Database Sql Vulnerability Assessment Scans - Get

  • Reference
Service:
SQL Database
API Version:
2024-05-01-preview

Get a database vulnerability assessment scan result.

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/sqlVulnerabilityAssessments/default/scans/{scanId}?api-version=2024-05-01-preview

URI Parameters

Name In Required Type Description
databaseName
 path True

string

The name of the database.
resourceGroupName
 path True

string

The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
scanId
 path True

string

The vulnerability assessment scan Id of the scan to retrieve.
serverName
 path True

string

The name of the server.
subscriptionId
 path True

string

The subscription ID that identifies an Azure subscription.
vulnerabilityAssessmentName
 path True

VulnerabilityAssessmentName

The name of the vulnerability assessment.
api-version
 query True

string

The API version to use for the request.

Responses

Name Type Description
200 OK

SqlVulnerabilityAssessmentScanRecord

Successfully retrieved the database vulnerability assessment scan.
Other Status Codes

ErrorResponse

*** Error Responses: ***

  • 400 SqlVulnerabilityAssessmentInvalidUserSuppliedParameter - An invalid parameter value was provided by the client.

  • 400 InvalidSqlVulnerabilityAssessmentBaselineInput - The SQL vulnerability assessment baseline input is null or empty.

  • 400 InvalidSqlVulnerabilityAssessmentSettingsInput - The SQL vulnerability assessment setting input is null or empty

  • 400 SqlVulnerabilityAssessmentScanResultsAreNotAvailableYet - SQL vulnerability assessment results are not available yet, please try again later.

  • 400 SqlVulnerabilityAssessmentInvalidRuleId - The SQL vulnerability assessment rule id is invalid.

  • 400 SqlVulnerabilityAssessmentScanDoesNotExist - SQL vulnerability assessment scan does not exist.

  • 400 SqlVulnerabilityAssessmentNoBaseline - No baseline have been found for the latest scan in the resource

  • 400 SqlVulnerabilityAssessmentNoRuleBaseline - No SQL vulnerability assessment baseline was found

  • 400 SqlVulnerabilityAssessmentBaselineNoScanResults - No scan results have been found for rule Id. To set a baseline there must be results for this rule in the latest scan available

  • 400 SqlVulnerabilityAssessmentBadBinaryRuleFormat - Input for binary rule is not a boolean representation

  • 400 SqlVulnerabilityAssessmentBadRuleFormat - The provided results do not comply with the actual layout of the scan results

  • 400 SqlVulnerabilityAssessmentBadRuleWithoutRuleIdFormat - The provided results do not comply with the actual layout of the scan results

  • 400 SqlVulnerabilityAssessmentBadBinaryRuleWithoutRuleIdFormat - Input for binary rule is not a boolean representation

  • 400 SqlVulnerabilityAssessmentBaselineNoScanResultsWithoutRuleId - No scan results have been found for one of the rules. To set a baseline there must be results for this rule in the latest scan available

  • 400 SqlVulnerabilityAssessmentEmptyBaseline - Baseline not set because the results are null or empty

  • 400 SqlVulnerabilityAssessmentIsDisabled - SQL vulnerability assessment feature is disabled. please enable the feature before executing other SQL vulnerability assessment operations.

  • 404 SubscriptionDoesNotHaveServer - The requested server was not found

  • 404 SourceDatabaseNotFound - The source database does not exist.

  • 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.

  • 409 SqlVulnerabilityAssessmentStoragefullApiIsEnabled - Vulnerability Assessment is enabled on this server or one of its underlying databases with an incompatible version. Additional troubleshooting information can be found https://aka.ms/SQLVAStoragelessDocumentation.

  • 409 DatabaseVulnerabilityAssessmentScanIsAlreadyInProgress - SQL Vulnerability Assessment scan is already in progress

  • 500 DatabaseIsUnavailable - Loading failed. Please try again later.

Examples

Get a database's vulnerability assessment scan.

