Managed Instance Vulnerability Assessments - Create Or Update
Creates or updates the managed instance's vulnerability assessment. Learn more about setting SQL vulnerability assessment with managed identity - https://docs.microsoft.com/azure/azure-sql/database/sql-database-vulnerability-assessment-storage
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/managedInstances/{managedInstanceName}/vulnerabilityAssessments/default?api-version=2021-11-01URI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
managed
|
path | True |
string |
The name of the managed instance for which the vulnerability assessment is defined. |
|
resource
|
path | True |
string |
The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. |
|
subscription
|
path | True |
string |
The subscription ID that identifies an Azure subscription. |
|
vulnerability
|
path | True |
The name of the vulnerability assessment. |
|
|
api-version
|
query | True |
string |
The API version to use for the request. |
Request Body
| Name | Required | Type | Description |
|---|---|---|---|
| properties.storageContainerPath | True |
string |
A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/). |
| properties.recurringScans |
The recurring scans settings |
||
| properties.storageAccountAccessKey |
string |
Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required. Applies only if the storage account is not behind a Vnet or a firewall |
|
| properties.storageContainerSasKey |
string |
A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required. Applies only if the storage account is not behind a Vnet or a firewall |
Responses
| Name | Type | Description |
|---|---|---|
| 200 OK |
Successfully set the vulnerability assessment. |
|
| 201 Created |
Successfully created the vulnerability assessment. |
|
| Other Status Codes |
*** Error Responses: ***
|
Examples
Create a managed instance's vulnerability assessment with all parameters
Sample request
PUT https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/managedInstances/vulnerabilityaseessmenttest-6440/vulnerabilityAssessments/default?api-version=2021-11-01
{
"properties": {
"storageContainerPath": "https://myStorage.blob.core.windows.net/vulnerability-assessment/",
"storageContainerSasKey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"storageAccountAccessKey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"recurringScans": {
"isEnabled": true,
"emailSubscriptionAdmins": true,
"emails": [
"email1@mail.com",
"email2@mail.com"
]
}
}
}
Sample response
{
"id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/managedInstances/vulnerabilityaseessmenttest-6440/vulnerabilityAssessments/default",
"name": "default",
"type": "Microsoft.Sql/managedInstances/vulnerabilityAssessments",
"properties": {
"recurringScans": {
"isEnabled": true,
"emailSubscriptionAdmins": true,
"emails": [
"email1@mail.com",
"email2@mail.com"
]
}
}
}{
"id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/managedInstances/vulnerabilityaseessmenttest-6440/vulnerabilityAssessments/default",
"name": "default",
"type": "Microsoft.Sql/managedInstances/vulnerabilityAssessments",
"properties": {
"recurringScans": {
"isEnabled": true,
"emailSubscriptionAdmins": true,
"emails": [
"email1@mail.com",
"email2@mail.com"
]
}
}
}Create a managed instance's vulnerability assessment with minimal parameters, when storageAccountAccessKey is specified
Sample request
PUT https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/managedInstances/vulnerabilityaseessmenttest-6440/vulnerabilityAssessments/default?api-version=2021-11-01
{
"properties": {
"storageContainerPath": "https://myStorage.blob.core.windows.net/vulnerability-assessment/",
"storageAccountAccessKey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}
}
Sample response
{
"id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/managedInstances/vulnerabilityaseessmenttest-6440/vulnerabilityAssessments/default",
"name": "default",
"type": "Microsoft.Sql/managedInstances/vulnerabilityAssessments",
"properties": {
"recurringScans": {
"isEnabled": true,
"emailSubscriptionAdmins": false,
"emails": []
}
}
}{
"id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/managedInstances/vulnerabilityaseessmenttest-6440/vulnerabilityAssessments/default",
"name": "default",
"type": "Microsoft.Sql/managedInstances/vulnerabilityAssessments",
"properties": {
"recurringScans": {
"isEnabled": true,
"emailSubscriptionAdmins": false,
"emails": []
}
}
}Create a managed instance's vulnerability assessment with minimal parameters, when storageContainerSasKey is specified
Sample request
PUT https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/managedInstances/vulnerabilityaseessmenttest-6440/vulnerabilityAssessments/default?api-version=2021-11-01
{
"properties": {
"storageContainerPath": "https://myStorage.blob.core.windows.net/vulnerability-assessment/",
"storageContainerSasKey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}
}
Sample response
{
"id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/managedInstances/vulnerabilityaseessmenttest-6440/vulnerabilityAssessments/default",
"name": "default",
"type": "Microsoft.Sql/managedInstances/vulnerabilityAssessments",
"properties": {
"recurringScans": {
"isEnabled": true,
"emailSubscriptionAdmins": false,
"emails": []
}
}
}{
"id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/managedInstances/vulnerabilityaseessmenttest-6440/vulnerabilityAssessments/default",
"name": "default",
"type": "Microsoft.Sql/managedInstances/vulnerabilityAssessments",
"properties": {
"recurringScans": {
"isEnabled": true,
"emailSubscriptionAdmins": false,
"emails": []
}
}
}Definitions
| Name | Description |
|---|---|
|
Managed |
A managed instance vulnerability assessment. |
|
Vulnerability |
The name of the vulnerability assessment. |
|
Vulnerability |
Properties of a Vulnerability Assessment recurring scans. |
ManagedInstanceVulnerabilityAssessment
A managed instance vulnerability assessment.
| Name | Type | Description |
|---|---|---|
| id |
string |
Resource ID. |
| name |
string |
Resource name. |
| properties.recurringScans |
The recurring scans settings |
|
| properties.storageAccountAccessKey |
string |
Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required. Applies only if the storage account is not behind a Vnet or a firewall |
| properties.storageContainerPath |
string |
A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/). |
| properties.storageContainerSasKey |
string |
A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required. Applies only if the storage account is not behind a Vnet or a firewall |
| type |
string |
Resource type. |
VulnerabilityAssessmentName
The name of the vulnerability assessment.
| Name | Type | Description |
|---|---|---|
| default |
string |
VulnerabilityAssessmentRecurringScansProperties
Properties of a Vulnerability Assessment recurring scans.
| Name | Type | Default value | Description |
|---|---|---|---|
| emailSubscriptionAdmins |
boolean |
True |
Specifies that the schedule scan notification will be is sent to the subscription administrators. |
| emails |
string[] |
Specifies an array of e-mail addresses to which the scan notification is sent. |
|
| isEnabled |
boolean |
Recurring scans state. |