Pobiera wyniki skanowania pojedynczej reguły w rekordzie skanowania.
GET https://management.azure.com/{resourceId}/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/{scanId}/scanResults/{scanResultId}?workspaceId={workspaceId}&api-version=2023-02-01-preview
Parametry identyfikatora URI
| Nazwa |
W |
Wymagane |
Typ |
Opis |
|
resourceId
|
path |
True
|
string
|
Identyfikator zasobu.
|
|
scanId
|
path |
True
|
string
|
Identyfikator skanowania. Wpisz ciąg "latest", aby uzyskać wyniki skanowania dla najnowszego skanowania.
|
|
scanResultId
|
path |
True
|
string
|
Identyfikator reguły wyników.
|
|
api-version
|
query |
True
|
string
|
Wersja interfejsu API.
|
|
workspaceId
|
query |
True
|
string
|
Identyfikator obszaru roboczego.
|
Odpowiedzi
| Nazwa |
Typ |
Opis |
|
200 OK
|
ScanResult
|
Zwraca wyniki skanowania.
|
|
Other Status Codes
|
CloudError
|
Odpowiedź na błąd opisująca, dlaczego operacja nie powiodła się.
|
Zabezpieczenia
azure_auth
Przepływ protokołu OAuth2 usługi Azure Active Directory
Typ:
oauth2
Flow:
implicit
Adres URL autoryzacji:
https://login.microsoftonline.com/common/oauth2/authorize
Zakresy
| Nazwa |
Opis |
|
user_impersonation
|
personifikacja konta użytkownika
|
Przykłady
Get scan details of a scan record
Przykładowe żądanie
GET https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults/VA2063?workspaceId=55555555-6666-7777-8888-999999999999&api-version=2023-02-01-preview
/**
* Samples for SqlVulnerabilityAssessmentScanResults Get.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/
* sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_Get.json
*/
/**
* Sample code: Get scan details of a scan record.
*
* @param manager Entry point to SecurityManager.
*/
public static void getScanDetailsOfAScanRecord(com.azure.resourcemanager.security.SecurityManager manager) {
manager.sqlVulnerabilityAssessmentScanResults().getWithResponse("Scheduled-20200623", "VA2063",
"55555555-6666-7777-8888-999999999999",
"subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master",
com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armsecurity_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_Get.json
func ExampleSQLVulnerabilityAssessmentScanResultsClient_Get_getScanDetailsOfAScanRecord() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewSQLVulnerabilityAssessmentScanResultsClient().Get(ctx, "Scheduled-20200623", "VA2063", "55555555-6666-7777-8888-999999999999", "subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master", nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ScanResult = armsecurity.ScanResult{
// Name: to.Ptr("VA2063"),
// Type: to.Ptr("Microsoft.Security/sqlVulnerabilityAssessments/scans/scanResults"),
// ID: to.Ptr("/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults/VA2063"),
// Properties: &armsecurity.ScanResultProperties{
// BaselineAdjustedResult: &armsecurity.BaselineAdjustedResult{
// Baseline: &armsecurity.Baseline{
// ExpectedResults: [][]*string{
// []*string{
// to.Ptr("Test"),
// to.Ptr("0.0.0.0"),
// to.Ptr("125.125.125.125")}},
// UpdatedTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-02-04T12:49:41.027Z"); return t}()),
// },
// ResultsNotInBaseline: [][]*string{
// },
// ResultsOnlyInBaseline: [][]*string{
// },
// Status: to.Ptr(armsecurity.RuleStatusNonFinding),
// },
// IsTrimmed: to.Ptr(false),
// QueryResults: [][]*string{
// []*string{
// to.Ptr("Test"),
// to.Ptr("0.0.0.0"),
// to.Ptr("125.125.125.125")}},
// Remediation: &armsecurity.Remediation{
// Description: to.Ptr("Remove server firewall rules that grant excessive access"),
// Automated: to.Ptr(false),
// PortalLink: to.Ptr("ReviewServerFirewallRules"),
// Scripts: []*string{
// to.Ptr("EXECUTE sp_delete_firewall_rule N'Test';")},
// },
// RuleID: to.Ptr("VA2063"),
// RuleMetadata: &armsecurity.VaRule{
