你当前正在访问 Microsoft Azure Global Edition 技术文档网站。如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站，请访问 https://docs.azure.cn。

Sql Vulnerability Assessment Scan Results - List

服务:: Defender for Cloud

API 版本:: 2023-02-01-preview

获取单个扫描记录的扫描结果列表。

GET https://management.azure.com/{resourceId}/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/{scanId}/scanResults?workspaceId={workspaceId}&api-version=2023-02-01-preview

URI 参数

名称	在	必需	类型	说明
resourceId	path	True	string	资源的标识符。
scanId	path	True	string	扫描 ID。键入“latest”以获取最新扫描的扫描结果。
api-version	query	True	string	API 版本。
workspaceId	query	True	string	工作区 ID。

响应

名称	类型	说明
200 OK	ScanResults	返回扫描结果的列表。
Other Status Codes	CloudError	描述操作失败的原因的错误响应。

安全性

azure_auth

Azure Active Directory OAuth2 流

类型: oauth2
流向: implicit
授权 URL: https://login.microsoftonline.com/common/oauth2/authorize

作用域

名称	说明
user_impersonation	模拟用户帐户

示例

List scan results

List scan results of the latest scan

List scan results

示例请求

GET https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults?workspaceId=55555555-6666-7777-8888-999999999999&api-version=2023-02-01-preview


/**
 * Samples for SqlVulnerabilityAssessmentScanResults List.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/
     * sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_List.json
     */
    /**
     * Sample code: List scan results.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void listScanResults(com.azure.resourcemanager.security.SecurityManager manager) {
        manager.sqlVulnerabilityAssessmentScanResults().listWithResponse("Scheduled-20200623",
            "55555555-6666-7777-8888-999999999999",
            "subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master",
            com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

from azure.identity import DefaultAzureCredential

from azure.mgmt.security import SecurityCenter

"""
# PREREQUISITES
    pip install azure-identity
    pip install azure-mgmt-security
# USAGE
    python arc_machine_scan_results_list.py

    Before run the sample, please set the values of the client ID, tenant ID and client secret
    of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
    AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
    https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""


def main():
    client = SecurityCenter(
        credential=DefaultAzureCredential(),
        subscription_id="SUBSCRIPTION_ID",
    )

    response = client.sql_vulnerability_assessment_scan_results.list(
        scan_id="Scheduled-20200623",
        workspace_id="55555555-6666-7777-8888-999999999999",
        resource_id="subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master",
    )
    print(response)


