Assessments - Get
Get a security assessment on your scanned resource
GET https://management.azure.com/{resourceId}/providers/Microsoft.Security/assessments/{assessmentName}?api-version=2020-01-01GET https://management.azure.com/{resourceId}/providers/Microsoft.Security/assessments/{assessmentName}?api-version=2020-01-01&$expand={$expand}URI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
assessment
|
path | True |
string |
The Assessment Key - Unique key for the assessment type |
|
resource
|
path | True |
string |
The identifier of the resource. |
|
api-version
|
query | True |
string |
API version for the operation |
|
$expand
|
query |
OData expand. Optional. |
Responses
| Name | Type | Description |
|---|---|---|
| 200 OK |
OK |
|
| Other Status Codes |
Error response describing why the operation failed. |
Security
azure_auth
Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Name | Description |
|---|---|
| user_impersonation | impersonate your user account |
Examples
| Get security recommendation task from security data location |
| Get security recommendation task from security data location with expand parameter |
Get security recommendation task from security data location
Sample request
GET https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2/providers/Microsoft.Security/assessments/21300918-b2e3-0346-785f-c77ff57d243b?api-version=2020-01-01
Sample response
{
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2/providers/Microsoft.Security/assessments/21300918-b2e3-0346-785f-c77ff57d243b",
"name": "21300918-b2e3-0346-785f-c77ff57d243b",
"type": "Microsoft.Security/assessments",
"properties": {
"resourceDetails": {
"source": "Azure",
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2"
},
"displayName": "Install endpoint protection solution on virtual machine scale sets",
"status": {
"code": "NotApplicable",
"cause": "OffByPolicy",
"description": "The effective policy for the assessment was evaluated to off - use Microsoft.Authorization/policyAssignments to turn this assessment on"
},
"additionalData": {
"linkedWorkspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myLaWorkspace"
}
}
}Get security recommendation task from security data location with expand parameter
Sample request
GET https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2/providers/Microsoft.Security/assessments/21300918-b2e3-0346-785f-c77ff57d243b?api-version=2020-01-01&$expand=links
Sample response
{
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2/providers/Microsoft.Security/assessments/21300918-b2e3-0346-785f-c77ff57d243b",
"name": "21300918-b2e3-0346-785f-c77ff57d243b",
"type": "Microsoft.Security/assessments",
"properties": {
"resourceDetails": {
"source": "Azure",
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2"
},
"displayName": "Install endpoint protection solution on virtual machine scale sets",
"status": {
"code": "NotApplicable",
"cause": "OffByPolicy",
"description": "The effective policy for the assessment was evaluated to off - use Microsoft.Authorization/policyAssignments to turn this assessment on"
},
"additionalData": {
"linkedWorkspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myLaWorkspace"
},
"links": {
"azurePortalUri": "https://www.portal.azure.com/?fea#blade/Microsoft_Azure_Security/RecommendationsBlade/assessmentKey/21300918-b2e3-0346-785f-c77ff57d243b"
}
}
}Definitions
| Name | Description |
|---|---|
|
Assessment |
Links relevant to the assessment |
|
Assessment |
The result of the assessment |
|
Assessment |
Programmatic code for the status of the assessment |
|
assessment |
BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition |
|
Azure |
Details of the Azure resource that was assessed |
| categories | |
|
Cloud |
Common error response for all Azure Resource Manager APIs to return error details for failed operations. (This also follows the OData error response format.). |
|
Cloud |
The error detail. |
|
Error |
The resource management error additional info. |
|
Expand |
OData expand. Optional. |
|
implementation |
The implementation effort required to remediate this assessment |
|
On |
Details of the On Premise resource that was assessed |
|
On |
Details of the On Premise Sql resource that was assessed |
|
Security |
Security assessment on a resource |
|
Security |
Describes the partner that created the assessment |
|
Security |
Describes properties of an assessment metadata. |
|
Security |
Data regarding 3rd party partner integration |
| severity |
The severity level of the assessment |
| threats | |
|
user |
The user impact of the assessment |
AssessmentLinks
Links relevant to the assessment
| Name | Type | Description |
|---|---|---|
| azurePortalUri |
string |
Link to assessment in Azure Portal |
AssessmentStatus
The result of the assessment
| Name | Type | Description |
|---|---|---|
| cause |
string |
Programmatic code for the cause of the assessment status |
| code |
Programmatic code for the status of the assessment |
|
| description |
string |
Human readable description of the assessment status |
AssessmentStatusCode
Programmatic code for the status of the assessment
| Name | Type | Description |
|---|---|---|
| Healthy |
string |
The resource is healthy |
| NotApplicable |
string |
Assessment for this resource did not happen |
| Unhealthy |
string |
The resource has a security issue that needs to be addressed |
assessmentType
BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition
| Name | Type | Description |
|---|---|---|
| BuiltIn |
string |
Microsoft Defender for Cloud managed assessments |
| CustomPolicy |
string |
User defined policies that are automatically ingested from Azure Policy to Microsoft Defender for Cloud |
| CustomerManaged |
string |
User assessments pushed directly by the user or other third party to Microsoft Defender for Cloud |
| VerifiedPartner |
string |
An assessment that was created by a verified 3rd party if the user connected it to ASC |
AzureResourceDetails
Details of the Azure resource that was assessed
| Name | Type | Description |
|---|---|---|
| id |
string |
Azure resource Id of the assessed resource |
| source |
string:
Azure |
The platform where the assessed resource resides |
categories
| Name | Type | Description |
|---|---|---|
| Compute |
string |
|
| Data |
string |
|
| IdentityAndAccess |
string |
|
| IoT |
string |
|
| Networking |
string |
CloudError
Common error response for all Azure Resource Manager APIs to return error details for failed operations. (This also follows the OData error response format.).
