Sql Vulnerability Assessment Scan Result - Get
Gets a vulnerability assessment scan record of a database.
GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/sqlVulnerabilityAssessments/default/scans/{scanId}/scanResults/{scanResultId}?systemDatabaseName=master&api-version=2024-05-01-preview
URI Parameters
Name | In | Required | Type | Description |
---|---|---|---|---|
resource
|
path | True |
string |
The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. |
scan
|
path | True |
string |
The scan id of the SQL Vulnerability Assessment scan to retrieve result from. |
scan
|
path | True |
string |
The scan result id of the specific result to retrieve. |
server
|
path | True |
string |
The name of the server. |
subscription
|
path | True |
string |
The subscription ID that identifies an Azure subscription. |
vulnerability
|
path | True |
The name of the SQL Vulnerability Assessment. |
|
api-version
|
query | True |
string |
The API version to use for the request. |
system
|
query | True |
The SQL vulnerability assessment system database name. |
Responses
Name | Type | Description |
---|---|---|
200 OK |
Successfully retrieved SQL Vulnerability Assessment scan results for id. |
|
Other Status Codes |
*** Error Responses: ***
|
Examples
Get a system database SQL Vulnerability Assessment scan result for scan id and scan result id
Sample request
GET https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityassessmenttest-4711/providers/Microsoft.Sql/servers/vulnerabilityassessmenttest-6411/sqlVulnerabilityAssessments/default/scans/scanId1/scanResults/VA1234?systemDatabaseName=master&api-version=2024-05-01-preview
Sample response
{
"properties": {
"ruleId": "VA1234",
"status": "NonFinding",
"errorMessage": null,
"isTrimmed": false,
"queryResults": [
[
"a1",
"a2",
"a3"
],
[
"b1",
"b2",
"b3"
]
],
"remediation": {
"description": "Remove users",
"scripts": [
"drop user a",
"drop user b"
],
"automated": false,
"portalLink": null
},
"baselineAdjustedResult": null,
"ruleMetadata": {
"ruleId": "VA1234",
"severity": "Informational",
"category": "information",
"ruleType": "NegativeList",
"title": "This is the title",
"description": "This is an example check",
"rationale": "This is important",
"queryCheck": {
"query": "Select a1,a2, a3",
"expectedResult": [],
"columnNames": [
"col1",
"col2",
"col3"
]
},
"benchmarkReferences": [
{
"benchmark": "fedramp",
"reference": "v1"
}
]
}
},
"id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityassessmenttest-4711/providers/Microsoft.Sql/servers/vulnerabilityassessmenttest-6411/sqlVulnerabilityAssessments/Default/scans/scanId1/scanResults/VA1234",
"name": "VA1234",
"type": "Microsoft.Sql/servers/sqlVulnerabilityAssessments/scans/scanResults"
}
Definitions
Name | Description |
---|---|
Baseline |
SQL Vulnerability Assessment baseline Details |
Baseline |
SQL Vulnerability Assessment baseline adjusted results |
Benchmark |
SQL Vulnerability Assessment benchmark reference |
created |
The type of identity that created the resource. |
Error |
The resource management error additional info. |
Error |
The error detail. |
Error |
Error response |
Query |
SQL Vulnerability Assessment query check object. |
Remediation |
SQL Vulnerability Assessment remediation Details. |
Rule |
SQL Vulnerability Assessment rule severity. |
Rule |
SQL Vulnerability Assessment baseline status |
Rule |
SQL Vulnerability Assessment rule type. |
Sql |
The name of the SQL Vulnerability Assessment. |
Sql |
|
system |
Metadata pertaining to creation and last modification of the resource. |
Va |
SQL Vulnerability Assessment rule metadata details. |
Vulnerability |
The SQL vulnerability assessment system database name. |
Baseline
SQL Vulnerability Assessment baseline Details
Name | Type | Description |
---|---|---|
expectedResults |
string[] |
SQL Vulnerability Assessment baseline expected results |
updatedTime |
string |
SQL Vulnerability Assessment baseline update time (UTC) |
BaselineAdjustedResult
SQL Vulnerability Assessment baseline adjusted results
Name | Type | Description |
---|---|---|
baseline |
SQL Vulnerability Assessment baseline details |
|
resultsNotInBaseline |
string[] |
SQL Vulnerability Assessment results that are not in baseline |
resultsOnlyInBaseline |
string[] |
SQL Vulnerability Assessment results that are in baseline. |
status |
SQL Vulnerability Assessment baseline status |
BenchmarkReference
SQL Vulnerability Assessment benchmark reference
Name | Type | Description |
---|---|---|
benchmark |
string |
SQL Vulnerability Assessment benchmark name |
reference |
string |
SQL Vulnerability Assessment benchmark reference. |
createdByType
The type of identity that created the resource.
