[AutoPR] sql/resource-manager (#2671)

* [AutoPR sql/resource-manager] Adding new value to VA baseline name (#2640) * Generated from 03645a856ba34f572618832814b410d8e2410ba2 Adding new value to VA baseline name Adding new value to VA baseline name * Generated from c9946efbfaf9f6a9f7765878a337784756ce951c Fix typo Fix typo * Generated from c3621b01ece4897d91763a7e4ba8d1e29d4d6832 Updating VulnerabilityAssessmentPolicyBaselineName * Generated from 5c8646bff054ea42bb05bef708e3c66c7d005c2e Fixed all comments * [AutoPR sql/resource-manager] Adding serverSecurityAlertPolicies.json from pr (#2697) * Generated from 462e8a68d6f8e8d169a1bf4340ca64ebdbce314d Fix validation error * Generated from bd7ff47b3e8549566c77c4ebc7de1e86703ac29e fixed comments * Generated from bd7ff47b3e8549566c77c4ebc7de1e86703ac29e fixed comments * [AutoPR sql/resource-manager] Add BackupShortTermRetentionListResult and update exceptions (#2711) * Generated from f2bb07205397d5771778173d8fc08e1660441fc7 Add BackupShortTermRetentionListResult and update exceptions * Generated from ca8661c9673dc5775e0bc7ce94fb773805235953 Use comnmon definition for ProxyResource * Generated from 65482c1a0eb55bd7b3dbf9be9f7018a0df05d229 Add ListShortTermRetentionPoliciesByDatabase example * [AutoPR sql/resource-manager] Fixed inconsistent definitions for SQL 2014 apis. (#2719) * Generated from 929fcc6c506c0ca401f39a48a3ea55a0a948f9e9 Fixed inconsistent definitions for SQL 2014 apis. * Generated from 929fcc6c506c0ca401f39a48a3ea55a0a948f9e9 Fixed inconsistent definitions for SQL 2014 apis. * Generated from a82909eab07e7a383975701b09d09a5fd0dfb967 (#2751) adding new state value to keep backward competiblity adding new state value to keep backward competiblity * [AutoPR sql/resource-manager] Adding Swagger for POST APIs used to upload a customer TDE certificates (#2759) * Generated from e3529a46fd8d20ae6db5a542fe9762a365879439 Adding Swagger for POST APIs used to upload a customer TDE certificate in CMS * Generated from 9f0ba3d29675d6160b4cd881c52991fef58e0927 Addressing Jared's comment on PR - Remove certificateName property - Remove Resource and ProxyResource manually - Edit TdeCertificate to reference "../../../common/v1/types.json#/definitions/ProxyResource" * Generated from 8a72b9ba5c2b5c8621cd628c62702a0bd4933259 Adding to all package-composite-v* and package-pure of appropriate version * Generated from 7ddb78c4a14cb8b09c405b2ae17b49ff26c23bf5 (#2892) Swagger of sensitivity labels APIs Adding swagger containing APIs of sensitivity labels, as long as usage examples of these APIs. * [AutoPR sql/resource-manager] [DO NOT MERGE] Add DatabaseVulnerabilityAssessments swagger (#2831) * Generated from 6444d2002961b584bdaf3c93623a498ca3066cde Clean non required params in version 10-2017 clean databaseVulnerabilityAssessmentScans * Generated from 135edfbe1c84314a9e283bc0f095e673dadbf6e0 fix error in execute scan example * Generated from 359416b0d2b799768c78568f0ecc5acab439c956 (#3077) fix SQL VA command copy paste typo Fix storageAccountAccessKey description. * [AutoPR sql/resource-manager] [DO NOT MERGE] Adding VA support for manged instance (#2872) * Generated from cb4adee8b49beb3221fbdb9f601ac7ea44b5af4a Adding VA support for manged instance * Generated from cb4adee8b49beb3221fbdb9f601ac7ea44b5af4a Adding VA support for manged instance * Generated from 05549665a5f0b09fc5e7058ffec2c09d91bf3ab0 (#3127) managed instance data classification REST API for version 2018-06-01-preview * [AutoPR sql/resource-manager] New Cmdlets for Management.Sql to allow customers to add TDE keys and set TDE protector (#3227) * Generated from bdb271f9fc7fa148176e6470e7e5b27cc2450c73 Changes for ManagedInstanceEncryptionProtectors * Generated from 724082f8646ab05191f7eee135fd674fd26d1a94 Changing operation id to ListByInstance as per Jared's recommendation * Generated from f5321fc054067d1d4e8937cfc92452bf4a6a4950 Addressed comments By @anuchandy - Changed comment to created or updated - changed operation if to listByInstance * [AutoPR sql/resource-manager] Remove sensitivityLabels from sql readme.md (#3296) * Generated from