Uredi

Deli z drugimi prek

Start-AzSqlInstanceDatabaseVulnerabilityAssessmentScan

Module:
Az.Sql Module

Starts a vulnerability assessment scan.

Syntax

GetByNameParameterSet (Default) 

Start-AzSqlInstanceDatabaseVulnerabilityAssessmentScan
    [-InstanceName] <String>
    [-DatabaseName] <String>
    [-ResourceGroupName] <String>
    [-AsJob]
    [-ScanId <String>]
    [-DefaultProfile <IAzureContextContainer>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

StartByParentResourceParameterSet 

Start-AzSqlInstanceDatabaseVulnerabilityAssessmentScan
    [-ResourceGroupName] <String>
    -InputObject <AzureSqlManagedDatabaseModel>
    [-AsJob]
    [-ScanId <String>]
    [-DefaultProfile <IAzureContextContainer>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Description

The Start-AzSqlInstanceDatabaseVulnerabilityAssessmentScan cmdlet triggers a scan with ScanId identifier. Scan results will be saved under the storage defined by the Update-AzSqlInstanceVulnerabilityAssessmentSetting cmdlet, under scans/{ManagedInstanceName}/{ManagedDatabaseName}/scan_{ScanId}.json You can monitor the progress of the scan by using the Get-AzSqlInstanceDatabaseVulnerabilityAssessmentScanRecord cmdlet with the scanId parameter and look at the State returned parameter. Note that you need to run Enable-AzSqlInstanceAdvancedDataSecurity and Update-AzSqlInstanceVulnerabilityAssessmentSetting cmdlet as a prerequisite for using this cmdlets.

Examples

Example 1: Starts a vulnerability assessment scan

Start-AzSqlInstanceDatabaseVulnerabilityAssessmentScan `
            -ResourceGroupName "ResourceGroup01" `
            -InstanceName "ManagedInstance01" `
            -DatabaseName "Database01" `
            -ScanId "myScan"

ResourceGroupName	         : ResourceGroup01
InstanceName		     : ManagedInstance01
DatabaseName		     : Database01
ScanId			             : myScan
TriggerType		             : OnDemand
State			             : Fail
StartTime			         : 6/11/2018 1:57:27 PM
EndTime			             : 6/11/2018 1:57:31 PM
Errors			             : {}
ScanResultsLocationPath	     : https://myaccount.blob.core.windows.net/vulnerability-assessment
                                scans/ManagedInstance01/Database01/scan_myScan.json
NumberOfFailedSecurityChecks : 9

Example 2: Starts a vulnerability assessment scan without a specific scan ID

Start-AzSqlInstanceDatabaseVulnerabilityAssessmentScan `
            -ResourceGroupName "ResourceGroup01" `
            -InstanceName "ManagedInstance01" `
            -DatabaseName "Database01"

ResourceGroupName	         : ResourceGroup01
InstanceName		     : ManagedInstance01
DatabaseName		     : Database01
ScanId			             : 20180611_135726
TriggerType		             : OnDemand
State			             : Fail
StartTime			         : 6/11/2018 1:57:27 PM
EndTime			             : 6/11/2018 1:57:31 PM
Errors			             : {}
ScanResultsLocationPath	     : https://myaccount.blob.core.windows.net/vulnerability-assessment
                                scans/ManagedInstance01/Database01/scan_myScan.json
NumberOfFailedSecurityChecks : 9

This command generates a scan ID in the format of "yyyyMMdd_HHmmss" from the UTC date time.

Example 3: Starts a vulnerability assessment scan in the background

$scanJob = Start-AzSqlInstanceDatabaseVulnerabilityAssessmentScan `
            -ResourceGroupName "ResourceGroup01" `
            -InstanceName "ManagedInstance01" `
            -DatabaseName "Database01" `
            -ScanId "myScan" `
            -AsJob
$scanJob | Wait-Job
$scanJob | Receive-Job

