你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站，请访问 https://docs.azure.cn。

Database Vulnerability Assessments - Create Or Update

Service:

SQL Database

API Version:

2021-11-01

创建或更新数据库的漏洞评估。

PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/vulnerabilityAssessments/default?api-version=2021-11-01

URI 参数

名称	在	必需	类型	说明
databaseName	path	True	string	为其定义漏洞评估的数据库的名称。
resourceGroupName	path	True	string	包含该资源的资源组名称。 可以从 Azure 资源管理器 API 或门户获取此值。
serverName	path	True	string	服务器的名称。
subscriptionId	path	True	string	用于标识 Azure 订阅的订阅 ID。
vulnerabilityAssessmentName	path	True	VulnerabilityAssessmentName	漏洞评估的名称。
api-version	query	True	string	要用于请求的 API 版本。

请求正文

名称	类型	说明
properties.recurringScans	VulnerabilityAssessmentRecurringScansProperties	定期扫描设置
properties.storageAccountAccessKey	string	指定用于漏洞评估扫描结果的存储帐户的标识符密钥。 如果未指定“StorageContainerSasKey”，则需要 storageAccountAccessKey。 仅当存储帐户不在 Vnet 或防火墙后面时才适用
properties.storageContainerPath	string	用于保存扫描结果的 blob 存储容器路径 (例如 https://myStorage.blob.core.windows.net/VaScans/) 。 如果未设置服务器级别漏洞评估策略，则需要该策略
properties.storageContainerSasKey	string	共享访问签名 (SAS 密钥) ，对“storageContainerPath”参数中指定的 Blob 容器具有写入访问权限。 如果未指定“storageAccountAccessKey”，则需要 StorageContainerSasKey。 仅当存储帐户不在 Vnet 或防火墙后面时才适用

响应

名称	类型	说明
200 OK	DatabaseVulnerabilityAssessment	已成功设置漏洞评估。
201 Created	DatabaseVulnerabilityAssessment	已成功创建漏洞评估。
Other Status Codes		错误响应： *** 400 InvalidStorageAccountName - 提供的存储帐户无效或不存在。 400 InvalidStorageAccountCredentials - 提供的存储帐户共享访问签名或帐户存储帐户密钥无效。 400 DatabaseVulnerabilityAssessmentMissingStorageContainerPath - 如果未在服务器级别策略中设置存储容器路径，则必须提供存储容器路径 400 VulnerabilityAssessmentUnsupportedStorageAccount - 提供的存储帐户不受支持。 400 VulnerabilityAssessmentADSIsDisabled - 应启用高级数据安全才能使用漏洞评估。 400 VulnerabilityAssessmentStorageOutboundFirewallNotAllowed - 存储帐户不在出站防火墙规则列表中。 400 VulnerabilityAssessmentInsufficientStorageAccountPermissions - 对提供的存储帐户权限不足。 400 VulnerabilityAssessmentStorageAccountIsDisabled - 提供的存储帐户处于禁用状态。 400 InvalidVulnerabilityAssessmentOperationRequest - 漏洞评估操作请求不存在或没有 properties 对象。 400 DataSecurityInvalidUserSuppliedParameter - 客户端提供的参数值无效。 404 SubscriptionDoesNotHaveServer - 找不到请求的服务器 404 SourceDatabaseNotFound - 源数据库不存在。 404 DatabaseDoesNotExist - 用户指定了此服务器实例上不存在的数据库名称。 500 DatabaseIsUnavailable - 加载失败。 请稍后再试。

示例

Create a database's vulnerability assessment with all parameters

Create a database's vulnerability assessment with minimal parameters, when storageAccountAccessKey is specified

Create a database's vulnerability assessment with minimal parameters, when storageContainerSasKey is specified

Create a database's vulnerability assessment with all parameters

Sample Request

HTTP

PUT https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest-6440/databases/testdb/vulnerabilityAssessments/default?api-version=2021-11-01

{
  "properties": {
    "storageContainerPath": "https://myStorage.blob.core.windows.net/vulnerability-assessment/",
    "storageContainerSasKey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
    "storageAccountAccessKey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
    "recurringScans": {
      "isEnabled": true,
      "emailSubscriptionAdmins": true,
      "emails": [
        "email1@mail.com",
        "email2@mail.com"
      ]
    }
  }
}

Sample Response

Status code:

200

{
  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest-6440/databases/testdb/vulnerabilityAssessments/default",
  "name": "default",
  "type": "Microsoft.Sql/servers/databases/vulnerabilityAssessments",
  "properties": {
    "recurringScans": {
      "isEnabled": true,
      "emailSubscriptionAdmins": true,
      "emails": [
        "email1@mail.com",
        "email2@mail.com"
      ]
    }
  }
}