// Description: to.Ptr("The Azure SQL server-level firewall helps protect your server by preventing all access to your databases until you specify which IP addresses have permission. Server-level firewall rules grant access to all databases that belong to the server based on the originating IP address of each request.\n\nServer-level firewall rules can only be created and managed through Transact-SQL as well as through the Azure portal or PowerShell. For more details please see: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-firewall-configure\n\nThis check verifies that server-level firewall rules do not grant excessive access."),
// BenchmarkReferences: []*armsecurity.BenchmarkReference{
// },
// Category: to.Ptr("SurfaceAreaReduction"),
// QueryCheck: &armsecurity.QueryCheck{
// ColumnNames: []*string{
// to.Ptr("Firewall Rule Name"),
// to.Ptr("Start Address"),
// to.Ptr("End Address")},
// ExpectedResult: [][]*string{
// },
// Query: to.Ptr("SELECT name\n ,start_ip_address\n ,end_ip_address\nFROM sys.firewall_rules\nWHERE ( \n (CONVERT(bigint, parsename(end_ip_address, 1)) +\n CONVERT(bigint, parsename(end_ip_address, 2)) * 256 + \n CONVERT(bigint, parsename(end_ip_address, 3)) * 65536 + \n CONVERT(bigint, parsename(end_ip_address, 4)) * 16777216 ) \n - \n (CONVERT(bigint, parsename(start_ip_address, 1)) +\n CONVERT(bigint, parsename(start_ip_address, 2)) * 256 + \n CONVERT(bigint, parsename(start_ip_address, 3)) * 65536 + \n CONVERT(bigint, parsename(start_ip_address, 4)) * 16777216 )\n ) > 255;"),
// },
// Rationale: to.Ptr("Often, administrators add rules that grant excessive access as part of a troubleshooting process � to eliminate the firewall as the source of a problem, they simply create a rule that allows all traffic to pass to the affected server.\n\nGranting excessive access using server firewall rules is a clear security concern, as it violates the principle of least privilege by allowing unnecessary access to your databases. In fact, it's the equivalent of placing the server outside of the firewall."),
// RuleID: to.Ptr("VA2063"),
// RuleType: to.Ptr(armsecurity.RuleTypeNegativeList),
// Severity: to.Ptr(armsecurity.RuleSeverityHigh),
// Title: to.Ptr("Server-level firewall rules should not grant excessive access"),
// },
// Status: to.Ptr(armsecurity.RuleStatusFinding),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Gets the scan results of a single rule in a scan record.
*
* @summary Gets the scan results of a single rule in a scan record.
* x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_Get.json
*/
async function getScanDetailsOfAScanRecord() {
const scanId = "Scheduled-20200623";
const scanResultId = "VA2063";
const workspaceId = "55555555-6666-7777-8888-999999999999";
const resourceId =
"subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master";
const credential = new DefaultAzureCredential();
const client = new SecurityCenter(credential);
const result = await client.sqlVulnerabilityAssessmentScanResults.get(
scanId,
scanResultId,
workspaceId,
resourceId,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.SecurityCenter;
using Azure.ResourceManager.SecurityCenter.Models;
// Generated from example definition: specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_Get.json
// this example is just showing the usage of "SqlVulnerabilityAssessmentScanResults_Get" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this SqlVulnerabilityAssessmentScanResource created on azure
// for more information of creating SqlVulnerabilityAssessmentScanResource, please refer to the document of SqlVulnerabilityAssessmentScanResource
string resourceId = "subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master";
string scanId = "Scheduled-20200623";
ResourceIdentifier sqlVulnerabilityAssessmentScanResourceId = SqlVulnerabilityAssessmentScanResource.CreateResourceIdentifier(resourceId, scanId);