# x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_List.json
if __name__ == "__main__":
    main()

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armsecurity_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_List.json
func ExampleSQLVulnerabilityAssessmentScanResultsClient_List_listScanResults() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	res, err := clientFactory.NewSQLVulnerabilityAssessmentScanResultsClient().List(ctx, "Scheduled-20200623", "55555555-6666-7777-8888-999999999999", "subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master", nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.ScanResults = armsecurity.ScanResults{
	// 	Value: []*armsecurity.ScanResult{
	// 		{
	// 			Name: to.Ptr("VA2062"),
	// 			Type: to.Ptr("Microsoft.Security/sqlVulnerabilityAssessments/scans/scanResults"),
	// 			ID: to.Ptr("/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults/VA2062"),
	// 			Properties: &armsecurity.ScanResultProperties{
	// 				IsTrimmed: to.Ptr(false),
	// 				QueryResults: [][]*string{
	// 				},
	// 				Remediation: &armsecurity.Remediation{
	// 					Description: to.Ptr("Remove database firewall rules that grant excessive access"),
	// 					Automated: to.Ptr(false),
	// 					PortalLink: to.Ptr(""),
	// 					Scripts: []*string{
	// 					},
	// 				},
	// 				RuleID: to.Ptr("VA2062"),
	// 				RuleMetadata: &armsecurity.VaRule{
	// 					Description: to.Ptr("The Azure SQL Database-level firewall helps protect your data by preventing all access to your database until you specify which IP addresses have permission. Database-level firewall rules grant access to the specific database based on the originating IP address of each request.\n\nDatabase-level firewall rules for master and user databases can only be created and managed through Transact-SQL (unlike server-level firewall rules which can also be created and managed using the Azure portal or PowerShell). For more details please see: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-firewall-configure\n\nThis check verifies that database-level firewall rules do not grant excessive access."),
	// 					BenchmarkReferences: []*armsecurity.BenchmarkReference{
	// 					},
	// 					Category: to.Ptr("SurfaceAreaReduction"),
	// 					QueryCheck: &armsecurity.QueryCheck{
	// 						ColumnNames: []*string{
	// 							to.Ptr("Firewall Rule Name"),
	// 							to.Ptr("Start Address"),
	// 							to.Ptr("End Address")},
	// 							ExpectedResult: [][]*string{
	// 							},
	// 							Query: to.Ptr("SELECT name\n    ,start_ip_address\n    ,end_ip_address\nFROM sys.database_firewall_rules\nWHERE ( \n        (CONVERT(bigint, parsename(end_ip_address, 1)) +\n         CONVERT(bigint, parsename(end_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(end_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(end_ip_address, 4)) * 16777216 ) \n        - \n        (CONVERT(bigint, parsename(start_ip_address, 1)) +\n         CONVERT(bigint, parsename(start_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(start_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(start_ip_address, 4)) * 16777216 )\n      ) > 255;"),
	// 						},
	// 						Rationale: to.Ptr("Often, administrators add rules that grant excessive access as part of a troubleshooting process - to eliminate the firewall as the source of a problem, they simply create a rule that allows all traffic to pass to the affected database.\n\nGranting excessive access using database firewall rules is a clear security concern, as it violates the principle of least privilege by allowing unnecessary access to your database. In fact, it's the equivalent of placing the database outside of the firewall."),
	// 						RuleID: to.Ptr("VA2062"),
	// 						RuleType: to.Ptr(armsecurity.RuleTypeNegativeList),
	// 						Severity: to.Ptr(armsecurity.RuleSeverityHigh),
	// 						Title: to.Ptr("Database-level firewall rules should not grant excessive access"),
	// 					},
	// 					Status: to.Ptr(armsecurity.RuleStatusNonFinding),
	// 				},
	// 			},
	// 			{
	// 				Name: to.Ptr("VA2063"),
	// 				Type: to.Ptr("Microsoft.Security/sqlVulnerabilityAssessments/scans/scanResults"),
	// 				ID: to.Ptr("/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults/VA2063"),
	// 				Properties: &armsecurity.ScanResultProperties{
	// 					BaselineAdjustedResult: &armsecurity.BaselineAdjustedResult{
	// 						Baseline: &armsecurity.Baseline{
	// 							ExpectedResults: [][]*string{
	// 								[]*string{
	// 									to.Ptr("Test"),
	// 									to.Ptr("0.0.0.0"),
