Database Vulnerability Assessment Rule Baselines - Create Or Update

Creates or updates a database's vulnerability assessment rule baseline.

PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/vulnerabilityAssessments/default/rules/{ruleId}/baselines/{baselineName}?api-version=2021-11-01

URI Parameters

Name In Required Type Description
baselineName
path True

VulnerabilityAssessmentPolicyBaselineName

The name of the vulnerability assessment rule baseline (default implies a baseline on a database level rule and master for server level rule).

databaseName
path True

string

The name of the database for which the vulnerability assessment rule baseline is defined.

resourceGroupName
path True

string

The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.

ruleId
path True

string

The vulnerability assessment rule ID.

serverName
path True

string

The name of the server.

subscriptionId
path True

string

The subscription ID that identifies an Azure subscription.

vulnerabilityAssessmentName
path True

VulnerabilityAssessmentName

The name of the vulnerability assessment.

api-version
query True

string

The API version to use for the request.

Request Body

Name Required Type Description
properties.baselineResults True

DatabaseVulnerabilityAssessmentRuleBaselineItem[]

The rule baseline result

Responses

Name Type Description
200 OK

DatabaseVulnerabilityAssessmentRuleBaseline

Successfully set the vulnerability assessment rule baseline.

Other Status Codes

*** Error Responses: ***

  • 400 VulnerabilityAssessmentStorageAuthenticationFailed - Could not authenticate to storage account '{0}' .

  • 400 VulnerabilityAssessmentInvalidPolicy - Vulnerability Assessment settings don't exist or invalid storage specified in settings.

  • 400 VulnerabilityAssessmentDatawarehouseDatabaseIsDeactivated - Could not execute Vulnerability Assessment operation because the database is paused. Please resume it.

  • 400 VulnerabilityAssessmentStorageOutboundFirewallNotAllowed - The storage account is not in the list of Outbound Firewall Rules.

  • 400 InvalidVulnerabilityAssessmentOperationRequest - The vulnerability assessment operation request does not exist or has no properties object.

  • 400 DataSecurityInvalidUserSuppliedParameter - An invalid parameter value was provided by the client.

  • 404 VulnerabilityAssessmentInvalidStorageAccount - The storage account '{0}' that was defined in the policy is invalid.

  • 404 SubscriptionDoesNotHaveServer - The requested server was not found

  • 404 SourceDatabaseNotFound - The source database does not exist.

  • 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.

  • 404 VulnerabilityAssessmentRuleDoesNotExists - Rule '{0}' does not exist.

  • 404 VulnerabilityAssessmentBaselineDoesNotExists - Baseline does not exist for rule '{0}'

  • 500 DatabaseIsUnavailable - Loading failed. Please try again later.

Examples

Creates or updates a database's vulnerability assessment rule baseline.

Sample request

PUT https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest-6440/databases/testdb/vulnerabilityAssessments/default/rules/VA1001/baselines/default?api-version=2021-11-01

{
  "properties": {
    "baselineResults": [
      {
        "result": [
          "userA",
          "SELECT"
        ]
      },
      {
        "result": [
          "userB",
          "SELECT"
        ]
      },
      {
        "result": [
          "userC",
          "SELECT",
          "tableId_4"
        ]
      }
    ]
  }
}

Sample response

{
  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest-6440/databases/testdb/vulnerabilityAssessments/default/rules/VA1001/baselines/default",
  "name": "default",
  "type": "Microsoft.Sql/servers/databases/vulnerabilityAssessments/rules/baselines",
  "properties": {
    "baselineResults": [
      {
        "result": [
          "userA",
          "SELECT"
        ]
      },
      {
        "result": [
          "userB",
          "SELECT"
        ]
      },
      {
        "result": [
          "userC",
          "SELECT",
          "tableId_4"
        ]
      }
    ]
  }
}

Definitions

Name Description
DatabaseVulnerabilityAssessmentRuleBaseline

A database vulnerability assessment rule baseline.

DatabaseVulnerabilityAssessmentRuleBaselineItem

Properties for an Azure SQL Database Vulnerability Assessment rule baseline's result.

VulnerabilityAssessmentName

The name of the vulnerability assessment.

VulnerabilityAssessmentPolicyBaselineName

The name of the vulnerability assessment rule baseline (default implies a baseline on a database level rule and master for server level rule).

DatabaseVulnerabilityAssessmentRuleBaseline

A database vulnerability assessment rule baseline.

Name Type Description
id

string

Resource ID.

name

string

Resource name.

properties.baselineResults

DatabaseVulnerabilityAssessmentRuleBaselineItem[]

The rule baseline result

type

string

Resource type.

DatabaseVulnerabilityAssessmentRuleBaselineItem

Properties for an Azure SQL Database Vulnerability Assessment rule baseline's result.

Name Type Description
result

string[]

The rule baseline result

VulnerabilityAssessmentName

The name of the vulnerability assessment.

Name Type Description
default

string

VulnerabilityAssessmentPolicyBaselineName

The name of the vulnerability assessment rule baseline (default implies a baseline on a database level rule and master for server level rule).

Name Type Description
default

string

master

string