| Name | Type | Description |
|---|---|---|
| error.additionalInfo |
The error additional info. |
|
| error.code |
string |
The error code. |
| error.details |
The error details. |
|
| error.message |
string |
The error message. |
| error.target |
string |
The error target. |
CloudErrorBody
The error detail.
| Name | Type | Description |
|---|---|---|
| additionalInfo |
The error additional info. |
|
| code |
string |
The error code. |
| details |
The error details. |
|
| message |
string |
The error message. |
| target |
string |
The error target. |
ErrorAdditionalInfo
The resource management error additional info.
| Name | Type | Description |
|---|---|---|
| info |
object |
The additional info. |
| type |
string |
The additional info type. |
ExpandEnum
OData expand. Optional.
| Name | Type | Description |
|---|---|---|
| links |
string |
All links associated with an assessment |
| metadata |
string |
Assessment metadata |
implementationEffort
The implementation effort required to remediate this assessment
| Name | Type | Description |
|---|---|---|
| High |
string |
|
| Low |
string |
|
| Moderate |
string |
OnPremiseResourceDetails
Details of the On Premise resource that was assessed
| Name | Type | Description |
|---|---|---|
| machineName |
string |
The name of the machine |
| source |
string:
On |
The platform where the assessed resource resides |
| sourceComputerId |
string |
The oms agent Id installed on the machine |
| vmuuid |
string |
The unique Id of the machine |
| workspaceId |
string |
Azure resource Id of the workspace the machine is attached to |
OnPremiseSqlResourceDetails
Details of the On Premise Sql resource that was assessed
| Name | Type | Description |
|---|---|---|
| databaseName |
string |
The Sql database name installed on the machine |
| machineName |
string |
The name of the machine |
| serverName |
string |
The Sql server name installed on the machine |
| source |
string:
On |
The platform where the assessed resource resides |
| sourceComputerId |
string |
The oms agent Id installed on the machine |
| vmuuid |
string |
The unique Id of the machine |
| workspaceId |
string |
Azure resource Id of the workspace the machine is attached to |
SecurityAssessment
Security assessment on a resource
| Name | Type | Description |
|---|---|---|
| id |
string |
Resource Id |
| name |
string |
Resource name |
| properties.additionalData |
object |
Additional data regarding the assessment |
| properties.displayName |
string |
User friendly display name of the assessment |
| properties.links |
Links relevant to the assessment |
|
| properties.metadata |
Describes properties of an assessment metadata. |
|
| properties.partnersData |
Data regarding 3rd party partner integration |
|
| properties.resourceDetails | ResourceDetails: |
Details of the resource that was assessed |
| properties.status |
The result of the assessment |
|
| type |
string |
Resource type |
SecurityAssessmentMetadataPartnerData
Describes the partner that created the assessment
| Name | Type | Description |
|---|---|---|
| partnerName |
string |
Name of the company of the partner |
| productName |
string |
Name of the product of the partner that created the assessment |
| secret |
string |
Secret to authenticate the partner and verify it created the assessment - write only |
SecurityAssessmentMetadataProperties
Describes properties of an assessment metadata.
| Name | Type | Description |
|---|---|---|
| assessmentType |
BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition |
|
| categories |
The categories of resource that is at risk when the assessment is unhealthy |
|
| description |
string |
Human readable description of the assessment |
| displayName |
string |
User friendly display name of the assessment |
| implementationEffort |
The implementation effort required to remediate this assessment |
|
| partnerData |
Describes the partner that created the assessment |
|
| policyDefinitionId |
string |
Azure resource ID of the policy definition that turns this assessment calculation on |
| preview |
boolean |
True if this assessment is in preview release status |
| remediationDescription |
string |
Human readable description of what you should do to mitigate this security issue |
| severity |
The severity level of the assessment |
|
| threats |
threats[] |
Threats impact of the assessment |
| userImpact |
The user impact of the assessment |
SecurityAssessmentPartnerData
Data regarding 3rd party partner integration
| Name | Type | Description |
|---|---|---|
| partnerName |
string |
Name of the company of the partner |
| secret |
string |
secret to authenticate the partner - write only |
severity
The severity level of the assessment
| Name | Type | Description |
|---|---|---|
| High |
string |
|
| Low |
string |
|
| Medium |
string |
threats
| Name | Type | Description |
|---|---|---|
| accountBreach |
string |
|
| dataExfiltration |
string |
|
| dataSpillage |
string |
|
| denialOfService |
string |
|
| elevationOfPrivilege |
string |
|
| maliciousInsider |
string |
|
| missingCoverage |
string |
|
| threatResistance |
string |
userImpact
The user impact of the assessment
| Name | Type | Description |
|---|---|---|
| High |
string |
|
| Low |
string |
|
| Moderate |
string |