az security va sql

Command group 'az security va' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus

Manage Defender for Cloud vulnerability assessment.

Commands

Name Description Type Status
az security va sql baseline

View and manage Sql Vulnerability Assessment baseline.

Core Preview
az security va sql baseline add

Set a list of baseline rules. Will overwrite any previously existing results (for all rules).

Core Preview
az security va sql baseline create

Create a Baseline for a rule in a database. Will overwrite any previously existing results.

Core Preview
az security va sql baseline delete

Delete a rule from the Baseline of a given database.

Core Preview
az security va sql baseline list

List the results for all rules in the Baseline.

Core Preview
az security va sql baseline set

Set a list of baseline rules. Will overwrite any previously existing results (for all rules).

Core Preview and Deprecated
az security va sql baseline show

Get the results for a given rule in the Baseline.

Core Preview
az security va sql create

Create the SQL Vulnerability Assessment settings.

Core Preview
az security va sql delete

Delete the SQL Vulnerability Assessment settings.

Core Preview
az security va sql results

View Sql Vulnerability Assessment scan results.

Core Preview
az security va sql results list

List a list of scan results for a single scan record.

Core Preview
az security va sql results show

Get the scan results of a single rule in a scan record.

Core Preview
az security va sql scans

View Sql Vulnerability Assessment scan summaries.

Core Preview
az security va sql scans initiate-scan

Initiates a vulnerability assessment scan.

Core Preview
az security va sql scans list

List a list of scan records.

Core Preview
az security va sql scans scan-operation-result

Manage Scan Operation Result.

Core Preview
az security va sql scans scan-operation-result show

Get the result of a scan operation initiated by the InitiateScan action.

Core Preview
az security va sql scans show

Get the scan details of a single scan record.

Core Preview
az security va sql show

Get the SQL Vulnerability Assessment settings.

Core Preview
az security va sql update

Update the SQL Vulnerability Assessment settings.

Core Preview

az security va sql create

Preview

Command group 'az security va sql' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus

Create the SQL Vulnerability Assessment settings.

az security va sql create --resource-id
                          [--acquire-policy-token]
                          [--change-reference]
                          [--state {Disabled, Enabled}]

Examples

Enable SQL Vulnerability Assessment on an Azure SQL server.

az security va sql create --resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Sql/servers/{server} --state Enabled

Enable SQL Vulnerability Assessment on a SQL server hosted on an Azure virtual machine.

az security va sql create --resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Compute/virtualMachines/{vm} --state Enabled

Required Parameters

--resource-id

The fully qualified Azure Resource manager identifier of the resource.

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--acquire-policy-token

Acquiring an Azure Policy token automatically for this resource operation.

Property Value
Parameter group: Global Policy Arguments
--change-reference

The related change reference ID for this resource operation.

Property Value
Parameter group: Global Policy Arguments
--state

Represents the state of a SQL Vulnerability Assessment.

Property Value
Parameter group: Properties Arguments
Accepted values: Disabled, Enabled
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az security va sql delete

Preview

Command group 'az security va sql' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus

Delete the SQL Vulnerability Assessment settings.

az security va sql delete --resource-id
                          [--acquire-policy-token]
                          [--change-reference]
                          [--yes]

Examples

Delete SQL Vulnerability Assessment settings on an Azure SQL server.

az security va sql delete --resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Sql/servers/{server}

Delete SQL Vulnerability Assessment settings on an Arc-enabled SQL server.

az security va sql delete --resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.HybridCompute/machines/{arc}

Required Parameters

--resource-id

The fully qualified Azure Resource manager identifier of the resource.

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--acquire-policy-token

Acquiring an Azure Policy token automatically for this resource operation.

Property Value
Parameter group: Global Policy Arguments
--change-reference

The related change reference ID for this resource operation.

Property Value
Parameter group: Global Policy Arguments
--yes -y

Do not prompt for confirmation.

Property Value
Default value: False
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az security va sql show

Preview

Command group 'az security va sql' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus

Get the SQL Vulnerability Assessment settings.

az security va sql show --resource-id

Examples

Get SQL Vulnerability Assessment settings for an Azure SQL server.

az security va sql show --resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Sql/servers/{server}

Get SQL Vulnerability Assessment settings for a SQL server on an Azure virtual machine.

az security va sql show --resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Compute/virtualMachines/{vm}

Get SQL Vulnerability Assessment settings for a SQL server on an Arc-enabled machine.

az security va sql show --resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.HybridCompute/machines/{arc}

Required Parameters

--resource-id

The fully qualified Azure Resource manager identifier of the resource.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az security va sql update

Preview

Command group 'az security va sql' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus

Update the SQL Vulnerability Assessment settings.

az security va sql update --resource-id
                          [--acquire-policy-token]
                          [--add]
                          [--change-reference]
                          [--force-string {0, 1, f, false, n, no, t, true, y, yes}]
                          [--remove]
                          [--set]
                          [--state {Disabled, Enabled}]

Examples

Disable SQL Vulnerability Assessment on an Azure SQL server.

az security va sql update --resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Sql/servers/{server} --state Disabled

Re-enable SQL Vulnerability Assessment on a SQL Managed Instance.

az security va sql update --resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Sql/managedInstances/{mi} --state Enabled

Required Parameters

--resource-id

The fully qualified Azure Resource manager identifier of the resource.

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--acquire-policy-token

Acquiring an Azure Policy token automatically for this resource operation.

Property Value
Parameter group: Global Policy Arguments
--add

Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.

Property Value
Parameter group: Generic Update Arguments
--change-reference

The related change reference ID for this resource operation.

Property Value
Parameter group: Global Policy Arguments
--force-string

When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.

Property Value
Parameter group: Generic Update Arguments
Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--remove

Remove a property or an element from a list. Example: --remove property.list <indexToRemove> OR --remove propertyToRemove.

Property Value
Parameter group: Generic Update Arguments
--set

Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>.

Property Value
Parameter group: Generic Update Arguments
--state

Represents the state of a SQL Vulnerability Assessment.

Property Value
Parameter group: Properties Arguments
Accepted values: Disabled, Enabled
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False