Server Vulnerability Assessments - List By Server

Lists the vulnerability assessment policies associated with a server.

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/vulnerabilityAssessments?api-version=2021-02-01-preview

URI Parameters

Name In Required Type Description
resourceGroupName
path True
  • string

The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.

serverName
path True
  • string

The name of the server.

subscriptionId
path True
  • string

The subscription ID that identifies an Azure subscription.

api-version
query True
  • string

The API version to use for the request.

Responses

Name Type Description
200 OK

Successfully retrieved the server vulnerability assessment policies.

Other Status Codes

*** Error Responses: ***

  • 400 InvalidStorageAccountName - The provided storage account is not valid or does not exist.

  • 400 InvalidStorageAccountCredentials - The provided storage account shared access signature or account storage key is not valid.

  • 400 VulnerabilityAssessmentUnsupportedStorageAccount - The provided storage account is unsupported.

  • 400 VulnerabilityAssessmentADSIsDisabled - Advanced Data Security should be enabled in order to use Vulnerability Assessment.

  • 400 VulnerabilityAssessmentStorageOutboundFirewallNotAllowed - The storage account is not in the list of allowed FQDNs. The outbound firewall rules will block the request.

  • 400 VulnerabilityAssessmentInsufficientStorageAccountPermissions - Insufficient permissions on the provided storage account.

  • 400 VulnerabilityAssessmentStorageAccountIsDisabled - The provided storage account is disabled.

  • 404 SubscriptionDoesNotHaveServer - The requested server was not found

Examples

Get a server's vulnerability assessment policies

Sample Request

GET https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest-6440/vulnerabilityAssessments?api-version=2021-02-01-preview

Sample Response

{
  "value": [
    {
      "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest-6440/vulnerabilityAssessments/",
      "name": "default",
      "type": "Microsoft.Sql/servers/vulnerabilityAssessments",
      "properties": {
        "recurringScans": {
          "isEnabled": true,
          "emailSubscriptionAdmins": true,
          "emails": [
            "email1@mail.com",
            "email2@mail.com"
          ]
        }
      }
    }
  ]
}

Definitions

ServerVulnerabilityAssessment

A server vulnerability assessment.

ServerVulnerabilityAssessmentListResult

A list of the server's vulnerability assessments.

VulnerabilityAssessmentRecurringScansProperties

Properties of a Vulnerability Assessment recurring scans.

ServerVulnerabilityAssessment

A server vulnerability assessment.

Name Type Description
id
  • string

Resource ID.

name
  • string

Resource name.

properties.recurringScans

The recurring scans settings

properties.storageAccountAccessKey
  • string

Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required.

properties.storageContainerPath
  • string

A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/).

properties.storageContainerSasKey
  • string

A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required.

type
  • string

Resource type.

ServerVulnerabilityAssessmentListResult

A list of the server's vulnerability assessments.

Name Type Description
nextLink
  • string

Link to retrieve next page of results.

value

Array of results.

VulnerabilityAssessmentRecurringScansProperties

Properties of a Vulnerability Assessment recurring scans.

Name Type Default Value Description
emailSubscriptionAdmins
  • boolean
True

Specifies that the schedule scan notification will be is sent to the subscription administrators.

emails
  • string[]

Specifies an array of e-mail addresses to which the scan notification is sent.

isEnabled
  • boolean

Recurring scans state.