az security va sql
Command group 'az security va' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Manage Defender for Cloud vulnerability assessment.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az security va sql baseline |
View and manage Sql Vulnerability Assessment baseline. |
Core | Preview |
| az security va sql baseline add |
Set a list of baseline rules. Will overwrite any previously existing results (for all rules). |
Core | Preview |
| az security va sql baseline create |
Create a Baseline for a rule in a database. Will overwrite any previously existing results. |
Core | Preview |
| az security va sql baseline delete |
Delete a rule from the Baseline of a given database. |
Core | Preview |
| az security va sql baseline list |
List the results for all rules in the Baseline. |
Core | Preview |
| az security va sql baseline set |
Set a list of baseline rules. Will overwrite any previously existing results (for all rules). |
Core | Preview and Deprecated |
| az security va sql baseline show |
Get the results for a given rule in the Baseline. |
Core | Preview |
| az security va sql create |
Create the SQL Vulnerability Assessment settings. |
Core | Preview |
| az security va sql delete |
Delete the SQL Vulnerability Assessment settings. |
Core | Preview |
| az security va sql results |
View Sql Vulnerability Assessment scan results. |
Core | Preview |
| az security va sql results list |
List a list of scan results for a single scan record. |
Core | Preview |
| az security va sql results show |
Get the scan results of a single rule in a scan record. |
Core | Preview |
| az security va sql scans |
View Sql Vulnerability Assessment scan summaries. |
Core | Preview |
| az security va sql scans initiate-scan |
Initiates a vulnerability assessment scan. |
Core | Preview |
| az security va sql scans list |
List a list of scan records. |
Core | Preview |
| az security va sql scans scan-operation-result |
Manage Scan Operation Result. |
Core | Preview |
| az security va sql scans scan-operation-result show |
Get the result of a scan operation initiated by the InitiateScan action. |
Core | Preview |
| az security va sql scans show |
Get the scan details of a single scan record. |
Core | Preview |
| az security va sql show |
Get the SQL Vulnerability Assessment settings. |
Core | Preview |
| az security va sql update |
Update the SQL Vulnerability Assessment settings. |
Core | Preview |
az security va sql create
Command group 'az security va sql' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Create the SQL Vulnerability Assessment settings.
az security va sql create --resource-id
[--acquire-policy-token]
[--change-reference]
[--state {Disabled, Enabled}]
Examples
Enable SQL Vulnerability Assessment on an Azure SQL server.
az security va sql create --resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Sql/servers/{server} --state Enabled
Enable SQL Vulnerability Assessment on a SQL server hosted on an Azure virtual machine.
az security va sql create --resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Compute/virtualMachines/{vm} --state Enabled
Required Parameters
The fully qualified Azure Resource manager identifier of the resource.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Acquiring an Azure Policy token automatically for this resource operation.
| Property | Value |
|---|---|
| Parameter group: | Global Policy Arguments |
The related change reference ID for this resource operation.
| Property | Value |
|---|---|
| Parameter group: | Global Policy Arguments |
Represents the state of a SQL Vulnerability Assessment.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
| Accepted values: | Disabled, Enabled |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az security va sql delete
Command group 'az security va sql' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Delete the SQL Vulnerability Assessment settings.
az security va sql delete --resource-id
[--acquire-policy-token]
[--change-reference]
[--yes]
Examples
Delete SQL Vulnerability Assessment settings on an Azure SQL server.
az security va sql delete --resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Sql/servers/{server}
Delete SQL Vulnerability Assessment settings on an Arc-enabled SQL server.
az security va sql delete --resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.HybridCompute/machines/{arc}
Required Parameters
The fully qualified Azure Resource manager identifier of the resource.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Acquiring an Azure Policy token automatically for this resource operation.
| Property | Value |
|---|---|
| Parameter group: | Global Policy Arguments |
The related change reference ID for this resource operation.
| Property | Value |
|---|---|
| Parameter group: | Global Policy Arguments |
Do not prompt for confirmation.
| Property | Value |
|---|---|
| Default value: | False |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az security va sql show
Command group 'az security va sql' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Get the SQL Vulnerability Assessment settings.
az security va sql show --resource-id
Examples
Get SQL Vulnerability Assessment settings for an Azure SQL server.
az security va sql show --resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Sql/servers/{server}
Get SQL Vulnerability Assessment settings for a SQL server on an Azure virtual machine.
az security va sql show --resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Compute/virtualMachines/{vm}
Get SQL Vulnerability Assessment settings for a SQL server on an Arc-enabled machine.
az security va sql show --resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.HybridCompute/machines/{arc}
Required Parameters
The fully qualified Azure Resource manager identifier of the resource.
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az security va sql update
Command group 'az security va sql' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Update the SQL Vulnerability Assessment settings.
az security va sql update --resource-id
[--acquire-policy-token]
[--add]
[--change-reference]
[--force-string {0, 1, f, false, n, no, t, true, y, yes}]
[--remove]
[--set]
[--state {Disabled, Enabled}]
Examples
Disable SQL Vulnerability Assessment on an Azure SQL server.
az security va sql update --resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Sql/servers/{server} --state Disabled
Re-enable SQL Vulnerability Assessment on a SQL Managed Instance.
az security va sql update --resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Sql/managedInstances/{mi} --state Enabled
Required Parameters
The fully qualified Azure Resource manager identifier of the resource.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Acquiring an Azure Policy token automatically for this resource operation.
| Property | Value |
|---|---|
| Parameter group: | Global Policy Arguments |
Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.
| Property | Value |
|---|---|
| Parameter group: | Generic Update Arguments |
The related change reference ID for this resource operation.
| Property | Value |
|---|---|
| Parameter group: | Global Policy Arguments |
When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.
| Property | Value |
|---|---|
| Parameter group: | Generic Update Arguments |
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
Remove a property or an element from a list. Example: --remove property.list <indexToRemove> OR --remove propertyToRemove.
| Property | Value |
|---|---|
| Parameter group: | Generic Update Arguments |
Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>.
| Property | Value |
|---|---|
| Parameter group: | Generic Update Arguments |
Represents the state of a SQL Vulnerability Assessment.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
| Accepted values: | Disabled, Enabled |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |