Cannot enable Advanced Threat Protection on Managed Instance server

Published Jan 05 2022 11:19 AM 1,001 Views
Microsoft

Issue:

 

The PowerShell command to enable Advanced Threat Protection on Managed Instance, fails with error: "Resource group 'x' could not be found":

 

 

Update-AzSqlServerAdvancedThreatProtectionSettings -ResourceGroupName "ResourceGroup11" -ServerName "Server01" -NotificationRecipientsEmails "admin01@contoso.com;secadmin@contoso.com" -EmailAdmins $False -ExcludedDetectionType "Sql_Injection_Vulnerability","SQL_Injection" -StorageAccountName "mystorageAccount"

 

 

Georgiana_Pache_0-1641403325625.png

 

Workaround:

 

If you are experiencing this issue, you can perform the following:

 

1. Set up the policy using ARM template: 

https://docs.microsoft.com/en-us/azure/templates/microsoft.sql/managedinstances/securityalertpolicie... 

 

or

 

2. Set up the policy using REST API: 

https://docs.microsoft.com/en-us/rest/api/sql/2021-02-01-preview/managed-server-security-alert-polic... 

 

Documentation:

Update-AzSqlServerAdvancedThreatProtectionSetting 

Microsoft.SqlmanagedInstances/securityAlertPolicies 

Managed Server Security Alert Policies 

2 Comments
%3CLINGO-SUB%20id%3D%22lingo-sub-3052741%22%20slang%3D%22en-US%22%3ECannot%20enable%20Advanced%20Threat%20Protection%20on%20Managed%20Instance%20server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3052741%22%20slang%3D%22en-US%22%3E%3CH2%20id%3D%22user-content-issue%22%20id%3D%22toc-hId-334595866%22%20id%3D%22toc-hId-390181903%22%3EIssue%3A%3C%2FH2%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThe%20PowerShell%20command%20to%20enable%20%3CSTRONG%3EAdvanced%20Threat%20Protection%3C%2FSTRONG%3E%20on%20Managed%20Instance%2C%20fails%20with%20error%3A%20%22%3CEM%3E%3CSTRONG%3EResource%20group%20'x'%20could%20not%20be%20found%3C%2FSTRONG%3E%3C%2FEM%3E%22%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CPRE%20class%3D%22lia-code-sample%20language-powershell%22%3E%3CCODE%3EUpdate-AzSqlServerAdvancedThreatProtectionSettings%20-ResourceGroupName%20%22ResourceGroup11%22%20-ServerName%20%22Server01%22%20-NotificationRecipientsEmails%20%22admin01%40contoso.com%3Bsecadmin%40contoso.com%22%20-EmailAdmins%20%24False%20-ExcludedDetectionType%20%22Sql_Injection_Vulnerability%22%2C%22SQL_Injection%22%20-StorageAccountName%20%22mystorageAccount%22%3C%2FCODE%3E%3C%2FPRE%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Georgiana_Pache_0-1641403325625.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F337602iB667AFE90FF3FA9C%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Georgiana_Pache_0-1641403325625.png%22%20alt%3D%22Georgiana_Pache_0-1641403325625.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CH2%20id%3D%22user-content-mitigation%22%20id%3D%22toc-hId--1472858597%22%20id%3D%22toc-hId--1417272560%22%3EWorkaround%3A%3C%2FH2%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EIf%20you%20are%20experiencing%20this%20issue%2C%20you%20can%20perform%20the%20following%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E1.%20Set%20up%20the%20policy%20using%20ARM%20template%3A%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CA%20class%3D%22%22%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Ftemplates%2Fmicrosoft.sql%2Fmanagedinstances%2Fsecurityalertpolicies%3Ftabs%3Djson%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Ftemplates%2Fmicrosoft.sql%2Fmanagedinstances%2Fsecurityalertpolicies%3Ftabs%3Djson%3C%2FA%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3Eor%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E2.%20Set%20up%20the%20policy%20using%20REST%20API%3A%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CA%20class%3D%22%22%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Frest%2Fapi%2Fsql%2F2021-02-01-preview%2Fmanaged-server-security-alert-policies%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Frest%2Fapi%2Fsql%2F2021-02-01-preview%2Fmanaged-server-security-alert-policies%3C%2FA%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%0A%3CH2%20id%3D%22user-content-public-doc-reference-(optional)%22%20id%3D%22toc-hId-1014654236%22%20id%3D%22toc-hId-1070240273%22%3E%26nbsp%3B%3C%2FH2%3E%0A%3CP%3E%3CSPAN%3EDocumentation%3A%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CA%20class%3D%22%22%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fpowershell%2Fmodule%2Faz.sql%2Fupdate-azsqlserveradvancedthreatprotectionsetting%3Fview%3Dazps-7.0.0%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EUpdate-AzSqlServerAdvancedThreatProtectionSetting%3C%2FA%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CA%20class%3D%22%22%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Ftemplates%2Fmicrosoft.sql%2Fmanagedinstances%2Fsecurityalertpolicies%3Ftabs%3Djson%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EMicrosoft.SqlmanagedInstances%2FsecurityAlertPolicies%3C%2FA%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CA%20class%3D%22%22%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Frest%2Fapi%2Fsql%2F2021-02-01-preview%2Fmanaged-server-security-alert-policies%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EManaged%20Server%20Security%20Alert%20Policies%3C%2FA%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-3052741%22%20slang%3D%22en-US%22%3E%3CP%3EWorkaround%20on%20how%20to%20enable%20Advanced%20Thread%20Protection%20on%20Managed%20Instance%20server%3C%2FP%3E%3C%2FLINGO-TEASER%3E
Co-Authors
Version history
Last update:
‎Jan 05 2022 09:37 AM
Updated by: