Update-AzSecurityDefenderForStorage
Update the Defender for Storage settings on a specified storage account.
Syntax
Default (Default)
Update-AzSecurityDefenderForStorage
-ResourceId <String>
[-IsEnabled]
[-MalwareScanningScanResultsEventGridTopicResourceId <String>]
[-OnUploadCapGbPerMonth <Int32>]
[-OnUploadIsEnabled]
[-OverrideSubscriptionLevelSetting]
[-SensitiveDataDiscoveryIsEnabled]
[-DefaultProfile <PSObject>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Update the Defender for Storage settings on a specified storage account.
Examples
Example 1: Enable Defender for Storage V2 and Scanning Services
Update-AzSecurityDefenderForStorage -ResourceId "/subscriptions/<SubscriptionId>/resourcegroups/<ResourceGroupName>/providers/Microsoft.Storage/storageAccounts/<StorageAccountName>" -IsEnabled -OnUploadIsEnabled -OnUploadCapGbPerMonth 7000 -SensitiveDataDiscoveryIsEnabled
Id : /subscriptions/<SubscriptionId>/resourcegroups/<ResourceGroupName>/providers/Microsoft.Storage/storageAccounts/<StorageAccountName>
IsEnabled : True
MalwareScanningOperationStatusCode : Succeeded
MalwareScanningOperationStatusMessage :
MalwareScanningScanResultsEventGridTopicResourceId :
Name : current
OnUploadCapGbPerMonth : 7000
OnUploadIsEnabled : True
OverrideSubscriptionLevelSetting : False
ResourceGroupName : <ResourceGroupName>
SensitiveDataDiscoveryIsEnabled : True
SensitiveDataDiscoveryOperationStatusCode : Succeeded
SensitiveDataDiscoveryOperationStatusMessage :
Type : Microsoft.Security/defenderForStorageSettings
Example 2: Disable Defender for Storage V2 when Scanning Services are enabled
Update-AzSecurityDefenderForStorage -ResourceId "/subscriptions/<SubscriptionId>/resourcegroups/<ResourceGroupName>/providers/Microsoft.Storage/storageAccounts/<StorageAccountName>" -IsEnabled:$false -OnUploadIsEnabled:$false -SensitiveDataDiscoveryIsEnabled:$false
Id : /subscriptions/<SubscriptionId>/resourcegroups/<ResourceGroupName>/providers/Microsoft.Storage/storageAccounts/<StorageAccountName>
IsEnabled : False
MalwareScanningOperationStatusCode : Succeeded
MalwareScanningOperationStatusMessage :
MalwareScanningScanResultsEventGridTopicResourceId :
Name : current
OnUploadCapGbPerMonth : -1
OnUploadIsEnabled : False
OverrideSubscriptionLevelSetting : False
ResourceGroupName : <ResourceGroupName>
SensitiveDataDiscoveryIsEnabled : False
SensitiveDataDiscoveryOperationStatusCode : Succeeded
SensitiveDataDiscoveryOperationStatusMessage :
Type : Microsoft.Security/defenderForStorageSettings
Note that when Scanning Services are enabled, disabling them explicitly is required in order to disable Defender for Storage V2 (-IsEnabled:$false is not enough).
Parameters
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False Aliases: cf
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-DefaultProfile
The DefaultProfile parameter is not functional.
Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription.
Parameter properties
Type: PSObject
Default value: None Supports wildcards: False DontShow: False Aliases: AzureRMContext, AzureCredential
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-IsEnabled
Indicates whether Defender for Storage is enabled on this storage account.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-MalwareScanningScanResultsEventGridTopicResourceId
Optional.
Resource id of an Event Grid Topic to send scan results to.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-OnUploadCapGbPerMonth
Defines the max GB to be scanned per Month.
Set to -1 if no capping is needed.
Parameter properties
Type: Int32
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-OnUploadIsEnabled
Indicates whether On Upload malware scanning should be enabled.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-OverrideSubscriptionLevelSetting
Indicates whether the settings defined for this storage account should override the settings defined for the subscription.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-ResourceId
The identifier of the resource.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-SensitiveDataDiscoveryIsEnabled
Indicates whether Sensitive Data Discovery should be enabled.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False Aliases: wi
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
-InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable,
-ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see
about_CommonParameters .
Outputs