	// 									to.Ptr("125.125.125.125")}},
	// 									UpdatedTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-02-04T12:49:41.027Z"); return t}()),
	// 								},
	// 								ResultsNotInBaseline: [][]*string{
	// 								},
	// 								ResultsOnlyInBaseline: [][]*string{
	// 								},
	// 								Status: to.Ptr(armsecurity.RuleStatusNonFinding),
	// 							},
	// 							IsTrimmed: to.Ptr(false),
	// 							QueryResults: [][]*string{
	// 								[]*string{
	// 									to.Ptr("Test"),
	// 									to.Ptr("0.0.0.0"),
	// 									to.Ptr("125.125.125.125")}},
	// 									Remediation: &armsecurity.Remediation{
	// 										Description: to.Ptr("Remove server firewall rules that grant excessive access"),
	// 										Automated: to.Ptr(false),
	// 										PortalLink: to.Ptr("ReviewServerFirewallRules"),
	// 										Scripts: []*string{
	// 											to.Ptr("EXECUTE sp_delete_firewall_rule N'Test';")},
	// 										},
	// 										RuleID: to.Ptr("VA2063"),
	// 										RuleMetadata: &armsecurity.VaRule{
	// 											Description: to.Ptr("The Azure SQL server-level firewall helps protect your server by preventing all access to your databases until you specify which IP addresses have permission. Server-level firewall rules grant access to all databases that belong to the server based on the originating IP address of each request.\n\nServer-level firewall rules can only be created and managed through Transact-SQL as well as through the Azure portal or PowerShell. For more details please see: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-firewall-configure\n\nThis check verifies that server-level firewall rules do not grant excessive access."),
	// 											BenchmarkReferences: []*armsecurity.BenchmarkReference{
	// 											},
	// 											Category: to.Ptr("SurfaceAreaReduction"),
	// 											QueryCheck: &armsecurity.QueryCheck{
	// 												ColumnNames: []*string{
	// 													to.Ptr("Firewall Rule Name"),
	// 													to.Ptr("Start Address"),
	// 													to.Ptr("End Address")},
	// 													ExpectedResult: [][]*string{
	// 													},
	// 													Query: to.Ptr("SELECT name\n    ,start_ip_address\n    ,end_ip_address\nFROM sys.firewall_rules\nWHERE ( \n        (CONVERT(bigint, parsename(end_ip_address, 1)) +\n         CONVERT(bigint, parsename(end_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(end_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(end_ip_address, 4)) * 16777216 ) \n        - \n        (CONVERT(bigint, parsename(start_ip_address, 1)) +\n         CONVERT(bigint, parsename(start_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(start_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(start_ip_address, 4)) * 16777216 )\n      ) > 255;"),
	// 												},
	// 												Rationale: to.Ptr("Often, administrators add rules that grant excessive access as part of a troubleshooting process � to eliminate the firewall as the source of a problem, they simply create a rule that allows all traffic to pass to the affected server.\n\nGranting excessive access using server firewall rules is a clear security concern, as it violates the principle of least privilege by allowing unnecessary access to your databases. In fact, it's the equivalent of placing the server outside of the firewall."),
	// 												RuleID: to.Ptr("VA2063"),
	// 												RuleType: to.Ptr(armsecurity.RuleTypeNegativeList),
	// 												Severity: to.Ptr(armsecurity.RuleSeverityHigh),
	// 												Title: to.Ptr("Server-level firewall rules should not grant excessive access"),
	// 											},
	// 											Status: to.Ptr(armsecurity.RuleStatusFinding),
	// 										},
	// 								}},
	// 							}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Gets a list of scan results for a single scan record.
 *
 * @summary Gets a list of scan results for a single scan record.
 * x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_List.json
 */
async function listScanResults() {
  const scanId = "Scheduled-20200623";
  const workspaceId = "55555555-6666-7777-8888-999999999999";
  const resourceId =
    "subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master";
  const credential = new DefaultAzureCredential();
  const client = new SecurityCenter(credential);
  const result = await client.sqlVulnerabilityAssessmentScanResults.list(
    scanId,
    workspaceId,
    resourceId,
  );
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.SecurityCenter.Models;
using Azure.ResourceManager.SecurityCenter;

