Bewerken

Delen via


Convert-AzSqlInstanceDatabaseVulnerabilityAssessmentScan

Converts a vulnerability assessment scan results to Excel format.

Syntax

Convert-AzSqlInstanceDatabaseVulnerabilityAssessmentScan
       [-InstanceName] <String>
       [-DatabaseName] <String>
       [-ScanId <String>]
       [-ResourceGroupName] <String>
       [-DefaultProfile <IAzureContextContainer>]
       [-WhatIf]
       [-Confirm]
       [<CommonParameters>]
Convert-AzSqlInstanceDatabaseVulnerabilityAssessmentScan
       [-InputObject <VulnerabilityAssessmentScanRecordModel>]
       [-ScanId <String>]
       [-ResourceGroupName] <String>
       [-DefaultProfile <IAzureContextContainer>]
       [-WhatIf]
       [-Confirm]
       [<CommonParameters>]

Description

The Convert-AzSqlInstanceDatabaseVulnerabilityAssessmentScan cmdlet converts a scan results, that resides in the customer storage, identified by the ScanId parameter to an Excel format placed in the storage defined by the Update-AzSqlInstanceDatabaseVulnerabilityAssessmentSettings cmdlet. Note that you need to run Enable-AzSqlInstanceAdvancedDataSecurity and Update-AzSqlInstanceVulnerabilityAssessmentSetting cmdlet as a prerequisite for using this cmdlets.

Examples

Example 1 - Converts vulnerability assessment scan results and saves them to local disk

Update-AzSqlInstanceVulnerabilityAssessmentSetting `
            -ResourceGroupName "ResourceGroup01" `
            -InstanceName "ManagedInstance01" `
            -StorageAccountName "mystorage" 

Start-AzSqlInstanceDatabaseVulnerabilityAssessmentScan `
            -ResourceGroupName "ResourceGroup01" `
            -InstanceName "ManagedInstance01" `
            -DatabaseName "Database01" `
            -ScanId "myScan"

$convert_scan_results = Convert-AzSqlInstanceDatabaseVulnerabilityAssessmentScan `
                                    -ResourceGroupName "ResourceGroup01" `
                                    -InstanceName "ManagedInstance01" `
                                    -DatabaseName "Database01" `
									-ScanId "myScan" 
ResourceGroupName		: "ResourceGroup01"
InstanceName		: "ManagedInstance01"
DatabaseName	    : "Database01"
ScanId			        : "myScan"
ExportedReportLocation	: "https://myaccount.blob.core.windows.net/vulnerabilityAssessment/ManagedInstance01/Database01/scan_myScan.xlsx"
							
$connection_string_to_storage_account = "DefaultEndpointsProtocol=https;AccountName=myaccount...."
$converted_scan_results_download_local_folder = "C:\Downloads\"
$storage_account_context = New-AzStorageContext -ConnectionString $connection_string_to_storage_account
$convert_scan_result_splitted = $convert_scan_results.ExportedReportLocation -split "/"
$container_name = $convert_scan_result_splitted[3]
Get-AzStorageBlobContent -Blob ($a -split $container_name + '/')[1] `
		   -Container $container_name `
		   -Destination $converted_scan_results_download_local_folder `
		   -Context $storage_account_context

Example 2 - Converts a vulnerability assessment scan results from a scan record

Get-AzSqlInstanceDatabaseVulnerabilityAssessmentScanRecord `
                -ResourceGroupName "ResourceGroup01" `
                -InstanceName "ManagedInstance01" `
                -DatabaseName "Database01" `
                -ScanId "myScan" `
                | Convert-AzSqlInstanceDatabaseVulnerabilityAssessmentScan

ResourceGroupName		: "ResourceGroup01"
InstanceName		: "ManagedInstance01"
DatabaseName	    : "Database01"
ScanId			        : "myScan"
ExportedReportLocation	: "https://myaccount.blob.core.windows.net/vulnerabilityAssessment/ManagedInstance01/Database01/scan_myScan.xlsx"

Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DatabaseName

SQL Managed Database name.

Type:String
Position:2
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-InputObject

The scan record object to use in order to convert a Vulnerability Assessment scan

Type:VulnerabilityAssessmentScanRecordModel
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-InstanceName

SQL Managed Instance name.

Type:String
Position:1
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-ResourceGroupName

The name of the resource group.

Type:String
Position:0
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-ScanId

Specifies the scan ID.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

String

VulnerabilityAssessmentScanRecordModel

Outputs

ManagedDatabaseVulnerabilityAssessmentScanExportModel