Server Vulnerability Assessments - List By Server

Lists the vulnerability assessment policies associated with a server.

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/vulnerabilityAssessments?api-version=2021-11-01

URI Parameters

Name In Required Type Description
resourceGroupName
path True

string

The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.

serverName
path True

string

The name of the server.

subscriptionId
path True

string

The subscription ID that identifies an Azure subscription.

api-version
query True

string

The API version to use for the request.

Responses

Name Type Description
200 OK

ServerVulnerabilityAssessmentListResult

Successfully retrieved the server vulnerability assessment policies.

Other Status Codes

*** Error Responses: ***

  • 400 InvalidStorageAccountName - The provided storage account is not valid or does not exist.

  • 400 InvalidStorageAccountCredentials - The provided storage account shared access signature or account storage key is not valid.

  • 400 VulnerabilityAssessmentUnsupportedStorageAccount - The provided storage account is unsupported.

  • 400 VulnerabilityAssessmentADSIsDisabled - Advanced Data Security should be enabled in order to use Vulnerability Assessment.

  • 400 VulnerabilityAssessmentStorageOutboundFirewallNotAllowed - The storage account is not in the list of Outbound Firewall Rules.

  • 400 VulnerabilityAssessmentInsufficientStorageAccountPermissions - Insufficient permissions on the provided storage account.

  • 400 VulnerabilityAssessmentStorageAccountIsDisabled - The provided storage account is disabled.

  • 404 SubscriptionDoesNotHaveServer - The requested server was not found

Examples

Get a server's vulnerability assessment policies

Sample request

GET https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest-6440/vulnerabilityAssessments?api-version=2021-11-01

Sample response

{
  "value": [
    {
      "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest-6440/vulnerabilityAssessments/",
      "name": "default",
      "type": "Microsoft.Sql/servers/vulnerabilityAssessments",
      "properties": {
        "recurringScans": {
          "isEnabled": true,
          "emailSubscriptionAdmins": true,
          "emails": [
            "email1@mail.com",
            "email2@mail.com"
          ]
        }
      }
    }
  ]
}

Definitions

Name Description
ServerVulnerabilityAssessment

A server vulnerability assessment.

ServerVulnerabilityAssessmentListResult

A list of the server's vulnerability assessments.

VulnerabilityAssessmentRecurringScansProperties

Properties of a Vulnerability Assessment recurring scans.

ServerVulnerabilityAssessment

A server vulnerability assessment.

Name Type Description
id

string

Resource ID.

name

string

Resource name.

properties.recurringScans

VulnerabilityAssessmentRecurringScansProperties

The recurring scans settings

properties.storageAccountAccessKey

string

Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required. Applies only if the storage account is not behind a Vnet or a firewall

properties.storageContainerPath

string

A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/).

properties.storageContainerSasKey

string

A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required. Applies only if the storage account is not behind a Vnet or a firewall

type

string

Resource type.

ServerVulnerabilityAssessmentListResult

A list of the server's vulnerability assessments.

Name Type Description
nextLink

string

Link to retrieve next page of results.

value

ServerVulnerabilityAssessment[]

Array of results.

VulnerabilityAssessmentRecurringScansProperties

Properties of a Vulnerability Assessment recurring scans.

Name Type Default value Description
emailSubscriptionAdmins

boolean

True

Specifies that the schedule scan notification will be is sent to the subscription administrators.

emails

string[]

Specifies an array of e-mail addresses to which the scan notification is sent.

isEnabled

boolean

Recurring scans state.