Name | Type | Description |
---|---|---|
Application |
string |
|
Key |
string |
|
ManagedIdentity |
string |
|
User |
string |
ErrorAdditionalInfo
The resource management error additional info.
Name | Type | Description |
---|---|---|
info |
object |
The additional info. |
type |
string |
The additional info type. |
ErrorDetail
The error detail.
Name | Type | Description |
---|---|---|
additionalInfo |
The error additional info. |
|
code |
string |
The error code. |
details |
The error details. |
|
message |
string |
The error message. |
target |
string |
The error target. |
ErrorResponse
Error response
Name | Type | Description |
---|---|---|
error |
The error object. |
QueryCheck
SQL Vulnerability Assessment query check object.
Name | Type | Description |
---|---|---|
columnNames |
string[] |
SQL Vulnerability Assessment column names of query expected result. |
expectedResult |
string[] |
SQL Vulnerability Assessment query expected result. |
query |
string |
SQL Vulnerability Assessment rule query. |
Remediation
SQL Vulnerability Assessment remediation Details.
Name | Type | Description |
---|---|---|
automated |
boolean |
SQL Vulnerability Assessment is remediation automated. |
description |
string |
SQL Vulnerability Assessment remediation description. |
portalLink |
string |
SQL Vulnerability Assessment optional link to remediate in Azure Portal. |
scripts |
string[] |
SQL Vulnerability Assessment remediation script. |
RuleSeverity
SQL Vulnerability Assessment rule severity.
Name | Type | Description |
---|---|---|
High |
string |
|
Informational |
string |
|
Low |
string |
|
Medium |
string |
|
Obsolete |
string |
RuleStatus
SQL Vulnerability Assessment baseline status
Name | Type | Description |
---|---|---|
Finding |
string |
|
InternalError |
string |
|
NonFinding |
string |
RuleType
SQL Vulnerability Assessment rule type.
Name | Type | Description |
---|---|---|
BaselineExpected |
string |
|
Binary |
string |
|
NegativeList |
string |
|
PositiveList |
string |
SqlVulnerabilityAssessmentName
The name of the SQL Vulnerability Assessment.
Name | Type | Description |
---|---|---|
default |
string |
SqlVulnerabilityAssessmentScanResults
Name | Type | Description |
---|---|---|
id |
string |
Resource ID. |
name |
string |
Resource name. |
properties.baselineAdjustedResult |
SQL Vulnerability Assessment rule result adjusted with baseline. |
|
properties.errorMessage |
string |
SQL Vulnerability Assessment error message. |
properties.isTrimmed |
boolean |
SQL Vulnerability Assessment is the query results trimmed. |
properties.queryResults |
string[] |
SQL Vulnerability Assessment query results that was run. |
properties.remediation |
SQL Vulnerability Assessment the remediation details. |
|
properties.ruleId |
string |
SQL Vulnerability Assessment rule Id. |
properties.ruleMetadata |
SQL Vulnerability Assessment rule metadata. |
|
properties.status |
SQL Vulnerability Assessment rule result status. |
|
systemData |
SystemData of AdvancedThreatProtectionResource. |
|
type |
string |
Resource type. |
systemData
Metadata pertaining to creation and last modification of the resource.
Name | Type | Description |
---|---|---|
createdAt |
string |
The timestamp of resource creation (UTC). |
createdBy |
string |
The identity that created the resource. |
createdByType |
The type of identity that created the resource. |
|
lastModifiedAt |
string |
The timestamp of resource last modification (UTC) |
lastModifiedBy |
string |
The identity that last modified the resource. |
lastModifiedByType |
The type of identity that last modified the resource. |
VaRule
SQL Vulnerability Assessment rule metadata details.
Name | Type | Description |
---|---|---|
benchmarkReferences |
SQL Vulnerability Assessment benchmark references. |
|
category |
string |
SQL Vulnerability Assessment rule category. |
description |
string |
SQL Vulnerability Assessment rule description. |
queryCheck |
SQL Vulnerability Assessment rule query details. |
|
rationale |
string |
SQL Vulnerability Assessment rule rationale. |
ruleId |
string |
SQL Vulnerability Assessment rule Id. |
ruleType |
SQL Vulnerability Assessment rule type. |
|
severity |
SQL Vulnerability Assessment rule severity. |
|
title |
string |
SQL Vulnerability Assessment rule title. |
VulnerabilityAssessmentSystemDatabaseName
The SQL vulnerability assessment system database name.
Name | Type | Description |
---|---|---|
master |
string |