Microsoft.Sql servers/databases/vulnerabilityAssessments 2022-02-01-preview

Bicep resource definition

The servers/databases/vulnerabilityAssessments resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Sql/servers/databases/vulnerabilityAssessments resource, add the following Bicep to your template.

resource symbolicname 'Microsoft.Sql/servers/databases/vulnerabilityAssessments@2022-02-01-preview' = {
  parent: resourceSymbolicName
  name: 'string'
  properties: {
    recurringScans: {
      emails: [
        'string'
      ]
      emailSubscriptionAdmins: bool
      isEnabled: bool
    }
    storageAccountAccessKey: 'string'
    storageContainerPath: 'string'
    storageContainerSasKey: 'string'
  }
}

Property values

DatabaseVulnerabilityAssessmentProperties

Name Description Value
recurringScans The recurring scans settings VulnerabilityAssessmentRecurringScansProperties
storageAccountAccessKey Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required. Applies only if the storage account is not behind a Vnet or a firewall string
storageContainerPath A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/). It is required if server level vulnerability assessment policy doesn't set string
storageContainerSasKey A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required. Applies only if the storage account is not behind a Vnet or a firewall string

Microsoft.Sql/servers/databases/vulnerabilityAssessments

Name Description Value
name The resource name 'default' (required)
parent In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource.

For more information, see Child resource outside parent resource.
Symbolic name for resource of type: servers/databases
properties Resource properties. DatabaseVulnerabilityAssessmentProperties

VulnerabilityAssessmentRecurringScansProperties

Name Description Value
emails Specifies an array of e-mail addresses to which the scan notification is sent. string[]
emailSubscriptionAdmins Specifies that the schedule scan notification will be is sent to the subscription administrators. bool
isEnabled Recurring scans state. bool

ARM template resource definition

The servers/databases/vulnerabilityAssessments resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Sql/servers/databases/vulnerabilityAssessments resource, add the following JSON to your template.

{
  "type": "Microsoft.Sql/servers/databases/vulnerabilityAssessments",
  "apiVersion": "2022-02-01-preview",
  "name": "string",
  "properties": {
    "recurringScans": {
      "emails": [ "string" ],
      "emailSubscriptionAdmins": "bool",
      "isEnabled": "bool"
    },
    "storageAccountAccessKey": "string",
    "storageContainerPath": "string",
    "storageContainerSasKey": "string"
  }
}

Property values

DatabaseVulnerabilityAssessmentProperties

Name Description Value
recurringScans The recurring scans settings VulnerabilityAssessmentRecurringScansProperties
storageAccountAccessKey Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required. Applies only if the storage account is not behind a Vnet or a firewall string
storageContainerPath A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/). It is required if server level vulnerability assessment policy doesn't set string
storageContainerSasKey A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required. Applies only if the storage account is not behind a Vnet or a firewall string

Microsoft.Sql/servers/databases/vulnerabilityAssessments

Name Description Value
apiVersion The api version '2022-02-01-preview'
name The resource name 'default' (required)
properties Resource properties. DatabaseVulnerabilityAssessmentProperties
type The resource type 'Microsoft.Sql/servers/databases/vulnerabilityAssessments'

VulnerabilityAssessmentRecurringScansProperties

Name Description Value
emails Specifies an array of e-mail addresses to which the scan notification is sent. string[]
emailSubscriptionAdmins Specifies that the schedule scan notification will be is sent to the subscription administrators. bool
isEnabled Recurring scans state. bool

Terraform (AzAPI provider) resource definition

The servers/databases/vulnerabilityAssessments resource type can be deployed with operations that target:

  • Resource groups

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Sql/servers/databases/vulnerabilityAssessments resource, add the following Terraform to your template.

resource "azapi_resource" "symbolicname" {
  type = "Microsoft.Sql/servers/databases/vulnerabilityAssessments@2022-02-01-preview"
  name = "string"
  body = jsonencode({
    properties = {
      recurringScans = {
        emails = [
          "string"
        ]
        emailSubscriptionAdmins = bool
        isEnabled = bool
      }
      storageAccountAccessKey = "string"
      storageContainerPath = "string"
      storageContainerSasKey = "string"
    }
  })
}

Property values

DatabaseVulnerabilityAssessmentProperties

Name Description Value
recurringScans The recurring scans settings VulnerabilityAssessmentRecurringScansProperties
storageAccountAccessKey Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required. Applies only if the storage account is not behind a Vnet or a firewall string
storageContainerPath A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/). It is required if server level vulnerability assessment policy doesn't set string
storageContainerSasKey A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required. Applies only if the storage account is not behind a Vnet or a firewall string

Microsoft.Sql/servers/databases/vulnerabilityAssessments

Name Description Value
name The resource name 'default' (required)
parent_id The ID of the resource that is the parent for this resource. ID for resource of type: servers/databases
properties Resource properties. DatabaseVulnerabilityAssessmentProperties
type The resource type "Microsoft.Sql/servers/databases/vulnerabilityAssessments@2022-02-01-preview"

VulnerabilityAssessmentRecurringScansProperties

Name Description Value
emails Specifies an array of e-mail addresses to which the scan notification is sent. string[]
emailSubscriptionAdmins Specifies that the schedule scan notification will be is sent to the subscription administrators. bool
isEnabled Recurring scans state. bool