SqlVulnerabilityAssessmentScanResource sqlVulnerabilityAssessmentScan = client.GetSqlVulnerabilityAssessmentScanResource(sqlVulnerabilityAssessmentScanResourceId);
// invoke the operation
string scanResultId = "VA2063";
Guid workspaceId = Guid.Parse("55555555-6666-7777-8888-999999999999");
SqlVulnerabilityAssessmentScanResult result = await sqlVulnerabilityAssessmentScan.GetSqlVulnerabilityAssessmentScanResultAsync(scanResultId, workspaceId);
Console.WriteLine($"Succeeded: {result}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults/VA2063",
"name": "VA2063",
"type": "Microsoft.Security/sqlVulnerabilityAssessments/scans/scanResults",
"properties": {
"ruleId": "VA2063",
"status": "Finding",
"isTrimmed": false,
"queryResults": [
[
"Test",
"0.0.0.0",
"125.125.125.125"
]
],
"remediation": {
"description": "Remove server firewall rules that grant excessive access",
"scripts": [
"EXECUTE sp_delete_firewall_rule N'Test';"
],
"automated": false,
"portalLink": "ReviewServerFirewallRules"
},
"baselineAdjustedResult": {
"baseline": {
"expectedResults": [
[
"Test",
"0.0.0.0",
"125.125.125.125"
]
],
"updatedTime": "2020-02-04T12:49:41.027771+00:00"
},
"status": "NonFinding",
"resultsNotInBaseline": [],
"resultsOnlyInBaseline": []
},
"ruleMetadata": {
"ruleId": "VA2063",
"severity": "High",
"category": "SurfaceAreaReduction",
"ruleType": "NegativeList",
"title": "Server-level firewall rules should not grant excessive access",
"description": "The Azure SQL server-level firewall helps protect your server by preventing all access to your databases until you specify which IP addresses have permission. Server-level firewall rules grant access to all databases that belong to the server based on the originating IP address of each request.\n\nServer-level firewall rules can only be created and managed through Transact-SQL as well as through the Azure portal or PowerShell. For more details please see: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-firewall-configure\n\nThis check verifies that server-level firewall rules do not grant excessive access.",
"rationale": "Often, administrators add rules that grant excessive access as part of a troubleshooting process � to eliminate the firewall as the source of a problem, they simply create a rule that allows all traffic to pass to the affected server.\n\nGranting excessive access using server firewall rules is a clear security concern, as it violates the principle of least privilege by allowing unnecessary access to your databases. In fact, it's the equivalent of placing the server outside of the firewall.",
"queryCheck": {
"query": "SELECT name\n ,start_ip_address\n ,end_ip_address\nFROM sys.firewall_rules\nWHERE ( \n (CONVERT(bigint, parsename(end_ip_address, 1)) +\n CONVERT(bigint, parsename(end_ip_address, 2)) * 256 + \n CONVERT(bigint, parsename(end_ip_address, 3)) * 65536 + \n CONVERT(bigint, parsename(end_ip_address, 4)) * 16777216 ) \n - \n (CONVERT(bigint, parsename(start_ip_address, 1)) +\n CONVERT(bigint, parsename(start_ip_address, 2)) * 256 + \n CONVERT(bigint, parsename(start_ip_address, 3)) * 65536 + \n CONVERT(bigint, parsename(start_ip_address, 4)) * 16777216 )\n ) > 255;",
"expectedResult": [],
"columnNames": [
"Firewall Rule Name",
"Start Address",
"End Address"
]
},
"benchmarkReferences": []
}
}
}
Get scan details of the latest scan record
Przykładowe żądanie
GET https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/latest/scanResults/VA2063?workspaceId=55555555-6666-7777-8888-999999999999&api-version=2023-02-01-preview
/**
* Samples for SqlVulnerabilityAssessmentScanResults Get.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/
* sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_GetLatest.json
*/
/**
* Sample code: Get scan details of the latest scan record.
*
* @param manager Entry point to SecurityManager.
