Sql Vulnerability Assessment Rule Baseline - Create Or Update

Service:

SQL Database

API Version:

2024-05-01-preview

Creates or updates a database's vulnerability assessment rule baseline.

PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/sqlVulnerabilityAssessments/default/baselines/default/rules/{ruleId}?systemDatabaseName=master&api-version=2024-05-01-preview

URI Parameters

Name	In	Required	Type	Description
baselineName	path	True	BaselineName
resourceGroupName	path	True	string	The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
ruleId	path	True	string	The vulnerability assessment rule ID.
serverName	path	True	string	The name of the server.
subscriptionId	path	True	string	The subscription ID that identifies an Azure subscription.
vulnerabilityAssessmentName	path	True	VulnerabilityAssessmentName	The name of the vulnerability assessment.
api-version	query	True	string	The API version to use for the request.
systemDatabaseName	query	True	VulnerabilityAssessmentSystemDatabaseName	The vulnerability assessment system database name.

Request Body

Name	Required	Type	Description
properties.latestScan	True	boolean	The latest scan flag
properties.results	True	string[]	The rule baseline result

Responses

Name	Type	Description
200 OK	DatabaseSqlVulnerabilityAssessmentRuleBaseline	Successfully set the vulnerability assessment rule baseline.
Other Status Codes	ErrorResponse	*** Error Responses: *** 400 SqlVulnerabilityAssessmentIsDisabled - SQL vulnerability assessment feature is disabled. please enable the feature before executing other SQL vulnerability assessment operations. 400 InvalidSqlVulnerabilityAssessmentBaselineInput - The SQL vulnerability assessment baseline input is null or empty. 400 SqlVulnerabilityAssessmentInvalidUserSuppliedParameter - An invalid parameter value was provided by the client. 400 SqlVulnerabilityAssessmentInvalidUserSuppliedParameter - An invalid parameter value was provided by the client. 400 InvalidSqlVulnerabilityAssessmentBaselineInput - The SQL vulnerability assessment baseline input is null or empty. 400 InvalidSqlVulnerabilityAssessmentSettingsInput - The SQL vulnerability assessment setting input is null or empty 400 SqlVulnerabilityAssessmentScanResultsAreNotAvailableYet - SQL vulnerability assessment results are not available yet, please try again later. 400 SqlVulnerabilityAssessmentInvalidRuleId - The SQL vulnerability assessment rule id is invalid. 400 SqlVulnerabilityAssessmentScanDoesNotExist - SQL vulnerability assessment scan does not exist. 400 SqlVulnerabilityAssessmentNoBaseline - No baseline have been found for the latest scan in the resource 400 SqlVulnerabilityAssessmentNoRuleBaseline - No SQL vulnerability assessment baseline was found 400 SqlVulnerabilityAssessmentBaselineNoScanResults - No scan results have been found for rule Id. To set a baseline there must be results for this rule in the latest scan available 400 SqlVulnerabilityAssessmentBadBinaryRuleFormat - Input for binary rule is not a boolean representation 400 SqlVulnerabilityAssessmentBadRuleFormat - The provided results do not comply with the actual layout of the scan results 400 SqlVulnerabilityAssessmentBadRuleWithoutRuleIdFormat - The provided results do not comply with the actual layout of the scan results 400 SqlVulnerabilityAssessmentBadBinaryRuleWithoutRuleIdFormat - Input for binary rule is not a boolean representation 400 SqlVulnerabilityAssessmentBaselineNoScanResultsWithoutRuleId - No scan results have been found for one of the rules. To set a baseline there must be results for this rule in the latest scan available 400 SqlVulnerabilityAssessmentEmptyBaseline - Baseline not set because the results are null or empty 404 SubscriptionDoesNotHaveServer - The requested server was not found 404 SourceDatabaseNotFound - The source database does not exist. 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance. 409 DatabaseVulnerabilityAssessmentScanIsAlreadyInProgress - SQL Vulnerability Assessment scan is already in progress 409 SqlVulnerabilityAssessmentStoragefullApiIsEnabled - Vulnerability Assessment is enabled on this server or one of its underlying databases with an incompatible version. Additional troubleshooting information can be found https://aka.ms/SQLVAStoragelessDocumentation. 500 DatabaseIsUnavailable - Loading failed. Please try again later.

