Database Sql Vulnerability Assessment Scans - Get

Service:

SQL Database

API Version:

2023-08-01

Get a database vulnerability assessment scan result.

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/sqlVulnerabilityAssessments/default/scans/{scanId}?api-version=2023-08-01

URI Parameters

Name	In	Required	Type	Description
databaseName	path	True	string	The name of the database.
resourceGroupName	path	True	string	The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
scanId	path	True	string	The vulnerability assessment scan Id of the scan to retrieve.
serverName	path	True	string	The name of the server.
subscriptionId	path	True	string	The subscription ID that identifies an Azure subscription.
vulnerabilityAssessmentName	path	True	VulnerabilityAssessmentName	The name of the vulnerability assessment.
api-version	query	True	string	The API version to use for the request.

Responses

Name	Type	Description
200 OK	SqlVulnerabilityAssessmentScanRecord	Successfully retrieved the database vulnerability assessment scan.
Other Status Codes	ErrorResponse	*** Error Responses: *** 400 SqlVulnerabilityAssessmentInvalidUserSuppliedParameter - An invalid parameter value was provided by the client. 400 InvalidSqlVulnerabilityAssessmentBaselineInput - The SQL vulnerability assessment baseline input is null or empty. 400 InvalidSqlVulnerabilityAssessmentSettingsInput - The SQL vulnerability assessment setting input is null or empty 400 SqlVulnerabilityAssessmentScanResultsAreNotAvailableYet - SQL vulnerability assessment results are not available yet, please try again later. 400 SqlVulnerabilityAssessmentInvalidRuleId - The SQL vulnerability assessment rule id is invalid. 400 SqlVulnerabilityAssessmentScanDoesNotExist - SQL vulnerability assessment scan does not exist. 400 SqlVulnerabilityAssessmentNoBaseline - No baseline have been found for the latest scan in the resource 400 SqlVulnerabilityAssessmentNoRuleBaseline - No SQL vulnerability assessment baseline was found 400 SqlVulnerabilityAssessmentBaselineNoScanResults - No scan results have been found for rule Id. To set a baseline there must be results for this rule in the latest scan available 400 SqlVulnerabilityAssessmentBadBinaryRuleFormat - Input for binary rule is not a boolean representation 400 SqlVulnerabilityAssessmentBadRuleFormat - The provided results do not comply with the actual layout of the scan results 400 SqlVulnerabilityAssessmentBadRuleWithoutRuleIdFormat - The provided results do not comply with the actual layout of the scan results 400 SqlVulnerabilityAssessmentBadBinaryRuleWithoutRuleIdFormat - Input for binary rule is not a boolean representation 400 SqlVulnerabilityAssessmentBaselineNoScanResultsWithoutRuleId - No scan results have been found for one of the rules. To set a baseline there must be results for this rule in the latest scan available 400 SqlVulnerabilityAssessmentEmptyBaseline - Baseline not set because the results are null or empty 400 SqlVulnerabilityAssessmentIsDisabled - SQL vulnerability assessment feature is disabled. please enable the feature before executing other SQL vulnerability assessment operations. 404 SubscriptionDoesNotHaveServer - The requested server was not found 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance. 404 SourceDatabaseNotFound - The source database does not exist. 409 SqlVulnerabilityAssessmentStoragefullApiIsEnabled - Vulnerability Assessment is enabled on this server or one of its underlying databases with an incompatible version. Additional troubleshooting information can be found https://aka.ms/SQLVAStoragelessDocumentation. 409 DatabaseVulnerabilityAssessmentScanIsAlreadyInProgress - SQL Vulnerability Assessment scan is already in progress 500 DatabaseIsUnavailable - Loading failed. Please try again later.

Examples

Get a database's vulnerability assessment scan.

Sample request

HTTP

GET https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityassessmenttest-4711/providers/Microsoft.Sql/servers/vulnerabilityassessmenttest-6411/databases/testdb/sqlVulnerabilityAssessments/default/scans/scan001?api-version=2023-08-01

dotnet

using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Sql.Models;
using Azure.ResourceManager.Sql;

// Generated from example definition: specification/sql/resource-manager/Microsoft.Sql/stable/2023-08-01/examples/DatabaseSqlVulnerabilityAssessmentScan.json
// this example is just showing the usage of "DatabaseSqlVulnerabilityAssessmentScans_Get" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this SqlDatabaseSqlVulnerabilityAssessmentScanResource created on azure
// for more information of creating SqlDatabaseSqlVulnerabilityAssessmentScanResource, please refer to the document of SqlDatabaseSqlVulnerabilityAssessmentScanResource
string subscriptionId = "00000000-1111-2222-3333-444444444444";
string resourceGroupName = "vulnerabilityassessmenttest-4711";
string serverName = "vulnerabilityassessmenttest-6411";
string databaseName = "testdb";
VulnerabilityAssessmentName vulnerabilityAssessmentName = VulnerabilityAssessmentName.Default;
string scanId = "scan001";
ResourceIdentifier sqlDatabaseSqlVulnerabilityAssessmentScanResourceId = SqlDatabaseSqlVulnerabilityAssessmentScanResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, serverName, databaseName, vulnerabilityAssessmentName, scanId);
SqlDatabaseSqlVulnerabilityAssessmentScanResource sqlDatabaseSqlVulnerabilityAssessmentScan = client.GetSqlDatabaseSqlVulnerabilityAssessmentScanResource(sqlDatabaseSqlVulnerabilityAssessmentScanResourceId);

