Open sabmayahai opened 4 years ago
Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @azureSQLGitHub.
sql
Is there any update? I have the same issue:
az sql server audit-policy update `
--name $ssName `
--state 'Enabled' `
--blob-storage-target-state 'Enabled' `
--retention-days '181' `
--actions 'BATCH_COMPLETED_GROUP' 'SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP' 'FAILED_DATABASE_AUTHENTICATION_GROUP' `
--storage-account $storageAccountName `
--resource-group $resourceGroup `
--subscription $subscription
The output is the same: Insufficient read or write permissions on storage account 'sapcpqdevsa'
I tried adding the bypass parameter:
--bypass 'AzureServices'
or
--bypass 'Logging
but that didn't help.
I found a recommendation to allow access from all networks in the Firewall configuration, but that is not an appropriate option for some situation.
sql service team should look into this.
mm.. i am still with this issue. Its being a long time. Have you found any solution?
Thanks!
Tried enabling sql auditing using cli, it failed with error "Insufficient read or write permissions on storage account ''"
While the corresponding powershell command worked.
AZ CLI Command: [Did not work]
az sql db audit-policy update --name --resource-group --server --retention-days 30 --storage-account --state Enabled --action SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP FAILED_DATABASE_AUTHENTICATION_GROUP
POWERSHELL Command [Worked]
Set-AzSqlDatabaseAudit -ResourceGroupName "" -ServerName "" -DatabaseName "" -BlobStorageTargetState Enabled -StorageAccountResourceId "/subscriptions/***/resourceGroups//providers/Microsoft.Storage/storageAccounts/" -AuditActionGroup SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP, FAILED_DATABASE_AUTHENTICATION_GROUP -RetentionInDays 30
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.