Modifier

Partager via


Update-AzSqlInstanceDatabaseVulnerabilityAssessmentSetting

Updates the vulnerability assessment settings of a managed database.

Syntax

Update-AzSqlInstanceDatabaseVulnerabilityAssessmentSetting
      [-InstanceName] <String>
      [-DatabaseName] <String>
      [-StorageAccountName <String>]
      [-ScanResultsContainerName <String>]
      [-RecurringScansInterval <RecurringScansInterval>]
      [-EmailAdmins <Boolean>]
      [-NotificationEmail <String[]>]
      [-ResourceGroupName] <String>
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]
Update-AzSqlInstanceDatabaseVulnerabilityAssessmentSetting
      [-InstanceName] <String>
      [-DatabaseName] <String>
      -InputObject <VulnerabilityAssessmentSettingsModel>
      [-RecurringScansInterval <RecurringScansInterval>]
      [-EmailAdmins <Boolean>]
      [-NotificationEmail <String[]>]
      [-ResourceGroupName] <String>
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]
Update-AzSqlInstanceDatabaseVulnerabilityAssessmentSetting
      [-InstanceName] <String>
      [-DatabaseName] <String>
      -BlobStorageSasUri <Uri>
      [-RecurringScansInterval <RecurringScansInterval>]
      [-EmailAdmins <Boolean>]
      [-NotificationEmail <String[]>]
      [-ResourceGroupName] <String>
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]

Description

The Update-AzSqlInstanceDatabaseVulnerabilityAssessmentSetting cmdlet updates the vulnerability assessment settings of an Azure SQL Managed Database. Note that you need to run Enable-AzSqlInstanceAdvancedDataSecurity cmdlet as a prerequisite for using this cmdlet.

Examples

Example 1: Update Vulnerability Assessment settings with storage account name

Update-AzSqlInstanceDatabaseVulnerabilityAssessmentSetting `
            -ResourceGroupName "ResourceGroup01" `
            -InstanceName "ManagedInstance01" `
            -DatabaseName "Database01" `
            -StorageAccountName "mystorage" `
            -ScanResultsContainerName "vulnerability-assessment" `
            -RecurringScansInterval Weekly `
            -EmailAdmins $true `
            -NotificationEmail @("mail1@mail.com" , "mail2@mail.com")

ResourceGroupName				: ResourceGroup01
InstanceName			    	: ManagedInstance01
DatabaseName			    	: Database01
StorageAccountName     			: mystorage
ScanResultsContainerName		: vulnerability-assessment
RecurringScansInterval			: Weekly
EmailAdmins						: True
NotificationEmail				: {mail1@mail.com , mail2@mail.com}

Example 2: Update Vulnerability Assessment settings with blob storage SAS URI

Update-AzSqlInstanceDatabaseVulnerabilityAssessmentSetting `
            -ResourceGroupName "ResourceGroup01" `
            -InstanceName "ManagedInstance01" `
            -DatabaseName "Database01" `
            -BlobStorageSasUri "https://mystorage.blob.core.windows.net/vulnerability-assessment?st=XXXXXX" `
            -RecurringScansInterval Weekly `
            -EmailAdmins $true `
            -NotificationEmail @("mail1@mail.com" , "mail2@mail.com")

ResourceGroupName				: ResourceGroup01
InstanceName			   		: ManagedInstance01
DatabaseName			   		: Database01
StorageAccountName     			: mystorage
ScanResultsContainerName		: vulnerability-assessment
RecurringScansInterval			: Weekly
EmailAdmins						: True
NotificationEmail				: {mail1@mail.com , mail2@mail.com}

Example 3: Update the Vulnerability Assessment settings from ManagedDatabaseVulnerabilityAssessmentSettingsModel instance definition

Update-AzSqlInstanceDatabaseVulnerabilityAssessmentSetting `
            -ResourceGroupName "ResourceGroup01" `
            -InstanceName "ManagedInstance01" `
            -DatabaseName "Database01" `
            -StorageAccountName "mystorage" `
            -ScanResultsContainerName "vulnerability-assessment" `
            -RecurringScansInterval Weekly `
            -EmailAdmins $true `
            -NotificationEmail @("mail1@mail.com" , "mail2@mail.com")

Get-AzSqlInstanceDatabaseVulnerabilityAssessmentSetting `
            -ResourceGroupName "ResourceGroup01" `
            -InstanceName "ManagedInstance01" `
            -DatabaseName "Database01" 
            | Update-AzSqlInstanceDatabaseVulnerabilityAssessmentSetting `
                -ResourceGroupName "ResourceGroup02" `
                -InstanceName "ManagedInstance02" `
                -DatabaseName "Database02"

ResourceGroupName				: ResourceGroup02
InstanceName			   		: ManagedInstance02
DatabaseName			   		: Database02
StorageAccountName     			: mystorage
ScanResultsContainerName		: vulnerability-assessment
RecurringScansInterval			: Weekly
EmailAdmins						: True
NotificationEmail				: {mail1@mail.com , mail2@mail.com}

This command updated the Vulnerability Assessment settings on Database02 from the settings on Database01

Example 4: Update the Vulnerability Assessment settings on all the databases under a managed instance

Get-AzSqlInstanceDatabase -ResourceGroupName "ResourceGroup01" `
			-InstanceName $"ManagedInstance01" `
            | Where-Object {$_.Name -ne "master"}  `
            | Update-AzSqlInstanceDatabaseVulnerabilityAssessmentSetting `
                -StorageAccountName "mystorage" `
                -ScanResultsContainerName "vulnerability-assessment" `
                -RecurringScansInterval Weekly `
                -EmailAdmins $true `
				-NotificationEmail @("mail1@mail.com" , "mail2@mail.com")

ResourceGroupName				: ResourceGroup01
InstanceName			   		: ManagedInstance01
DatabaseName			   		: Database01
StorageAccountName     			: mystorage
ScanResultsContainerName		: vulnerability-assessment
RecurringScansInterval			: Weekly
EmailAdmins						: True
NotificationEmail				: {mail1@mail.com , mail2@mail.com}

ResourceGroupName				: ResourceGroup01
InstanceName			   		: ManagedInstance01
DatabaseName			   		: Database02
StorageAccountName     			: mystorage
ScanResultsContainerName		: vulnerability-assessment
RecurringScansInterval			: Weekly
EmailAdmins						: True
NotificationEmail				: {mail1@mail.com , mail2@mail.com}

This command updates all Vulnerability Assessment settings on all the databases under ManagedInstance01

Parameters

-BlobStorageSasUri

A SAS URI to a storage container that will hold the scan results.

Type:Uri
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DatabaseName

SQL Managed Database name.

Type:String
Position:2
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-EmailAdmins

A value indicating whether to email service and co-administrators on recurring scan completion.

Type:Boolean
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-InputObject

The Vulnerability Assessment settings object to set

Type:VulnerabilityAssessmentSettingsModel
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-InstanceName

SQL Managed Instance name.

Type:String
Position:1
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-NotificationEmail

A list of mail addresses to send on recurring scan completion.

Type:String[]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-RecurringScansInterval

The recurring scans interval.

Type:RecurringScansInterval
Accepted values:None, Weekly
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ResourceGroupName

The name of the resource group.

Type:String
Position:0
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-ScanResultsContainerName

The name of the storage container that will hold the scan results.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-StorageAccountName

The name of the storage account that will hold the scan results.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

String

VulnerabilityAssessmentSettingsModel

Uri

RecurringScansInterval

Boolean

String[]

Outputs

ManagedDatabaseVulnerabilityAssessmentSettingsModel