d49a9a7c5467546766948196e4ea8604951dbd1f Remove sensitivityLabels from sql readme.md There is a temporary issue with publishing the SDK containing this API, so it is removed from readme.md to avoid generating SDK. * Packaging update of azure-mgmt-sql * Generated from ae5e50da51607b6c59745d9d2969c4f6acba0d81 (#3326) Add algorithm types to threat detection disabled alerts description Added Data_Exfiltration and Unsafe_Action as allowed values to disabled alert. * [AutoPR sql/resource-manager] Swagger Changes to Add DnsZonePartner and Collation into Managed Instance (#3323) * Generated from d2e5203aaa23dc19a85a7242ff35baf7f45a5a54 Merge branch 'master' of https://github.com/ziwa-msft/azure-rest-api-specs * Generated from c4ce7b1e5f908cad7a0e13b6d9f5e2cbc54fce45 Manually removing specific definations for SKU and ResourceIdentity * Generated from 4e408cf25e90c40117abd3e7672f42187936a80d Fix indentations and misspel * [AutoPR sql/resource-manager] Adding VA support for manged instance - Update readme.md (#3482) * Generated from 1d3074c3f3f50b396875f414d62eec4195234f83 Update readme.md * Packaging update of azure-mgmt-sql * Packaging update of azure-mgmt-sql * Update version.py * Update HISTORY.rst
Azure · Oct 18, 2018 · 2b2d26f · 2b2d26f
1 parent afc2be4
commit 2b2d26f
Show file tree

Hide file tree

Showing 103 changed files with 5,241 additions and 759 deletions.
diff --git a/azure-mgmt-sql/HISTORY.rst b/azure-mgmt-sql/HISTORY.rst
@@ -3,6 +3,37 @@
 Release History
 ===============
 
+0.10.0 (2018-10-18)
++++++++++++++++++++
+
+**Features**
+
+- Model DatabaseVulnerabilityAssessment has a new parameter storage_account_access_key
+- Model ManagedInstanceUpdate has a new parameter dns_zone_partner
+- Model ManagedInstanceUpdate has a new parameter collation
+- Model ManagedInstanceUpdate has a new parameter dns_zone
+- Model ManagedInstance has a new parameter dns_zone_partner
+- Model ManagedInstance has a new parameter collation
+- Model ManagedInstance has a new parameter dns_zone
+- Added operation BackupShortTermRetentionPoliciesOperations.list_by_database
+- Added operation group ManagedDatabaseVulnerabilityAssessmentsOperations
+- Added operation group ExtendedDatabaseBlobAuditingPoliciesOperations
+- Added operation group TdeCertificatesOperations
+- Added operation group ManagedInstanceKeysOperations
+- Added operation group ServerBlobAuditingPoliciesOperations
+- Added operation group ManagedInstanceEncryptionProtectorsOperations
+- Added operation group ExtendedServerBlobAuditingPoliciesOperations
+- Added operation group ServerSecurityAlertPoliciesOperations
+- Added operation group ManagedDatabaseVulnerabilityAssessmentScansOperations
+- Added operation group ManagedInstanceTdeCertificatesOperations
+- Added operation group ManagedDatabaseVulnerabilityAssessmentRuleBaselinesOperations
+
+**Breaking changes**
+
+- Operation DatabaseVulnerabilityAssessmentRuleBaselinesOperations.delete has a new signature
+- Operation DatabaseVulnerabilityAssessmentRuleBaselinesOperations.get has a new signature
+- Operation DatabaseVulnerabilityAssessmentRuleBaselinesOperations.create_or_update has a new signature
+
 0.9.1 (2018-05-24)
 ++++++++++++++++++
 

diff --git a/azure-mgmt-sql/MANIFEST.in b/azure-mgmt-sql/MANIFEST.in
@@ -1 +1,4 @@
 include *.rst
+include azure/__init__.py
+include azure/mgmt/__init__.py
+
diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/__init__.py b/azure-mgmt-sql/azure/mgmt/sql/models/__init__.py
@@ -48,7 +48,6 @@
     from .transparent_data_encryption_activity_py3 import TransparentDataEncryptionActivity
     from .server_usage_py3 import ServerUsage
     from .database_usage_py3 import DatabaseUsage
-    from .database_blob_auditing_policy_py3 import DatabaseBlobAuditingPolicy
     from .automatic_tuning_options_py3 import AutomaticTuningOptions
     from .database_automatic_tuning_py3 import DatabaseAutomaticTuning
     from .encryption_protector_py3 import EncryptionProtector
@@ -81,6 +80,10 @@
     from .sync_member_py3 import SyncMember
     from .subscription_usage_py3 import SubscriptionUsage