// invoke the operation
SqlDatabaseSqlVulnerabilityAssessmentScanResource result = await sqlDatabaseSqlVulnerabilityAssessmentScan.GetAsync();

// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
SqlVulnerabilityAssessmentScanData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample response

Status code:

200

{
  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityassessmenttest-4711/providers/Microsoft.Sql/servers/vulnerabilityassessmenttest-6411/databases/testdb/sqlVulnerabilityAssessments/default/scans/scan001",
  "name": "scan001",
  "type": "Microsoft.Sql/servers/databases/sqlVulnerabilityAssessments/scans",
  "properties": {
    "scanId": "scan001",
    "triggerType": "Recurring",
    "state": "Failed",
    "server": "vulnerabilityassessmenttest-6411",
    "database": "testdb",
    "sqlVersion": "15.0.2000",
    "startTime": "2020-06-23T12:19:00.6455136+05:30",
    "endTime": "2020-06-23T06:49:00.7236217Z",
    "highSeverityFailedRulesCount": 3,
    "mediumSeverityFailedRulesCount": 2,
    "lowSeverityFailedRulesCount": 1,
    "totalPassedRulesCount": 20,
    "totalFailedRulesCount": 6,
    "totalRulesCount": 26,
    "isBaselineApplied": false,
    "lastScanTime": "2020-06-23T12:19:00.6455136+05:30"
  }
}

Definitions

Name	Description
createdByType	The type of identity that created the resource.
ErrorAdditionalInfo	The resource management error additional info.
ErrorDetail	The error detail.
ErrorResponse	Error response
SqlVulnerabilityAssessmentScanError	Properties of a vulnerability assessment scan error.
SqlVulnerabilityAssessmentScanRecord	A vulnerability assessment scan record.
systemData	Metadata pertaining to creation and last modification of the resource.
VulnerabilityAssessmentName	The name of the vulnerability assessment.
VulnerabilityAssessmentScanState	The scan status.
VulnerabilityAssessmentScanTriggerType	The scan trigger type.

createdByType

Enumeration

The type of identity that created the resource.

Value	Description
User
Application
ManagedIdentity
Key

ErrorAdditionalInfo

Object

The resource management error additional info.

Name	Type	Description
info	object	The additional info.
type	string	The additional info type.

ErrorDetail

Object

The error detail.

Name	Type	Description
additionalInfo	ErrorAdditionalInfo[]	The error additional info.
code	string	The error code.
details	ErrorDetail[]	The error details.
message	string	The error message.
target	string	The error target.

ErrorResponse

Object

Error response

Name	Type	Description
error	ErrorDetail	The error object.

SqlVulnerabilityAssessmentScanError

Object

Properties of a vulnerability assessment scan error.

Name	Type	Description
code	string	The error code.
message	string	The error message.

SqlVulnerabilityAssessmentScanRecord

Object

A vulnerability assessment scan record.

Name	Type	Description
id	string	Resource ID.
name	string	Resource name.
properties.database	string	The database name.
properties.endTime	string (date-time)	The scan end time (UTC).
properties.errors	SqlVulnerabilityAssessmentScanError[]	The scan errors.
properties.highSeverityFailedRulesCount	integer (int32)	The number of failed rules with high severity.
properties.isBaselineApplied	boolean	Baseline created for this database, and has one or more rules.
properties.lastScanTime	string (date-time)	The last scan time.
properties.lowSeverityFailedRulesCount	integer (int32)	The number of failed rules with low severity.
properties.mediumSeverityFailedRulesCount	integer (int32)	The number of failed rules with medium severity.
properties.scanId	string	The scan ID.
properties.server	string	The server name.
properties.sqlVersion	string	The SQL version.
properties.startTime	string (date-time)	The scan start time (UTC).
properties.state	VulnerabilityAssessmentScanState	The scan status.
properties.totalFailedRulesCount	integer (int32)	The number of total failed rules.
properties.totalPassedRulesCount	integer (int32)	The number of total passed rules.
properties.totalRulesCount	integer (int32)	The number of total rules assessed.
properties.triggerType	VulnerabilityAssessmentScanTriggerType	The scan trigger type.
systemData	systemData	SystemData of SqlVulnerabilityAssessmentScanRecordResource.
type	string	Resource type.

systemData

Object

Metadata pertaining to creation and last modification of the resource.

Name	Type	Description
createdAt	string (date-time)	The timestamp of resource creation (UTC).
createdBy	string	The identity that created the resource.
createdByType	createdByType	The type of identity that created the resource.
lastModifiedAt	string (date-time)	The timestamp of resource last modification (UTC)
lastModifiedBy	string	The identity that last modified the resource.
lastModifiedByType	createdByType	The type of identity that last modified the resource.

VulnerabilityAssessmentName

Enumeration

The name of the vulnerability assessment.

Value	Description
default

VulnerabilityAssessmentScanState

Enumeration

The scan status.

Value	Description
Passed
Failed
FailedToRun
InProgress

VulnerabilityAssessmentScanTriggerType

Enumeration

The scan trigger type.

Value	Description
OnDemand
Recurring