// Generated from example definition: specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_List.json
// this example is just showing the usage of "SqlVulnerabilityAssessmentScanResults_List" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this SqlVulnerabilityAssessmentScanResource created on azure
// for more information of creating SqlVulnerabilityAssessmentScanResource, please refer to the document of SqlVulnerabilityAssessmentScanResource
string resourceId = "subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master";
string scanId = "Scheduled-20200623";
ResourceIdentifier sqlVulnerabilityAssessmentScanResourceId = SqlVulnerabilityAssessmentScanResource.CreateResourceIdentifier(resourceId, scanId);
SqlVulnerabilityAssessmentScanResource sqlVulnerabilityAssessmentScan = client.GetSqlVulnerabilityAssessmentScanResource(sqlVulnerabilityAssessmentScanResourceId);

// invoke the operation and iterate over the result
Guid workspaceId = Guid.Parse("55555555-6666-7777-8888-999999999999");
await foreach (SqlVulnerabilityAssessmentScanResult item in sqlVulnerabilityAssessmentScan.GetSqlVulnerabilityAssessmentScanResultsAsync(workspaceId))
{
    Console.WriteLine($"Succeeded: {item}");
}

Console.WriteLine("Succeeded");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

示例响应

状态代码:: 200

{
  "value": [
    {
      "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults/VA2062",
      "name": "VA2062",
      "type": "Microsoft.Security/sqlVulnerabilityAssessments/scans/scanResults",
      "properties": {
        "ruleId": "VA2062",
        "status": "NonFinding",
        "isTrimmed": false,
        "queryResults": [],
        "remediation": {
          "description": "Remove database firewall rules that grant excessive access",
          "scripts": [],
          "automated": false,
          "portalLink": ""
        },
        "baselineAdjustedResult": null,
        "ruleMetadata": {
          "ruleId": "VA2062",
          "severity": "High",
          "category": "SurfaceAreaReduction",
          "ruleType": "NegativeList",
          "title": "Database-level firewall rules should not grant excessive access",
          "description": "The Azure SQL Database-level firewall helps protect your data by preventing all access to your database until you specify which IP addresses have permission. Database-level firewall rules grant access to the specific database based on the originating IP address of each request.\n\nDatabase-level firewall rules for master and user databases can only be created and managed through Transact-SQL (unlike server-level firewall rules which can also be created and managed using the Azure portal or PowerShell). For more details please see: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-firewall-configure\n\nThis check verifies that database-level firewall rules do not grant excessive access.",
          "rationale": "Often, administrators add rules that grant excessive access as part of a troubleshooting process - to eliminate the firewall as the source of a problem, they simply create a rule that allows all traffic to pass to the affected database.\n\nGranting excessive access using database firewall rules is a clear security concern, as it violates the principle of least privilege by allowing unnecessary access to your database. In fact, it's the equivalent of placing the database outside of the firewall.",
          "queryCheck": {
            "query": "SELECT name\n    ,start_ip_address\n    ,end_ip_address\nFROM sys.database_firewall_rules\nWHERE ( \n        (CONVERT(bigint, parsename(end_ip_address, 1)) +\n         CONVERT(bigint, parsename(end_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(end_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(end_ip_address, 4)) * 16777216 ) \n        - \n        (CONVERT(bigint, parsename(start_ip_address, 1)) +\n         CONVERT(bigint, parsename(start_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(start_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(start_ip_address, 4)) * 16777216 )\n      ) > 255;",
            "expectedResult": [],
            "columnNames": [
              "Firewall Rule Name",
              "Start Address",
              "End Address"
            ]
          },
          "benchmarkReferences": []
        }
      }
    },
    {
      "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults/VA2063",
      "name": "VA2063",
      "type": "Microsoft.Security/sqlVulnerabilityAssessments/scans/scanResults",
      "properties": {
        "ruleId": "VA2063",
        "status": "Finding",
        "isTrimmed": false,
        "queryResults": [
          [
            "Test",
            "0.0.0.0",
            "125.125.125.125"
          ]
        ],
        "remediation": {
          "description": "Remove server firewall rules that grant excessive access",
          "scripts": [
            "EXECUTE sp_delete_firewall_rule N'Test';"
          ],
          "automated": false,
          "portalLink": "ReviewServerFirewallRules"
        },
        "baselineAdjustedResult": {
          "baseline": {
            "expectedResults": [
              [
                "Test",
                "0.0.0.0",
                "125.125.125.125"
              ]
            ],
            "updatedTime": "2020-02-04T12:49:41.027771+00:00"
          },
          "status": "NonFinding",
          "resultsNotInBaseline": [],
          "resultsOnlyInBaseline": []
        },
        "ruleMetadata": {
          "ruleId": "VA2063",
          "severity": "High",
          "category": "SurfaceAreaReduction",
          "ruleType": "NegativeList",
          "title": "Server-level firewall rules should not grant excessive access",
          "description": "The Azure SQL server-level firewall helps protect your server by preventing all access to your databases until you specify which IP addresses have permission. Server-level firewall rules grant access to all databases that belong to the server based on the originating IP address of each request.\n\nServer-level firewall rules can only be created and managed through Transact-SQL as well as through the Azure portal or PowerShell. For more details please see: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-firewall-configure\n\nThis check verifies that server-level firewall rules do not grant excessive access.",
          "rationale": "Often, administrators add rules that grant excessive access as part of a troubleshooting process � to eliminate the firewall as the source of a problem, they simply create a rule that allows all traffic to pass to the affected server.\n\nGranting excessive access using server firewall rules is a clear security concern, as it violates the principle of least privilege by allowing unnecessary access to your databases. In fact, it's the equivalent of placing the server outside of the firewall.",
          "queryCheck": {
            "query": "SELECT name\n    ,start_ip_address\n    ,end_ip_address\nFROM sys.firewall_rules\nWHERE ( \n        (CONVERT(bigint, parsename(end_ip_address, 1)) +\n         CONVERT(bigint, parsename(end_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(end_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(end_ip_address, 4)) * 16777216 ) \n        - \n        (CONVERT(bigint, parsename(start_ip_address, 1)) +\n         CONVERT(bigint, parsename(start_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(start_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(start_ip_address, 4)) * 16777216 )\n      ) > 255;",
            "expectedResult": [],
            "columnNames": [
              "Firewall Rule Name",
              "Start Address",
              "End Address"
            ]
          },
          "benchmarkReferences": []
        }
      }
    }
  ]
}