     from .virtual_network_rule_py3 import VirtualNetworkRule
+    from .extended_database_blob_auditing_policy_py3 import ExtendedDatabaseBlobAuditingPolicy
+    from .extended_server_blob_auditing_policy_py3 import ExtendedServerBlobAuditingPolicy
+    from .server_blob_auditing_policy_py3 import ServerBlobAuditingPolicy
+    from .database_blob_auditing_policy_py3 import DatabaseBlobAuditingPolicy
     from .database_vulnerability_assessment_rule_baseline_item_py3 import DatabaseVulnerabilityAssessmentRuleBaselineItem
     from .database_vulnerability_assessment_rule_baseline_py3 import DatabaseVulnerabilityAssessmentRuleBaseline
     from .vulnerability_assessment_recurring_scans_properties_py3 import VulnerabilityAssessmentRecurringScansProperties
@@ -108,6 +111,7 @@
     from .server_automatic_tuning_py3 import ServerAutomaticTuning
     from .server_dns_alias_py3 import ServerDnsAlias
     from .server_dns_alias_acquisition_py3 import ServerDnsAliasAcquisition
+    from .server_security_alert_policy_py3 import ServerSecurityAlertPolicy
     from .restore_point_py3 import RestorePoint
     from .create_database_restore_point_definition_py3 import CreateDatabaseRestorePointDefinition
     from .database_operation_py3 import DatabaseOperation
@@ -144,6 +148,9 @@
     from .managed_instance_pair_info_py3 import ManagedInstancePairInfo
     from .instance_failover_group_py3 import InstanceFailoverGroup
     from .backup_short_term_retention_policy_py3 import BackupShortTermRetentionPolicy
+    from .tde_certificate_py3 import TdeCertificate
+    from .managed_instance_key_py3 import ManagedInstanceKey
+    from .managed_instance_encryption_protector_py3 import ManagedInstanceEncryptionProtector
 except (SyntaxError, ImportError):
     from .recoverable_database import RecoverableDatabase
     from .restorable_dropped_database import RestorableDroppedDatabase
@@ -183,7 +190,6 @@
     from .transparent_data_encryption_activity import TransparentDataEncryptionActivity
     from .server_usage import ServerUsage
     from .database_usage import DatabaseUsage
-    from .database_blob_auditing_policy import DatabaseBlobAuditingPolicy
     from .automatic_tuning_options import AutomaticTuningOptions
     from .database_automatic_tuning import DatabaseAutomaticTuning
     from .encryption_protector import EncryptionProtector
@@ -216,6 +222,10 @@
     from .sync_member import SyncMember
     from .subscription_usage import SubscriptionUsage
     from .virtual_network_rule import VirtualNetworkRule
+    from .extended_database_blob_auditing_policy import ExtendedDatabaseBlobAuditingPolicy
+    from .extended_server_blob_auditing_policy import ExtendedServerBlobAuditingPolicy
+    from .server_blob_auditing_policy import ServerBlobAuditingPolicy
+    from .database_blob_auditing_policy import DatabaseBlobAuditingPolicy
     from .database_vulnerability_assessment_rule_baseline_item import DatabaseVulnerabilityAssessmentRuleBaselineItem
     from .database_vulnerability_assessment_rule_baseline import DatabaseVulnerabilityAssessmentRuleBaseline
     from .vulnerability_assessment_recurring_scans_properties import VulnerabilityAssessmentRecurringScansProperties
@@ -243,6 +253,7 @@
     from .server_automatic_tuning import ServerAutomaticTuning
     from .server_dns_alias import ServerDnsAlias
     from .server_dns_alias_acquisition import ServerDnsAliasAcquisition
+    from .server_security_alert_policy import ServerSecurityAlertPolicy
     from .restore_point import RestorePoint
     from .create_database_restore_point_definition import CreateDatabaseRestorePointDefinition
     from .database_operation import DatabaseOperation
@@ -279,6 +290,9 @@
     from .managed_instance_pair_info import ManagedInstancePairInfo
     from .instance_failover_group import InstanceFailoverGroup
     from .backup_short_term_retention_policy import BackupShortTermRetentionPolicy
+    from .tde_certificate import TdeCertificate
+    from .managed_instance_key import ManagedInstanceKey
+    from .managed_instance_encryption_protector import ManagedInstanceEncryptionProtector