*/
public static void getScanDetailsOfTheLatestScanRecord(com.azure.resourcemanager.security.SecurityManager manager) {
manager.sqlVulnerabilityAssessmentScanResults().getWithResponse("latest", "VA2063",
"55555555-6666-7777-8888-999999999999",
"subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master",
com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armsecurity_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_GetLatest.json
func ExampleSQLVulnerabilityAssessmentScanResultsClient_Get_getScanDetailsOfTheLatestScanRecord() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewSQLVulnerabilityAssessmentScanResultsClient().Get(ctx, "latest", "VA2063", "55555555-6666-7777-8888-999999999999", "subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master", nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ScanResult = armsecurity.ScanResult{
// Name: to.Ptr("VA2063"),
// Type: to.Ptr("Microsoft.Security/sqlVulnerabilityAssessments/scans/scanResults"),
// ID: to.Ptr("/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults/VA2063"),
// Properties: &armsecurity.ScanResultProperties{
// BaselineAdjustedResult: &armsecurity.BaselineAdjustedResult{
// Baseline: &armsecurity.Baseline{
// ExpectedResults: [][]*string{
// []*string{
// to.Ptr("Test"),
// to.Ptr("0.0.0.0"),
// to.Ptr("125.125.125.125")}},
// UpdatedTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-02-04T12:49:41.027Z"); return t}()),
// },
// ResultsNotInBaseline: [][]*string{
// },
// ResultsOnlyInBaseline: [][]*string{
// },
// Status: to.Ptr(armsecurity.RuleStatusNonFinding),
// },
// IsTrimmed: to.Ptr(false),
// QueryResults: [][]*string{
// []*string{
// to.Ptr("Test"),
// to.Ptr("0.0.0.0"),
// to.Ptr("125.125.125.125")}},
// Remediation: &armsecurity.Remediation{
// Description: to.Ptr("Remove server firewall rules that grant excessive access"),
// Automated: to.Ptr(false),
// PortalLink: to.Ptr("ReviewServerFirewallRules"),
// Scripts: []*string{
// to.Ptr("EXECUTE sp_delete_firewall_rule N'Test';")},
// },
// RuleID: to.Ptr("VA2063"),
// RuleMetadata: &armsecurity.VaRule{
// Description: to.Ptr("The Azure SQL server-level firewall helps protect your server by preventing all access to your databases until you specify which IP addresses have permission. Server-level firewall rules grant access to all databases that belong to the server based on the originating IP address of each request.\n\nServer-level firewall rules can only be created and managed through Transact-SQL as well as through the Azure portal or PowerShell. For more details please see: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-firewall-configure\n\nThis check verifies that server-level firewall rules do not grant excessive access."),
// BenchmarkReferences: []*armsecurity.BenchmarkReference{
// },
// Category: to.Ptr("SurfaceAreaReduction"),
// QueryCheck: &armsecurity.QueryCheck{
// ColumnNames: []*string{
// to.Ptr("Firewall Rule Name"),
// to.Ptr("Start Address"),
// to.Ptr("End Address")},
// ExpectedResult: [][]*string{
// },
// Query: to.Ptr("SELECT name\n ,start_ip_address\n ,end_ip_address\nFROM sys.firewall_rules\nWHERE ( \n (CONVERT(bigint, parsename(end_ip_address, 1)) +\n CONVERT(bigint, parsename(end_ip_address, 2)) * 256 + \n CONVERT(bigint, parsename(end_ip_address, 3)) * 65536 + \n CONVERT(bigint, parsename(end_ip_address, 4)) * 16777216 ) \n - \n (CONVERT(bigint, parsename(start_ip_address, 1)) +\n CONVERT(bigint, parsename(start_ip_address, 2)) * 256 + \n CONVERT(bigint, parsename(start_ip_address, 3)) * 65536 + \n CONVERT(bigint, parsename(start_ip_address, 4)) * 16777216 )\n ) > 255;"),
// },
// Rationale: to.Ptr("Often, administrators add rules that grant excessive access as part of a troubleshooting process � to eliminate the firewall as the source of a problem, they simply create a rule that allows all traffic to pass to the affected server.\n\nGranting excessive access using server firewall rules is a clear security concern, as it violates the principle of least privilege by allowing unnecessary access to your databases. In fact, it's the equivalent of placing the server outside of the firewall."),
// RuleID: to.Ptr("VA2063"),
// RuleType: to.Ptr(armsecurity.RuleTypeNegativeList),
// Severity: to.Ptr(armsecurity.RuleSeverityHigh),
// Title: to.Ptr("Server-level firewall rules should not grant excessive access"),
// },
// Status: to.Ptr(armsecurity.RuleStatusFinding),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Gets the scan results of a single rule in a scan record.