List scan results of the latest scan

示例请求

GET https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/latest/scanResults?workspaceId=55555555-6666-7777-8888-999999999999&api-version=2023-02-01-preview


/**
 * Samples for SqlVulnerabilityAssessmentScanResults List.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/
     * sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_ListLatest.json
     */
    /**
     * Sample code: List scan results of the latest scan.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void listScanResultsOfTheLatestScan(com.azure.resourcemanager.security.SecurityManager manager) {
        manager.sqlVulnerabilityAssessmentScanResults().listWithResponse("latest",
            "55555555-6666-7777-8888-999999999999",
            "subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master",
            com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

from azure.identity import DefaultAzureCredential

from azure.mgmt.security import SecurityCenter

"""
# PREREQUISITES
    pip install azure-identity
    pip install azure-mgmt-security
# USAGE
    python arc_machine_scan_results_list_latest.py

    Before run the sample, please set the values of the client ID, tenant ID and client secret
    of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
    AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
    https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""


def main():
    client = SecurityCenter(
        credential=DefaultAzureCredential(),
        subscription_id="SUBSCRIPTION_ID",
    )

    response = client.sql_vulnerability_assessment_scan_results.list(
        scan_id="latest",
        workspace_id="55555555-6666-7777-8888-999999999999",
        resource_id="subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master",
    )
    print(response)