 from .recoverable_database_paged import RecoverableDatabasePaged
 from .restorable_dropped_database_paged import RestorableDroppedDatabasePaged
 from .server_paged import ServerPaged
@@ -330,6 +344,9 @@
 from .elastic_pool_operation_paged import ElasticPoolOperationPaged
 from .vulnerability_assessment_scan_record_paged import VulnerabilityAssessmentScanRecordPaged
 from .instance_failover_group_paged import InstanceFailoverGroupPaged
+from .backup_short_term_retention_policy_paged import BackupShortTermRetentionPolicyPaged
+from .managed_instance_key_paged import ManagedInstanceKeyPaged
+from .managed_instance_encryption_protector_paged import ManagedInstanceEncryptionProtectorPaged
 from .sql_management_client_enums import (
     CheckNameAvailabilityReason,
     ServerConnectionType,
@@ -355,7 +372,6 @@
     RecommendedIndexType,
     TransparentDataEncryptionStatus,
     TransparentDataEncryptionActivityStatus,
-    BlobAuditingPolicyState,
     AutomaticTuningMode,
     AutomaticTuningOptionModeDesired,
     AutomaticTuningOptionModeActual,
@@ -374,6 +390,7 @@
     SyncDirection,
     SyncMemberState,
     VirtualNetworkRuleState,
+    BlobAuditingPolicyState,
     JobAgentState,
     JobExecutionLifecycle,
     ProvisioningState,
@@ -405,6 +422,7 @@
     VulnerabilityAssessmentScanState,
     InstanceFailoverGroupReplicationRole,
     LongTermRetentionDatabaseState,
+    VulnerabilityAssessmentPolicyBaselineName,
     CapabilityGroup,
 )
 
@@ -447,7 +465,6 @@
     'TransparentDataEncryptionActivity',
     'ServerUsage',
     'DatabaseUsage',
-    'DatabaseBlobAuditingPolicy',
     'AutomaticTuningOptions',
     'DatabaseAutomaticTuning',
     'EncryptionProtector',
@@ -480,6 +497,10 @@
     'SyncMember',
     'SubscriptionUsage',
     'VirtualNetworkRule',
+    'ExtendedDatabaseBlobAuditingPolicy',
+    'ExtendedServerBlobAuditingPolicy',
+    'ServerBlobAuditingPolicy',
+    'DatabaseBlobAuditingPolicy',
     'DatabaseVulnerabilityAssessmentRuleBaselineItem',
     'DatabaseVulnerabilityAssessmentRuleBaseline',
     'VulnerabilityAssessmentRecurringScansProperties',
@@ -507,6 +528,7 @@
     'ServerAutomaticTuning',
     'ServerDnsAlias',
     'ServerDnsAliasAcquisition',
+    'ServerSecurityAlertPolicy',
     'RestorePoint',
     'CreateDatabaseRestorePointDefinition',
     'DatabaseOperation',
@@ -543,6 +565,9 @@
     'ManagedInstancePairInfo',
     'InstanceFailoverGroup',
     'BackupShortTermRetentionPolicy',
+    'TdeCertificate',
+    'ManagedInstanceKey',
+    'ManagedInstanceEncryptionProtector',
     'RecoverableDatabasePaged',
     'RestorableDroppedDatabasePaged',
     'ServerPaged',
@@ -594,6 +619,9 @@
     'ElasticPoolOperationPaged',
     'VulnerabilityAssessmentScanRecordPaged',
     'InstanceFailoverGroupPaged',
+    'BackupShortTermRetentionPolicyPaged',
+    'ManagedInstanceKeyPaged',
+    'ManagedInstanceEncryptionProtectorPaged',
     'CheckNameAvailabilityReason',
     'ServerConnectionType',
     'SecurityAlertPolicyState',
@@ -618,7 +646,6 @@
     'RecommendedIndexType',
     'TransparentDataEncryptionStatus',
     'TransparentDataEncryptionActivityStatus',
-    'BlobAuditingPolicyState',
     'AutomaticTuningMode',
     'AutomaticTuningOptionModeDesired',
     'AutomaticTuningOptionModeActual',
@@ -637,6 +664,7 @@
     'SyncDirection',
     'SyncMemberState',
     'VirtualNetworkRuleState',
+    'BlobAuditingPolicyState',
     'JobAgentState',
     'JobExecutionLifecycle',
     'ProvisioningState',
@@ -668,5 +696,6 @@
     'VulnerabilityAssessmentScanState',
     'InstanceFailoverGroupReplicationRole',
     'LongTermRetentionDatabaseState',
+    'VulnerabilityAssessmentPolicyBaselineName',
     'CapabilityGroup',
 ]
diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/backup_short_term_retention_policy_paged.py b/azure-mgmt-sql/azure/mgmt/sql/models/backup_short_term_retention_policy_paged.py
@@ -0,0 +1,27 @@
+# coding=utf-8
+# --------------------------------------------------------------------------
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License. See License.txt in the project root for
+# license information.
