Add-AzSecuritySqlVulnerabilityAssessmentBaseline

Add SQL vulnerability assessment baseline.

Syntax

Add-AzSecuritySqlVulnerabilityAssessmentBaseline
   -RuleId <String>
   [-Baseline <String[][]>]
   -ResourceId <String>
   -WorkspaceId <String>
   -Server <String>
   -Database <String>
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
Add-AzSecuritySqlVulnerabilityAssessmentBaseline
   -RuleId <String>
   [-Baseline <String[][]>]
   -WorkspaceId <String>
   -Server <String>
   -Database <String>
   -ComputerName <String>
   -VmUuid <String>
   -AgentId <String>
   -WorkspaceResourceId <String>
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
Add-AzSecuritySqlVulnerabilityAssessmentBaseline
   -InputObject <PSSqlVulnerabilityAssessmentBaselineResults>
   -ResourceId <String>
   -WorkspaceId <String>
   -Server <String>
   -Database <String>
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
Add-AzSecuritySqlVulnerabilityAssessmentBaseline
   -InputObject <PSSqlVulnerabilityAssessmentBaselineResults>
   -WorkspaceId <String>
   -Server <String>
   -Database <String>
   -ComputerName <String>
   -VmUuid <String>
   -AgentId <String>
   -WorkspaceResourceId <String>
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

Add SQL vulnerability assessment baseline

Examples

Example 1: Add results as baseline using resource id parameters.

Add-AzSecuritySqlVulnerabilityAssessmentBaseline -ResourceId /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace/onPremiseMachines/ahabas-dev01.middleeast.corp.microsoft.com_49640166-652f-4ee6-b48b-cfb840b8afe2_4c4c4544-0030-4b10-8039-b8c04f4a3332 -WorkspaceId  ba7c9d0e-a6e3-4997-b575-cf7a18a98a49 -Server AHABASDEV01SRV -Database master -RuleId "VA2108" -Baseline @( , @("dbo", "db_owner1", "SQL_USER"))

Results                  Id
-------                  --
{dbo db_owner1 SQL_USER} /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace/onpremisemachines/ahabas-dev01.middleeast.corp.microsoft.com_49640166-652f-4ee6-b48b-cfb840b8afe2_4c4c4544-0030-4b10-8039-b8c04f4a3332/sqlServ…

Example of resource id parameters. Supported resources are:

  • ARC: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.HybridCompute/machines/{machineName}
  • VM: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/virtualMachines/{machineName}
  • On-Premise: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/microsoft.operationalinsights/workspaces/{workspaceName}/onPremiseMachines/{machineName}

For on premise resources, the patameter machineName is composed as follows: {ComputerName}{AgentId}{VmUuid}

Notice the @(,@('a','b',...)) syntax for array of arrays of string with only one inner array. Eeach inner array represents a row in the query results.

Example 2: Add results as baseline using on premise parameters.

Add-AzSecuritySqlVulnerabilityAssessmentBaseline -WorkspaceResourceId /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace -ComputerName ahabas-dev01.middleeast.corp.microsoft.com -AgentId 49640166-652f-4ee6-b48b-cfb840b8afe2 -VmUuid 4c4c4544-0030-4b10-8039-b8c04f4a3332 -WorkspaceId  ba7c9d0e-a6e3-4997-b575-cf7a18a98a49 -Server AHABASDEV01SRV -Database master -RuleId "VA2108" -Baseline @( , @("dbo", "db_owner1", "SQL_USER"))

Results                  Id
-------                  --
{dbo db_owner1 SQL_USER} /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace/onpremisemachines/ahabas-dev01.middleeast.corp.microsoft.com_49640166-652f-4ee6-b48b-cfb840b8afe2_4c4c4544-0030-4b10-8039-b8c04f4a3332/sqlServ…

Example of on premise parameters.

Example 3: Add results as baseline for specific rule.

Add-AzSecuritySqlVulnerabilityAssessmentBaseline -WorkspaceResourceId /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace -ComputerName ahabas-dev01.middleeast.corp.microsoft.com -AgentId 49640166-652f-4ee6-b48b-cfb840b8afe2 -VmUuid 4c4c4544-0030-4b10-8039-b8c04f4a3332 -WorkspaceId  ba7c9d0e-a6e3-4997-b575-cf7a18a98a49 -Server AHABASDEV01SRV -Database master -RuleId "VA2108"

Results                  Id
-------                  --
{dbo db_owner1 SQL_USER} /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace/onpremisemachines/ahabas-dev01.middleeast.corp.microsoft.com_49640166-652f-4ee6-b48b-cfb840b8afe2_4c4c4544-0030-4b10-8039-b8c04f4a3332/sqlServ…

In this example when the -Baseline parameter is not supplied, latest results are set as baseline.

Example 4: Copy baseline from a database to an on prem database using pipe.

Get-AzSecuritySqlVulnerabilityAssessmentBaseline -ResourceId /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace/onPremiseMachines/ahabas-dev01.middleeast.corp.microsoft.com_49640166-652f-4ee6-b48b-cfb840b8afe2_4c4c4544-0030-4b10-8039-b8c04f4a3332 -WorkspaceId  ba7c9d0e-a6e3-4997-b575-cf7a18a98a49 -Server AHABASDEV01SRV -Database master  | Add-AzSecuritySqlVulnerabilityAssessmentBaseline -ResourceId subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/talmachinegroupeuap/providers/microsoft.operationalinsights/workspaces/talworkspaceeuap2/onPremiseMachines/TAHERSCO-DEV.middleeast.corp.microsoft.com_7adcdd86-adb6-4008-a254-80e0fc425c55_4c4c4544-0058-3310-8032-c4c04f4a4e32 -WorkspaceId  806d6dfa-132f-488d-975b-9bcf2fcd6802 -Server SQLEXPRESS -Database master

Results                 Id
-------                 --
{dbo db_owner SQL_USER} /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/talmachinegroupeuap/providers/microsoft.operationalinsights/workspaces/talworkspaceeuap2/onpremisemachines/tahersco-dev.middleeast.corp.microsoft.com_7adcdd86-adb6-4008-a254-80e0fc425c55_4c…

Note

In this example, we transfer baseline objects from database 'master' from one server to another using InputObjectWithResourceId parameter set. it is important that both source and destination server have matching platforms, versions, and ruleset otherwise the operation might fail.

Parameters

-AgentId

Agent ID - on premise parameter

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Baseline

Vulnerability assessment baseline object

Type:String[][]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ComputerName

Computer full name - on premise parameter

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Database

Database name

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-InputObject

Input Object.

Type:PSSqlVulnerabilityAssessmentBaselineResults
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-ResourceId

ID of the security resource that you want to invoke the command on. Supported resources are:

  • ARC: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.HybridCompute/machines/{machineName}
  • VM: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/virtualMachines/{machineName}
  • On-Premise: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/microsoft.operationalinsights/workspaces/{workspaceName}/onPremiseMachines/{machineName}
Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-RuleId

Vulnerability assessment rule ID

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Server

Server name

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-VmUuid

Virtual machine universal unique identifier - on premise parameter

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-WorkspaceId

Workspace ID.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-WorkspaceResourceId

Workspace resource ID - on premise parameter

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

Inputs

PSSqlVulnerabilityAssessmentBaselineResults

Outputs

PSSqlVulnerabilityAssessmentBaselineResults