Database Vulnerability Assessment Scans - List By Database

Lists the vulnerability assessment scans of a database.

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/vulnerabilityAssessments/default/scans?api-version=2021-11-01

URI Parameters

Name In Required Type Description
databaseName
path True

string

The name of the database.

resourceGroupName
path True

string

The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.

serverName
path True

string

The name of the server.

subscriptionId
path True

string

The subscription ID that identifies an Azure subscription.

vulnerabilityAssessmentName
path True

VulnerabilityAssessmentName

The name of the vulnerability assessment.

api-version
query True

string

The API version to use for the request.

Responses

Name Type Description
200 OK

VulnerabilityAssessmentScanRecordListResult

Successfully retrieved the database vulnerability assessment scan records.

Other Status Codes

*** Error Responses: ***

  • 400 InvalidStorageAccountName - The provided storage account is not valid or does not exist.

  • 400 InvalidStorageAccountCredentials - The provided storage account shared access signature or account storage key is not valid.

  • 400 VulnerabilityAssessmentInvalidPolicy - Vulnerability Assessment settings don't exist or invalid storage specified in settings.

  • 400 VulnerabilityAssessmentADSIsDisabled - Advanced Data Security should be enabled in order to use Vulnerability Assessment.

  • 400 DatabaseVulnerabilityAssessmentMissingStorageContainerPath - Storage container path must be provided if it isn't set in server level policy

  • 400 VulnerabilityAssessmentDatawarehouseDatabaseIsDeactivated - Could not execute Vulnerability Assessment operation because the database is paused. Please resume it.

  • 400 VulnerabilityAssessmentStorageOutboundFirewallNotAllowed - The storage account is not in the list of Outbound Firewall Rules.

  • 404 SubscriptionDoesNotHaveServer - The requested server was not found

  • 404 SourceDatabaseNotFound - The source database does not exist.

  • 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.

  • 409 DatabaseVulnerabilityAssessmentScanIsAlreadyInProgress - Vulnerability Assessment scan is already in progress.

  • 500 DatabaseIsUnavailable - Loading failed. Please try again later.

Examples

Gets the list of a database vulnerability assessment scan records

Sample request

GET https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityassessmenttest-4711/providers/Microsoft.Sql/servers/vulnerabilityassessmenttest-6411/databases/testdb/vulnerabilityAssessments/default/scans?api-version=2021-11-01

Sample response

{
  "value": [
    {
      "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityassessmenttest-4799/providers/Microsoft.Sql/servers/vulnerabilityassessmenttest-6440/databases/testdb/vulnerabilityAssessments/default/scans/scan001",
      "name": "scan001",
      "type": "Microsoft.Sql/servers/databases/vulnerabilityAssessments/scans",
      "properties": {
        "scanId": "scan001",
        "triggerType": "OnDemand",
        "state": "Passed",
        "startTime": "2017-12-12T17:45:06Z",
        "endTime": "2017-12-12T17:47:06Z",
        "errors": [],
        "storageContainerPath": "https://myaccount.blob.core.windows.net/vulnerability-assessment",
        "numberOfFailedSecurityChecks": 9
      }
    },
    {
      "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityassessmenttest-4799/providers/Microsoft.Sql/servers/vulnerabilityassessmenttest-6440/databases/testdb/vulnerabilityAssessments/default/scans/scan002",
      "name": "scan002",
      "type": "Microsoft.Sql/servers/databases/vulnerabilityAssessments/scans",
      "properties": {
        "scanId": "scan002",
        "triggerType": "Recurring",
        "state": "Failed",
        "startTime": "2017-12-12T17:45:06Z",
        "endTime": "2017-12-12T17:47:06Z",
        "errors": [],
        "storageContainerPath": "https://myaccount.blob.core.windows.net/vulnerability-assessment",
        "numberOfFailedSecurityChecks": 9
      }
    },
    {
      "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityassessmenttest-4799/providers/Microsoft.Sql/servers/vulnerabilityassessmenttest-6440/databases/testdb/vulnerabilityAssessments/default/scans/scan003",
      "name": "scan003",
      "type": "Microsoft.Sql/servers/databases/vulnerabilityAssessments/scans",
      "properties": {
        "scanId": "scan003",
        "triggerType": "Recurring",
        "state": "FailedToRun",
        "startTime": "2017-12-12T17:45:06Z",
        "endTime": "2017-12-12T17:47:06Z",
        "errors": [
          {
            "code": "StorageNotFound",
            "message": "Storage not found"
          }
        ],
        "storageContainerPath": "https://myaccount.blob.core.windows.net/vulnerability-assessment",
        "numberOfFailedSecurityChecks": 0
      }
    }
  ]
}

Definitions

Name Description
VulnerabilityAssessmentName

The name of the vulnerability assessment.

VulnerabilityAssessmentScanError

Properties of a vulnerability assessment scan error.

VulnerabilityAssessmentScanRecord

A vulnerability assessment scan record.

VulnerabilityAssessmentScanRecordListResult

A list of vulnerability assessment scan records.

VulnerabilityAssessmentScanState

The scan status.

VulnerabilityAssessmentScanTriggerType

The scan trigger type.

VulnerabilityAssessmentName

The name of the vulnerability assessment.

Name Type Description
default

string

VulnerabilityAssessmentScanError

Properties of a vulnerability assessment scan error.

Name Type Description
code

string

The error code.

message

string

The error message.

VulnerabilityAssessmentScanRecord

A vulnerability assessment scan record.

Name Type Description
id

string

Resource ID.

name

string

Resource name.

properties.endTime

string

The scan end time (UTC).

properties.errors

VulnerabilityAssessmentScanError[]

The scan errors.

properties.numberOfFailedSecurityChecks

integer

The number of failed security checks.

properties.scanId

string

The scan ID.

properties.startTime

string

The scan start time (UTC).

properties.state

VulnerabilityAssessmentScanState

The scan status.

properties.storageContainerPath

string

The scan results storage container path.

properties.triggerType

VulnerabilityAssessmentScanTriggerType

The scan trigger type.

type

string

Resource type.

VulnerabilityAssessmentScanRecordListResult

A list of vulnerability assessment scan records.

Name Type Description
nextLink

string

Link to retrieve next page of results.

value

VulnerabilityAssessmentScanRecord[]

Array of results.

VulnerabilityAssessmentScanState

The scan status.

Name Type Description
Failed

string

FailedToRun

string

InProgress

string

Passed

string

VulnerabilityAssessmentScanTriggerType

The scan trigger type.

Name Type Description
OnDemand

string

Recurring

string