Sample request

GET https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityassessmenttest-4711/providers/Microsoft.Sql/servers/vulnerabilityassessmenttest-6411/databases/testdb/sqlVulnerabilityAssessments/default/scans/scan001?api-version=2024-05-01-preview

Sample response

Status code:
200 
{
  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityassessmenttest-4711/providers/Microsoft.Sql/servers/vulnerabilityassessmenttest-6411/databases/testdb/sqlVulnerabilityAssessments/default/scans/scan001",
  "name": "scan001",
  "type": "Microsoft.Sql/servers/databases/sqlVulnerabilityAssessments/scans",
  "properties": {
    "scanId": "scan001",
    "triggerType": "Recurring",
    "state": "Failed",
    "server": "vulnerabilityassessmenttest-6411",
    "database": "testdb",
    "sqlVersion": "15.0.2000",
    "startTime": "2020-06-23T12:19:00.6455136+05:30",
    "endTime": "2020-06-23T06:49:00.7236217Z",
    "highSeverityFailedRulesCount": 3,
    "mediumSeverityFailedRulesCount": 2,
    "lowSeverityFailedRulesCount": 1,
    "totalPassedRulesCount": 20,
    "totalFailedRulesCount": 6,
    "totalRulesCount": 26,
    "isBaselineApplied": false,
    "lastScanTime": "2020-06-23T12:19:00.6455136+05:30"
  }
}

Definitions

Name Description
createdByType

The type of identity that created the resource.
ErrorAdditionalInfo

The resource management error additional info.
ErrorDetail

The error detail.
ErrorResponse

Error response
SqlVulnerabilityAssessmentScanError

Properties of a vulnerability assessment scan error.
SqlVulnerabilityAssessmentScanRecord

A vulnerability assessment scan record.
systemData

Metadata pertaining to creation and last modification of the resource.
VulnerabilityAssessmentName

The name of the vulnerability assessment.
VulnerabilityAssessmentScanState

The scan status.
VulnerabilityAssessmentScanTriggerType

The scan trigger type.

createdByType

The type of identity that created the resource.

Name Type Description
Application

string

Key

string

ManagedIdentity

string

User

string

ErrorAdditionalInfo

The resource management error additional info.

Name Type Description
info

object

The additional info.
type

string

The additional info type.

ErrorDetail

The error detail.

Name Type Description
additionalInfo

ErrorAdditionalInfo[]

The error additional info.
code

string

The error code.
details

ErrorDetail[]

The error details.
message

string

The error message.
target

string

The error target.

ErrorResponse

Error response

Name Type Description
error

ErrorDetail

The error object.

SqlVulnerabilityAssessmentScanError

Properties of a vulnerability assessment scan error.

Name Type Description
code

string

The error code.
message

string

The error message.

SqlVulnerabilityAssessmentScanRecord

A vulnerability assessment scan record.

Name Type Description
id

string

Resource ID.
name

string

Resource name.
properties.database

string

The database name.
properties.endTime

string

The scan end time (UTC).
properties.errors

SqlVulnerabilityAssessmentScanError[]

The scan errors.
properties.highSeverityFailedRulesCount

integer

The number of failed rules with high severity.
properties.isBaselineApplied

boolean

Baseline created for this database, and has one or more rules.
properties.lastScanTime

string

The last scan time.
properties.lowSeverityFailedRulesCount

integer

The number of failed rules with low severity.
properties.mediumSeverityFailedRulesCount

integer

The number of failed rules with medium severity.
properties.scanId

string

The scan ID.
properties.server

string

The server name.
properties.sqlVersion

string

The SQL version.
properties.startTime

string

The scan start time (UTC).
properties.state

VulnerabilityAssessmentScanState

The scan status.
properties.totalFailedRulesCount

integer

The number of total failed rules.
properties.totalPassedRulesCount

integer

The number of total passed rules.
properties.totalRulesCount

integer

The number of total rules assessed.
properties.triggerType

VulnerabilityAssessmentScanTriggerType

The scan trigger type.
systemData

systemData

SystemData of SqlVulnerabilityAssessmentScanRecordResource.
type

string

Resource type.

systemData

Metadata pertaining to creation and last modification of the resource.

Name Type Description
createdAt

string

The timestamp of resource creation (UTC).
createdBy

string

The identity that created the resource.
createdByType

createdByType

The type of identity that created the resource.
lastModifiedAt

string

The timestamp of resource last modification (UTC)
lastModifiedBy

string

The identity that last modified the resource.
lastModifiedByType

createdByType

The type of identity that last modified the resource.

VulnerabilityAssessmentName

The name of the vulnerability assessment.

Name Type Description
default

string

VulnerabilityAssessmentScanState

The scan status.

Name Type Description
Failed

string

FailedToRun

string

InProgress

string

Passed

string

VulnerabilityAssessmentScanTriggerType

The scan trigger type.

Name Type Description
OnDemand

string

Recurring

string