*
* @summary Gets the scan results of a single rule in a scan record.
* x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_GetLatest.json
*/
async function getScanDetailsOfTheLatestScanRecord() {
const scanId = "latest";
const scanResultId = "VA2063";
const workspaceId = "55555555-6666-7777-8888-999999999999";
const resourceId =
"subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master";
const credential = new DefaultAzureCredential();
const client = new SecurityCenter(credential);
const result = await client.sqlVulnerabilityAssessmentScanResults.get(
scanId,
scanResultId,
workspaceId,
resourceId,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.SecurityCenter;
using Azure.ResourceManager.SecurityCenter.Models;
// Generated from example definition: specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_GetLatest.json
// this example is just showing the usage of "SqlVulnerabilityAssessmentScanResults_Get" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this SqlVulnerabilityAssessmentScanResource created on azure
// for more information of creating SqlVulnerabilityAssessmentScanResource, please refer to the document of SqlVulnerabilityAssessmentScanResource
string resourceId = "subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master";
string scanId = "latest";
ResourceIdentifier sqlVulnerabilityAssessmentScanResourceId = SqlVulnerabilityAssessmentScanResource.CreateResourceIdentifier(resourceId, scanId);
SqlVulnerabilityAssessmentScanResource sqlVulnerabilityAssessmentScan = client.GetSqlVulnerabilityAssessmentScanResource(sqlVulnerabilityAssessmentScanResourceId);
// invoke the operation
string scanResultId = "VA2063";
Guid workspaceId = Guid.Parse("55555555-6666-7777-8888-999999999999");
SqlVulnerabilityAssessmentScanResult result = await sqlVulnerabilityAssessmentScan.GetSqlVulnerabilityAssessmentScanResultAsync(scanResultId, workspaceId);
Console.WriteLine($"Succeeded: {result}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults/VA2063",
"name": "VA2063",
"type": "Microsoft.Security/sqlVulnerabilityAssessments/scans/scanResults",
"properties": {
"ruleId": "VA2063",
"status": "Finding",
"isTrimmed": false,
"queryResults": [
[
"Test",
"0.0.0.0",
"125.125.125.125"
]
],
"remediation": {
"description": "Remove server firewall rules that grant excessive access",
"scripts": [
"EXECUTE sp_delete_firewall_rule N'Test';"
],
"automated": false,
"portalLink": "ReviewServerFirewallRules"
},
"baselineAdjustedResult": {
"baseline": {
"expectedResults": [
[
"Test",
"0.0.0.0",
"125.125.125.125"
]
],
"updatedTime": "2020-02-04T12:49:41.027771+00:00"
},
"status": "NonFinding",
"resultsNotInBaseline": [],
"resultsOnlyInBaseline": []
},
"ruleMetadata": {
"ruleId": "VA2063",
"severity": "High",
"category": "SurfaceAreaReduction",
"ruleType": "NegativeList",
"title": "Server-level firewall rules should not grant excessive access",
"description": "The Azure SQL server-level firewall helps protect your server by preventing all access to your databases until you specify which IP addresses have permission. Server-level firewall rules grant access to all databases that belong to the server based on the originating IP address of each request.\n\nServer-level firewall rules can only be created and managed through Transact-SQL as well as through the Azure portal or PowerShell. For more details please see: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-firewall-configure\n\nThis check verifies that server-level firewall rules do not grant excessive access.",
"rationale": "Often, administrators add rules that grant excessive access as part of a troubleshooting process � to eliminate the firewall as the source of a problem, they simply create a rule that allows all traffic to pass to the affected server.\n\nGranting excessive access using server firewall rules is a clear security concern, as it violates the principle of least privilege by allowing unnecessary access to your databases. In fact, it's the equivalent of placing the server outside of the firewall.",
"queryCheck": {
"query": "SELECT name\n ,start_ip_address\n ,end_ip_address\nFROM sys.firewall_rules\nWHERE ( \n (CONVERT(bigint, parsename(end_ip_address, 1)) +\n CONVERT(bigint, parsename(end_ip_address, 2)) * 256 + \n CONVERT(bigint, parsename(end_ip_address, 3)) * 65536 + \n CONVERT(bigint, parsename(end_ip_address, 4)) * 16777216 ) \n - \n (CONVERT(bigint, parsename(start_ip_address, 1)) +\n CONVERT(bigint, parsename(start_ip_address, 2)) * 256 + \n CONVERT(bigint, parsename(start_ip_address, 3)) * 65536 + \n CONVERT(bigint, parsename(start_ip_address, 4)) * 16777216 )\n ) > 255;",
"expectedResult": [],
"columnNames": [
"Firewall Rule Name",
"Start Address",
"End Address"
]
},
"benchmarkReferences": []
}
}
}
Definicje
| Nazwa |
Opis |
|
Baseline
|
Szczegóły punktu odniesienia.
