MicrosoftThis new behavior obscures the actual user identity behind SQLDBControlPlaneFirstPartyApp within the Activity Log for database and SQL actions.
Accurate attribution of user-initiated operations is a requirement for auditing, governance, and security review. Until Activity Log entries consistently reflect the originating user identity, rather than a first-party application account. We consider this unacceptable.
TrackingID#2601060040004845
MicrosoftThank you for sharing your feedback. We understand your concerns, especially from a compliance standpoint, and we’ve passed your comments along to the product group for further review.
At present, preventing these events from being written to the Activity Log is challenging. All control‑plane requests to ARM are automatically logged (*1), and changing this behavior would likely require architectural updates within ARM itself.
Your feedback is well noted, and we agree that this is an important area for improvement. Please be aware that any enhancement in this space may take time, as it will require coordination across multiple product teams.
