Server DevOps Audit Settings - Create Or Update
Creates or updates a server's DevOps audit settings.
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/devOpsAuditingSettings/Default?api-version=2025-01-01URI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
dev
|
path | True | ||
|
resource
|
path | True |
string minLength: 1maxLength: 90 |
The name of the resource group. The name is case insensitive. |
|
server
|
path | True |
string |
The name of the server. |
|
subscription
|
path | True |
string (uuid) |
The ID of the target subscription. The value must be an UUID. |
|
api-version
|
query | True |
string minLength: 1 |
The API version to use for this operation. |
Request Body
| Name | Required | Type | Description |
|---|---|---|---|
| properties.state | True |
Specifies the state of the audit. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required. |
|
| properties.isAzureMonitorTargetEnabled |
boolean |
Specifies whether DevOps audit events are sent to Azure Monitor. In order to send the events to Azure Monitor, specify 'State' as 'Enabled' and 'IsAzureMonitorTargetEnabled' as true. When using REST API to configure DevOps audit, Diagnostic Settings with 'DevOpsOperationsAudit' diagnostic logs category on the master database should be also created. Diagnostic Settings URI format:
PUT For more information, see Diagnostic Settings REST API or Diagnostic Settings PowerShell |
|
| properties.isManagedIdentityInUse |
boolean |
Specifies whether Managed Identity is used to access blob storage |
|
| properties.storageAccountAccessKey |
string (password) |
Specifies the identifier key of the auditing storage account. If state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage. Prerequisites for using managed identity authentication:
|
|
| properties.storageAccountSubscriptionId |
string (uuid) |
Specifies the blob storage subscription Id. |
|
| properties.storageEndpoint |
string |
Specifies the blob storage endpoint (e.g. |
Responses
| Name | Type | Description |
|---|---|---|
| 200 OK |
Resource 'ServerDevOpsAuditingSettings' update operation succeeded |
|
| 202 Accepted |
Resource operation accepted. Headers
|
|
| Other Status Codes |
An unexpected error response. |
Security
azure_auth
Azure Active Directory OAuth2 Flow.
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Name | Description |
|---|---|
| user_impersonation | impersonate your user account |
Examples
|
Update a server's Dev |
|
Update a server's Dev |
Update a server's DevOps audit settings with all params
Sample request
PUT https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/devAuditTestRG/providers/Microsoft.Sql/servers/devOpsAuditTestSvr/devOpsAuditingSettings/Default?api-version=2025-01-01
{
"properties": {
"isAzureMonitorTargetEnabled": true,
"state": "Enabled",
"storageAccountAccessKey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"storageAccountSubscriptionId": "00000000-1234-0000-5678-000000000000",
"storageEndpoint": "https://mystorage.blob.core.windows.net"
}
}
Sample response
{
"name": "Default",
"type": "Microsoft.Sql/servers/devOpsAuditingSettings",
"id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/devAuditTestRG/providers/Microsoft.Sql/servers/devOpsAuditTestSvr/devOpsAuditingSettings/default",
"properties": {
"isAzureMonitorTargetEnabled": true,
"state": "Enabled",
"storageAccountSubscriptionId": "00000000-1234-0000-5678-000000000000",
"storageEndpoint": "https://mystorage.blob.core.windows.net"
}
}Update a server's DevOps audit settings with minimal input
Sample request
PUT https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/devAuditTestRG/providers/Microsoft.Sql/servers/devOpsAuditTestSvr/devOpsAuditingSettings/Default?api-version=2025-01-01
{
"properties": {
"state": "Enabled",
"storageAccountAccessKey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"storageEndpoint": "https://mystorage.blob.core.windows.net"
}
}
Sample response
{
"name": "Default",
"type": "Microsoft.Sql/servers/devOpsAuditingSettings",
"id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/devAuditTestRG/providers/Microsoft.Sql/servers/devOpsAuditTestSvr/devOpsAuditingSettings/default",
"properties": {
"state": "Enabled",
"storageAccountSubscriptionId": "00000000-1234-0000-5678-000000000000",
"storageEndpoint": "https://mystorage.blob.core.windows.net"
}
}Definitions
| Name | Description |
|---|---|
|
Blob |
Specifies the state of the audit. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required. |
|
created |
The type of identity that created the resource. |
|
Dev |
|
|
Error |
The resource management error additional info. |
|
Error |
The error detail. |
|
Error |
Error response |
|
Server |
A server DevOps auditing settings. |
|
system |
Metadata pertaining to creation and last modification of the resource. |
BlobAuditingPolicyState
Specifies the state of the audit. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required.
| Value | Description |
|---|---|
| Enabled |
Enabled |
| Disabled |
Disabled |
createdByType
The type of identity that created the resource.
| Value | Description |
|---|---|
| User | |
| Application | |
| ManagedIdentity | |
| Key |
DevOpsAuditingSettingsName
| Value | Description |
|---|---|
| Default |
Default |
ErrorAdditionalInfo
The resource management error additional info.
| Name | Type | Description |
|---|---|---|
| info |
object |
The additional info. |
| type |
string |
The additional info type. |
ErrorDetail
The error detail.
| Name | Type | Description |
|---|---|---|
| additionalInfo |
The error additional info. |
|
| code |
string |
The error code. |
| details |
The error details. |
|
| message |
string |
The error message. |
| target |
string |
The error target. |
ErrorResponse
Error response
| Name | Type | Description |
|---|---|---|
| error |
The error object. |
ServerDevOpsAuditingSettings
A server DevOps auditing settings.
| Name | Type | Description |
|---|---|---|
| id |
string (arm-id) |
Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" |
| name |
string |
The name of the resource |
| properties.isAzureMonitorTargetEnabled |
boolean |
Specifies whether DevOps audit events are sent to Azure Monitor. In order to send the events to Azure Monitor, specify 'State' as 'Enabled' and 'IsAzureMonitorTargetEnabled' as true. When using REST API to configure DevOps audit, Diagnostic Settings with 'DevOpsOperationsAudit' diagnostic logs category on the master database should be also created. Diagnostic Settings URI format:
PUT For more information, see Diagnostic Settings REST API or Diagnostic Settings PowerShell |
| properties.isManagedIdentityInUse |
boolean |
Specifies whether Managed Identity is used to access blob storage |
| properties.state |
Specifies the state of the audit. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required. |
|
| properties.storageAccountAccessKey |
string (password) |
Specifies the identifier key of the auditing storage account. If state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage. Prerequisites for using managed identity authentication:
|
| properties.storageAccountSubscriptionId |
string (uuid) |
Specifies the blob storage subscription Id. |
| properties.storageEndpoint |
string |
Specifies the blob storage endpoint (e.g. |
| systemData |
Azure Resource Manager metadata containing createdBy and modifiedBy information. |
|
| type |
string |
The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" |
systemData
Metadata pertaining to creation and last modification of the resource.
| Name | Type | Description |
|---|---|---|
| createdAt |
string (date-time) |
The timestamp of resource creation (UTC). |
| createdBy |
string |
The identity that created the resource. |
| createdByType |
The type of identity that created the resource. |
|
| lastModifiedAt |
string (date-time) |
The timestamp of resource last modification (UTC) |
| lastModifiedBy |
string |
The identity that last modified the resource. |
| lastModifiedByType |
The type of identity that last modified the resource. |