Status code:

201

{
  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest-6440/databases/testdb/vulnerabilityAssessments/default",
  "name": "default",
  "type": "Microsoft.Sql/servers/databases/vulnerabilityAssessments",
  "properties": {
    "recurringScans": {
      "isEnabled": true,
      "emailSubscriptionAdmins": true,
      "emails": [
        "email1@mail.com",
        "email2@mail.com"
      ]
    }
  }
}

Create a database's vulnerability assessment with minimal parameters, when storageAccountAccessKey is specified

Sample Request

HTTP

PUT https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest-6440/databases/testdb/vulnerabilityAssessments/default?api-version=2021-11-01

{
  "properties": {
    "storageContainerPath": "https://myStorage.blob.core.windows.net/vulnerability-assessment/",
    "storageAccountAccessKey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
  }
}

Sample Response

Status code:

200

{
  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest-6440/databases/testdb/vulnerabilityAssessments/default",
  "name": "default",
  "type": "Microsoft.Sql/servers/databases/vulnerabilityAssessments",
  "properties": {
    "recurringScans": {
      "isEnabled": true,
      "emailSubscriptionAdmins": false,
      "emails": []
    }
  }
}

Status code:

201

{
  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest-6440/databases/testdb/vulnerabilityAssessments/default",
  "name": "default",
  "type": "Microsoft.Sql/servers/databases/vulnerabilityAssessments",
  "properties": {
    "recurringScans": {
      "isEnabled": true,
      "emailSubscriptionAdmins": false,
      "emails": []
    }
  }
}

Create a database's vulnerability assessment with minimal parameters, when storageContainerSasKey is specified

Sample Request

HTTP

PUT https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest-6440/databases/testdb/vulnerabilityAssessments/default?api-version=2021-11-01

{
  "properties": {
    "storageContainerPath": "https://myStorage.blob.core.windows.net/vulnerability-assessment/",
    "storageContainerSasKey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
  }
}

Sample Response

Status code:

200

{
  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest-6440/databases/testdb/vulnerabilityAssessments/default",
  "name": "default",
  "type": "Microsoft.Sql/servers/databases/vulnerabilityAssessments",
  "properties": {
    "recurringScans": {
      "isEnabled": true,
      "emailSubscriptionAdmins": false,
      "emails": []
    }
  }
}

Status code:

201

{
  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest-6440/databases/testdb/vulnerabilityAssessments/default",
  "name": "default",
  "type": "Microsoft.Sql/servers/databases/vulnerabilityAssessments",
  "properties": {
    "recurringScans": {
      "isEnabled": true,
      "emailSubscriptionAdmins": false,
      "emails": []
    }
  }
}

定义

名称	说明
DatabaseVulnerabilityAssessment	数据库漏洞评估。
VulnerabilityAssessmentName	漏洞评估的名称。
VulnerabilityAssessmentRecurringScansProperties	漏洞评估定期扫描的属性。

DatabaseVulnerabilityAssessment

数据库漏洞评估。

名称	类型	说明
id	string	资源 ID。
name	string	资源名称。
properties.recurringScans	VulnerabilityAssessmentRecurringScansProperties	定期扫描设置
properties.storageAccountAccessKey	string	指定用于漏洞评估扫描结果的存储帐户的标识符密钥。 如果未指定“StorageContainerSasKey”，则需要 storageAccountAccessKey。 仅当存储帐户不在 Vnet 或防火墙后面时才适用
properties.storageContainerPath	string	用于保存扫描结果的 blob 存储容器路径 (例如 https://myStorage.blob.core.windows.net/VaScans/) 。 如果未设置服务器级别漏洞评估策略，则需要该策略
properties.storageContainerSasKey	string	共享访问签名 (SAS 密钥) ，对“storageContainerPath”参数中指定的 Blob 容器具有写入访问权限。 如果未指定“storageAccountAccessKey”，则需要 StorageContainerSasKey。 仅当存储帐户不在 Vnet 或防火墙后面时才适用
type	string	资源类型。

VulnerabilityAssessmentName

漏洞评估的名称。

名称	类型	说明
default	string

VulnerabilityAssessmentRecurringScansProperties

漏洞评估定期扫描的属性。

名称	类型	默认值	说明
emailSubscriptionAdmins	boolean	True	指定计划扫描通知将发送给订阅管理员。
emails	string[]		指定扫描通知发送到的电子邮件地址数组。
isEnabled	boolean		定期扫描状态。