ResourceGroupName	         : ResourceGroup01
InstanceName		     : ManagedInstance01
DatabaseName		     : Database01
ScanId			             : myScan
TriggerType		             : OnDemand
State			             : Fail
StartTime			         : 6/11/2018 1:57:27 PM
EndTime			             : 6/11/2018 1:57:31 PM
Errors			             : {}
ScanResultsLocationPath	     : https://myaccount.blob.core.windows.net/vulnerability-assessment
                                scans/ManagedInstance01/Database01/scan_myScan.json
NumberOfFailedSecurityChecks : 9

Example 4: Starts a vulnerability assessment scan with a managed database object

Get-AzSqlInstanceDatabase `
            -ResourceGroupName "ResourceGroup01" `
            -InstanceName "ManagedInstance01" `
            -Name "Database01" `
            | Start-AzSqlInstanceDatabaseVulnerabilityAssessmentScan

ResourceGroupName	         : ResourceGroup01
InstanceName		     : ManagedInstance01
DatabaseName		     : Database01
ScanId			             : 20180611_135726
TriggerType		             : OnDemand
State			             : Fail
StartTime			         : 6/11/2018 1:57:27 PM
EndTime			             : 6/11/2018 1:57:31 PM
Errors			             : {}
ScanResultsLocationPath	     : https://myaccount.blob.core.windows.net/vulnerability-assessment
                                scans/ManagedInstance01/Database01/scan_myScan.json
NumberOfFailedSecurityChecks : 9

Example 5: Starts a vulnerability assessment scan on all the databases under a managed instance

Get-AzSqlInstanceDatabase `
            -ResourceGroupName "ResourceGroup01" `
            -InstanceName "ManagedInstance01" `
            | Where-Object {$_.Name -ne "master"}  `
            | Start-AzSqlInstanceDatabaseVulnerabilityAssessmentScan

ResourceGroupName	         : ResourceGroup01
InstanceName		     : ManagedInstance01
DatabaseName		     : Database01
ScanId			             : 20180611_135726
TriggerType		             : OnDemand
State			             : Fail
StartTime			         : 6/11/2018 1:57:27 PM
EndTime			             : 6/11/2018 1:57:31 PM
Errors			             : {}
ScanResultsLocationPath	     : https://myaccount.blob.core.windows.net/vulnerability-assessment
                                scans/ManagedInstance01/Database01/scan_myScan.json
NumberOfFailedSecurityChecks : 9


ResourceGroupName	         : ResourceGroup01
InstanceName		     : ManagedInstance01
DatabaseName		     : Database02
ScanId			             : 20180611_135726
TriggerType		             : OnDemand
State			             : Fail
StartTime			         : 6/11/2018 1:57:27 PM
EndTime			             : 6/11/2018 1:57:31 PM
Errors			             : {}
ScanResultsLocationPath	     : https://myaccount.blob.core.windows.net/vulnerability-assessment
                                scans/ManagedInstance01/Database02/scan_myScan.json
NumberOfFailedSecurityChecks : 9

Parameters

-AsJob

Run cmdlet in the background

Parameter properties

Type:SwitchParameter
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Parameter properties

Type:SwitchParameter
Default value:None
Supports wildcards:False
DontShow:False
Aliases:cf

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-DatabaseName

SQL Managed Database name.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

GetByNameParameterSet
Position:2
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Parameter properties

Type:IAzureContextContainer
Default value:None
Supports wildcards:False
DontShow:False
Aliases:AzContext, AzureRmContext, AzureCredential

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-InputObject

The managed database object to get Vulnerability Assessment settings for

Parameter properties

Type:AzureSqlManagedDatabaseModel
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

StartByParentResourceParameterSet
Position:Named
Mandatory:True
Value from pipeline:True
Value from pipeline by property name:False
Value from remaining arguments:False

-InstanceName

SQL Managed Instance name.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

GetByNameParameterSet
Position:1
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ResourceGroupName

The name of the resource group.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:0
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:True
Value from remaining arguments:False

-ScanId

Specifies the scan ID.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:True
Value from remaining arguments:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Parameter properties

Type:SwitchParameter
Default value:None
Supports wildcards:False
DontShow:False
Aliases:wi

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Inputs

AzureSqlManagedDatabaseModel

String

Outputs

ManagedDatabaseVulnerabilityAssessmentScanRecordModel