+#
+# Code generated by Microsoft (R) AutoRest Code Generator.
+# Changes may cause incorrect behavior and will be lost if the code is
+# regenerated.
+# --------------------------------------------------------------------------
+
+from msrest.paging import Paged
+
+
+class BackupShortTermRetentionPolicyPaged(Paged):
+    """
+    A paging container for iterating over a list of :class:`BackupShortTermRetentionPolicy <azure.mgmt.sql.models.BackupShortTermRetentionPolicy>` object
+    """
+
+    _attribute_map = {
+        'next_link': {'key': 'nextLink', 'type': 'str'},
+        'current_page': {'key': 'value', 'type': '[BackupShortTermRetentionPolicy]'}
+    }
+
+    def __init__(self, *args, **kwargs):
+
+        super(BackupShortTermRetentionPolicyPaged, self).__init__(*args, **kwargs)
diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/database_blob_auditing_policy.py b/azure-mgmt-sql/azure/mgmt/sql/models/database_blob_auditing_policy.py
@@ -43,14 +43,72 @@ class DatabaseBlobAuditingPolicy(ProxyResource):
     :param retention_days: Specifies the number of days to keep in the audit
      logs.
     :type retention_days: int
-    :param audit_actions_and_groups: Specifies the Actions and Actions-Groups
+    :param audit_actions_and_groups: Specifies the Actions-Groups and Actions
      to audit.
+     The recommended set of action groups to use is the following combination -
+     this will audit all the queries and stored procedures executed against the
+     database, as well as successful and failed logins:
+     BATCH_COMPLETED_GROUP,
+     SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,
+     FAILED_DATABASE_AUTHENTICATION_GROUP.
+     This above combination is also the set that is configured by default when
+     enabling auditing from the Azure portal.
+     The supported action groups to audit are (note: choose only specific
+     groups that cover your auditing needs. Using unnecessary groups could lead
+     to very large quantities of audit records):
+     APPLICATION_ROLE_CHANGE_PASSWORD_GROUP
+     BACKUP_RESTORE_GROUP
+     DATABASE_LOGOUT_GROUP
+     DATABASE_OBJECT_CHANGE_GROUP
+     DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP
+     DATABASE_OBJECT_PERMISSION_CHANGE_GROUP
+     DATABASE_OPERATION_GROUP
+     DATABASE_PERMISSION_CHANGE_GROUP
+     DATABASE_PRINCIPAL_CHANGE_GROUP
+     DATABASE_PRINCIPAL_IMPERSONATION_GROUP
+     DATABASE_ROLE_MEMBER_CHANGE_GROUP
+     FAILED_DATABASE_AUTHENTICATION_GROUP
+     SCHEMA_OBJECT_ACCESS_GROUP
+     SCHEMA_OBJECT_CHANGE_GROUP
+     SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP
+     SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP
+     SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP
+     USER_CHANGE_PASSWORD_GROUP
+     BATCH_STARTED_GROUP
+     BATCH_COMPLETED_GROUP
+     These are groups that cover all sql statements and stored procedures
+     executed against the database, and should not be used in combination with
+     other groups as this will result in duplicate audit logs.
+     For more information, see [Database-Level Audit Action
+     Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).
+     For Database auditing policy, specific Actions can also be specified (note
+     that Actions cannot be specified for Server auditing policy). The
+     supported actions to audit are:
+     SELECT
+     UPDATE
+     INSERT
+     DELETE
+     EXECUTE
+     RECEIVE
+     REFERENCES
+     The general form for defining an action to be audited is:
+     <action> ON <object> BY <principal>
+     Note that <object> in the above format can refer to an object like a
+     table, view, or stored procedure, or an entire database or schema. For the
+     latter cases, the forms DATABASE::<db_name> and SCHEMA::<schema_name> are
+     used, respectively.