Examples

Creates or updates a database's vulnerability assessment rule baseline.

Sample request

HTTP

PUT https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest-6440/sqlVulnerabilityAssessments/default/baselines/default/rules/VA1001?systemDatabaseName=master&api-version=2024-05-01-preview

{
  "properties": {
    "latestScan": false,
    "results": [
      [
        "userA",
        "SELECT"
      ],
      [
        "userB",
        "SELECT"
      ],
      [
        "userC",
        "SELECT"
      ]
    ]
  }
}

Sample response

Status code:

200

{
  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest-6440/sqlVulnerabilityAssessments/default/rules/VA1001",
  "name": "Scan123",
  "type": "Microsoft.Sql/servers/vulnerabilityAssessments/rules/baselines",
  "properties": {
    "results": [
      [
        "userA",
        "SELECT"
      ],
      [
        "userB",
        "SELECT"
      ],
      [
        "userC",
        "SELECT"
      ]
    ]
  }
}

Definitions

Name	Description
BaselineName
createdByType	The type of identity that created the resource.
DatabaseSqlVulnerabilityAssessmentRuleBaseline	A database sql vulnerability assessment rule baseline.
DatabaseSqlVulnerabilityAssessmentRuleBaselineInput	A database sql vulnerability assessment rule baseline input.
ErrorAdditionalInfo	The resource management error additional info.
ErrorDetail	The error detail.
ErrorResponse	Error response
systemData	Metadata pertaining to creation and last modification of the resource.
VulnerabilityAssessmentName	The name of the vulnerability assessment.
VulnerabilityAssessmentSystemDatabaseName	The vulnerability assessment system database name.

BaselineName

Name	Type	Description
default	string

createdByType

The type of identity that created the resource.

Name	Type	Description
Application	string
Key	string
ManagedIdentity	string
User	string

DatabaseSqlVulnerabilityAssessmentRuleBaseline

A database sql vulnerability assessment rule baseline.

Name	Type	Description
id	string	Resource ID.
name	string	Resource name.
properties.results	string[]	The rule baseline result
systemData	systemData	SystemData of DatabaseSqlVulnerabilityAssessmentRuleBaselineResource.
type	string	Resource type.

DatabaseSqlVulnerabilityAssessmentRuleBaselineInput

A database sql vulnerability assessment rule baseline input.

Name	Type	Description
id	string	Resource ID.
name	string	Resource name.
properties.latestScan	boolean	The latest scan flag
properties.results	string[]	The rule baseline result
systemData	systemData	SystemData of DatabaseSqlVulnerabilityAssessmentRuleBaselineInputResource.
type	string	Resource type.

ErrorAdditionalInfo

The resource management error additional info.

Name	Type	Description
info	object	The additional info.
type	string	The additional info type.

ErrorDetail

The error detail.

Name	Type	Description
additionalInfo	ErrorAdditionalInfo[]	The error additional info.
code	string	The error code.
details	ErrorDetail[]	The error details.
message	string	The error message.
target	string	The error target.

ErrorResponse

Error response

Name	Type	Description
error	ErrorDetail	The error object.

systemData

Metadata pertaining to creation and last modification of the resource.

Name	Type	Description
createdAt	string	The timestamp of resource creation (UTC).
createdBy	string	The identity that created the resource.
createdByType	createdByType	The type of identity that created the resource.
lastModifiedAt	string	The timestamp of resource last modification (UTC)
lastModifiedBy	string	The identity that last modified the resource.
lastModifiedByType	createdByType	The type of identity that last modified the resource.

VulnerabilityAssessmentName

The name of the vulnerability assessment.

Name	Type	Description
default	string

VulnerabilityAssessmentSystemDatabaseName

The vulnerability assessment system database name.

Name	Type	Description
master	string