risorse incluse tutte le risorse annidate.Deletes a resource group including all nested resources.

Passaggi successiviNext steps

Per altre informazioni su Azure PowerShell, vedere la documentazione di Azure PowerShell.For more information on the Azure PowerShell, see Azure PowerShell documentation.

Per altri esempi, vedere tra gli script di PowerShell per database SQL di Azure.Additional SQL Database PowerShell script samples can be found in the Azure SQL Database PowerShell scripts.