+     For example:
+     SELECT on dbo.myTable by public
+     SELECT on DATABASE::myDatabase by public
+     SELECT on SCHEMA::mySchema by public
+     For more information, see [Database-Level Audit
+     Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)
     :type audit_actions_and_groups: list[str]
     :param storage_account_subscription_id: Specifies the blob storage
      subscription Id.
     :type storage_account_subscription_id: str
     :param is_storage_secondary_key_in_use: Specifies whether
-     storageAccountAccessKey value is the storage’s secondary key.
+     storageAccountAccessKey value is the storage's secondary key.
     :type is_storage_secondary_key_in_use: bool
     """
 

diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/database_blob_auditing_policy_py3.py b/azure-mgmt-sql/azure/mgmt/sql/models/database_blob_auditing_policy_py3.py
@@ -43,14 +43,72 @@ class DatabaseBlobAuditingPolicy(ProxyResource):
     :param retention_days: Specifies the number of days to keep in the audit
      logs.
     :type retention_days: int
-    :param audit_actions_and_groups: Specifies the Actions and Actions-Groups
+    :param audit_actions_and_groups: Specifies the Actions-Groups and Actions
      to audit.
+     The recommended set of action groups to use is the following combination -
+     this will audit all the queries and stored procedures executed against the
+     database, as well as successful and failed logins:
+     BATCH_COMPLETED_GROUP,
+     SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,
+     FAILED_DATABASE_AUTHENTICATION_GROUP.
+     This above combination is also the set that is configured by default when
+     enabling auditing from the Azure portal.
+     The supported action groups to audit are (note: choose only specific
+     groups that cover your auditing needs. Using unnecessary groups could lead
+     to very large quantities of audit records):
+     APPLICATION_ROLE_CHANGE_PASSWORD_GROUP
+     BACKUP_RESTORE_GROUP
+     DATABASE_LOGOUT_GROUP
+     DATABASE_OBJECT_CHANGE_GROUP
+     DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP
+     DATABASE_OBJECT_PERMISSION_CHANGE_GROUP
+     DATABASE_OPERATION_GROUP
+     DATABASE_PERMISSION_CHANGE_GROUP
+     DATABASE_PRINCIPAL_CHANGE_GROUP
+     DATABASE_PRINCIPAL_IMPERSONATION_GROUP
+     DATABASE_ROLE_MEMBER_CHANGE_GROUP
+     FAILED_DATABASE_AUTHENTICATION_GROUP
+     SCHEMA_OBJECT_ACCESS_GROUP
+     SCHEMA_OBJECT_CHANGE_GROUP
+     SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP
+     SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP
+     SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP
+     USER_CHANGE_PASSWORD_GROUP
+     BATCH_STARTED_GROUP
+     BATCH_COMPLETED_GROUP
+     These are groups that cover all sql statements and stored procedures
+     executed against the database, and should not be used in combination with
+     other groups as this will result in duplicate audit logs.
+     For more information, see [Database-Level Audit Action
+     Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).
+     For Database auditing policy, specific Actions can also be specified (note
+     that Actions cannot be specified for Server auditing policy). The
+     supported actions to audit are:
+     SELECT
+     UPDATE
+     INSERT
+     DELETE
+     EXECUTE
+     RECEIVE
+     REFERENCES
+     The general form for defining an action to be audited is:
+     <action> ON <object> BY <principal>
+     Note that <object> in the above format can refer to an object like a
+     table, view, or stored procedure, or an entire database or schema. For the
+     latter cases, the forms DATABASE::<db_name> and SCHEMA::<schema_name> are
+     used, respectively.
+     For example:
+     SELECT on dbo.myTable by public
+     SELECT on DATABASE::myDatabase by public
+     SELECT on SCHEMA::mySchema by public
+     For more information, see [Database-Level Audit
+     Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)
     :type audit_actions_and_groups: list[str]
     :param storage_account_subscription_id: Specifies the blob storage
      subscription Id.
     :type storage_account_subscription_id: str
     :param is_storage_secondary_key_in_use: Specifies whether
-     storageAccountAccessKey value is the storage’s secondary key.
+     storageAccountAccessKey value is the storage's secondary key.
     :type is_storage_secondary_key_in_use: bool
     """