|
|
BaselineAdjustedResult
|
Wynik reguły został skorygowany przy użyciu planu bazowego.
|
|
BenchmarkReference
|
Odwołania do testów porównawczych.
|
|
CloudError
|
Typowa odpowiedź na błędy dla wszystkich interfejsów API usługi Azure Resource Manager w celu zwrócenia szczegółów błędu dla operacji, które zakończyły się niepowodzeniem. (Jest to również zgodne z formatem odpowiedzi na błąd OData).
|
|
CloudErrorBody
|
Szczegóły błędu.
|
|
ErrorAdditionalInfo
|
Dodatkowe informacje o błędzie zarządzania zasobami.
|
|
QueryCheck
|
Szczegóły zapytania reguły.
|
|
Remediation
|
Szczegóły korygowania.
|
|
RuleSeverity
|
Ważność reguły.
|
|
RuleStatus
|
Stan wyniku reguły.
|
|
RuleType
|
Typ reguły.
|
|
ScanResult
|
Wynik skanowania oceny luk w zabezpieczeniach dla pojedynczej reguły.
|
|
ScanResultProperties
|
Właściwości wyniku skanowania oceny luk w zabezpieczeniach dla pojedynczej reguły.
|
|
VaRule
|
szczegóły metadanych reguły oceny luk w zabezpieczeniach.
|
Baseline
Szczegóły punktu odniesienia.
| Nazwa |
Typ |
Opis |
|
expectedResults
|
string[]
|
Oczekiwane wyniki.
|
|
updatedTime
|
string
|
Czas aktualizacji wg planu bazowego (UTC).
|
BaselineAdjustedResult
Wynik reguły został skorygowany przy użyciu planu bazowego.
| Nazwa |
Typ |
Opis |
|
baseline
|
Baseline
|
Szczegóły punktu odniesienia.
|
|
resultsNotInBaseline
|
string[]
|
Wyniki nie znajdują się w punkcie odniesienia.
|
|
resultsOnlyInBaseline
|
string[]
|
Wyniki znajdują się w punkcie odniesienia.
|
|
status
|
RuleStatus
|
Stan wyniku reguły.
|
BenchmarkReference
Odwołania do testów porównawczych.
| Nazwa |
Typ |
Opis |
|
benchmark
|
string
|
Nazwa testu porównawczego.
|
|
reference
|
string
|
Dokumentacja referencyjna.
|
CloudError
Typowa odpowiedź na błędy dla wszystkich interfejsów API usługi Azure Resource Manager w celu zwrócenia szczegółów błędu dla operacji, które zakończyły się niepowodzeniem. (Jest to również zgodne z formatem odpowiedzi na błąd OData).
| Nazwa |
Typ |
Opis |
|
error.additionalInfo
|
ErrorAdditionalInfo[]
|
Dodatkowe informacje o błędzie.
|
|
error.code
|
string
|
Kod błędu.
|
|
error.details
|
CloudErrorBody[]
|
Szczegóły błędu.
|
|
error.message
|
string
|
Komunikat o błędzie.
|
|
error.target
|
string
|
Element docelowy błędu.
|
CloudErrorBody
Szczegóły błędu.
| Nazwa |
Typ |
Opis |
|
additionalInfo
|
ErrorAdditionalInfo[]
|
Dodatkowe informacje o błędzie.
|
|
code
|
string
|
Kod błędu.
|
|
details
|
CloudErrorBody[]
|
Szczegóły błędu.
|
|
message
|
string
|
Komunikat o błędzie.
|
|
target
|
string
|
Element docelowy błędu.
|
ErrorAdditionalInfo
Dodatkowe informacje o błędzie zarządzania zasobami.
| Nazwa |
Typ |
Opis |
|
info
|
object
|
Dodatkowe informacje.
|
|
type
|
string
|
Dodatkowy typ informacji.
|
QueryCheck
Szczegóły zapytania reguły.
| Nazwa |
Typ |
Opis |
|
columnNames
|
string[]
|
Nazwy kolumn oczekiwanego wyniku.
|
|
expectedResult
|
string[]
|
Oczekiwany wynik.
|
|
query
|
string
|
Zapytanie reguły.
|
Szczegóły korygowania.
| Nazwa |
Typ |
Opis |
|
automated
|
boolean
|
Jest zautomatyzowane korygowanie.
|
|
description
|
string
|
Opis korygowania.
|
|
portalLink
|
string
|
Opcjonalny link do korygowania w witrynie Azure Portal.
|
|
scripts
|
string[]
|
Skrypt korygowania.
|
RuleSeverity
Ważność reguły.
| Nazwa |
Typ |
Opis |
|
High
|
string
|
Wysoki
|
|
Informational
|
string
|
Informacyjne
|
|
Low
|
string
|
Niski
|
|
Medium
|
string
|
Średni
|
|
Obsolete
|
string
|
Przestarzały
|
RuleStatus
Stan wyniku reguły.
| Nazwa |
Typ |
Opis |
|
Finding
|
string
|
Znalezienie
|
|
InternalError
|
string
|
InternalError
|
|
NonFinding
|
string
|
Niezdefiniowanie
|
RuleType
Typ reguły.
| Nazwa |
Typ |
Opis |
|
BaselineExpected
|
string
|
BaselineExpected
|
|
Binary
|
string
|
Dwójkowy
|
|
NegativeList
|
string
|
Lista ujemna
|
|
PositiveList
|
string
|
Lista dodatnia
|
ScanResult
Wynik skanowania oceny luk w zabezpieczeniach dla pojedynczej reguły.
| Nazwa |
Typ |
Opis |
|
id
|
string
|
Identyfikator zasobu
|
|
name
|
string
|
Nazwa zasobu
|
|
properties
|
ScanResultProperties
|
Właściwości wyniku skanowania oceny luk w zabezpieczeniach dla pojedynczej reguły.
|
|
type
|
string
|
Typ zasobu
|
ScanResultProperties
Właściwości wyniku skanowania oceny luk w zabezpieczeniach dla pojedynczej reguły.
| Nazwa |
Typ |
Opis |
|
baselineAdjustedResult
|
BaselineAdjustedResult
|
Wynik reguły został skorygowany przy użyciu planu bazowego.
|
|
isTrimmed
|
boolean
|
Wskazuje, czy określone w tym miejscu wyniki są przycinane.
|
|
queryResults
|
string[]
|
Wyniki zapytania, które zostało uruchomione.
|
|
remediation
|
Remediation
|
Szczegóły korygowania.
|
|
ruleId
|
string
|
Identyfikator reguły.
|
|
ruleMetadata
|
VaRule
|
szczegóły metadanych reguły oceny luk w zabezpieczeniach.
|
|
status
|
RuleStatus
|
Stan wyniku reguły.
|
VaRule
szczegóły metadanych reguły oceny luk w zabezpieczeniach.
| Nazwa |
Typ |
Opis |
|
benchmarkReferences
|
BenchmarkReference[]
|
Odwołania do testów porównawczych.
|
|
category
|
string
|
Kategoria reguły.
|
|
description
|
string
|
Opis reguły.
|
|
queryCheck
|
QueryCheck
|
Szczegóły zapytania reguły.
|
|
rationale
|
string
|
Uzasadnienie reguły.
|
|
ruleId
|
string
|
Identyfikator reguły.
|
|
ruleType
|
RuleType
|
Typ reguły.
|
|
severity
|
RuleSeverity
|
Ważność reguły.
|
|
title
|
string
|
Tytuł reguły.
|