# x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_ListLatest.json
if __name__ == "__main__":
    main()

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armsecurity_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_ListLatest.json
func ExampleSQLVulnerabilityAssessmentScanResultsClient_List_listScanResultsOfTheLatestScan() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	res, err := clientFactory.NewSQLVulnerabilityAssessmentScanResultsClient().List(ctx, "latest", "55555555-6666-7777-8888-999999999999", "subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master", nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.ScanResults = armsecurity.ScanResults{
	// 	Value: []*armsecurity.ScanResult{
	// 		{
	// 			Name: to.Ptr("VA2062"),
	// 			Type: to.Ptr("Microsoft.Security/sqlVulnerabilityAssessments/scans/scanResults"),
	// 			ID: to.Ptr("/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults/VA2062"),
	// 			Properties: &armsecurity.ScanResultProperties{
	// 				IsTrimmed: to.Ptr(false),
	// 				QueryResults: [][]*string{
	// 				},
	// 				Remediation: &armsecurity.Remediation{
	// 					Description: to.Ptr("Remove database firewall rules that grant excessive access"),
	// 					Automated: to.Ptr(false),
	// 					PortalLink: to.Ptr(""),
	// 					Scripts: []*string{
	// 					},
	// 				},
	// 				RuleID: to.Ptr("VA2062"),
	// 				RuleMetadata: &armsecurity.VaRule{
	// 					Description: to.Ptr("The Azure SQL Database-level firewall helps protect your data by preventing all access to your database until you specify which IP addresses have permission. Database-level firewall rules grant access to the specific database based on the originating IP address of each request.\n\nDatabase-level firewall rules for master and user databases can only be created and managed through Transact-SQL (unlike server-level firewall rules which can also be created and managed using the Azure portal or PowerShell). For more details please see: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-firewall-configure\n\nThis check verifies that database-level firewall rules do not grant excessive access."),
	// 					BenchmarkReferences: []*armsecurity.BenchmarkReference{
	// 					},
	// 					Category: to.Ptr("SurfaceAreaReduction"),
	// 					QueryCheck: &armsecurity.QueryCheck{
	// 						ColumnNames: []*string{
	// 							to.Ptr("Firewall Rule Name"),
	// 							to.Ptr("Start Address"),
	// 							to.Ptr("End Address")},
	// 							ExpectedResult: [][]*string{
	// 							},
	// 							Query: to.Ptr("SELECT name\n    ,start_ip_address\n    ,end_ip_address\nFROM sys.database_firewall_rules\nWHERE ( \n        (CONVERT(bigint, parsename(end_ip_address, 1)) +\n         CONVERT(bigint, parsename(end_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(end_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(end_ip_address, 4)) * 16777216 ) \n        - \n        (CONVERT(bigint, parsename(start_ip_address, 1)) +\n         CONVERT(bigint, parsename(start_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(start_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(start_ip_address, 4)) * 16777216 )\n      ) > 255;"),
	// 						},
	// 						Rationale: to.Ptr("Often, administrators add rules that grant excessive access as part of a troubleshooting process - to eliminate the firewall as the source of a problem, they simply create a rule that allows all traffic to pass to the affected database.\n\nGranting excessive access using database firewall rules is a clear security concern, as it violates the principle of least privilege by allowing unnecessary access to your database. In fact, it's the equivalent of placing the database outside of the firewall."),
	// 						RuleID: to.Ptr("VA2062"),
	// 						RuleType: to.Ptr(armsecurity.RuleTypeNegativeList),
	// 						Severity: to.Ptr(armsecurity.RuleSeverityHigh),
	// 						Title: to.Ptr("Database-level firewall rules should not grant excessive access"),
	// 					},
	// 					Status: to.Ptr(armsecurity.RuleStatusNonFinding),
	// 				},
	// 			},
	// 			{
	// 				Name: to.Ptr("VA2063"),
	// 				Type: to.Ptr("Microsoft.Security/sqlVulnerabilityAssessments/scans/scanResults"),
	// 				ID: to.Ptr("/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults/VA2063"),
	// 				Properties: &armsecurity.ScanResultProperties{
	// 					BaselineAdjustedResult: &armsecurity.BaselineAdjustedResult{
	// 						Baseline: &armsecurity.Baseline{
	// 							ExpectedResults: [][]*string{
	// 								[]*string{
	// 									to.Ptr("Test"),
	// 									to.Ptr("0.0.0.0"),
	// 									to.Ptr("125.125.125.125")}},
	// 									UpdatedTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-02-04T12:49:41.027Z"); return t}()),
	// 								},
	// 								ResultsNotInBaseline: [][]*string{
	// 								},
	// 								ResultsOnlyInBaseline: [][]*string{
	// 								},
	// 								Status: to.Ptr(armsecurity.RuleStatusNonFinding),
	// 							},
	// 							IsTrimmed: to.Ptr(false),
	// 							QueryResults: [][]*string{
	// 								[]*string{
	// 									to.Ptr("Test"),
	// 									to.Ptr("0.0.0.0"),
	// 									to.Ptr("125.125.125.125")}},
	// 									Remediation: &armsecurity.Remediation{
	// 										Description: to.Ptr("Remove server firewall rules that grant excessive access"),
	// 										Automated: to.Ptr(false),
	// 										PortalLink: to.Ptr("ReviewServerFirewallRules"),
	// 										Scripts: []*string{
	// 											to.Ptr("EXECUTE sp_delete_firewall_rule N'Test';")},
	// 										},
	// 										RuleID: to.Ptr("VA2063"),
	// 										RuleMetadata: &armsecurity.VaRule{
	// 											Description: to.Ptr("The Azure SQL server-level firewall helps protect your server by preventing all access to your databases until you specify which IP addresses have permission. Server-level firewall rules grant access to all databases that belong to the server based on the originating IP address of each request.\n\nServer-level firewall rules can only be created and managed through Transact-SQL as well as through the Azure portal or PowerShell. For more details please see: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-firewall-configure\n\nThis check verifies that server-level firewall rules do not grant excessive access."),
	// 											BenchmarkReferences: []*armsecurity.BenchmarkReference{
	// 											},
	// 											Category: to.Ptr("SurfaceAreaReduction"),
	// 											QueryCheck: &armsecurity.QueryCheck{
	// 												ColumnNames: []*string{
	// 													to.Ptr("Firewall Rule Name"),
	// 													to.Ptr("Start Address"),
	// 													to.Ptr("End Address")},
	// 													ExpectedResult: [][]*string{
	// 													},
	// 													Query: to.Ptr("SELECT name\n    ,start_ip_address\n    ,end_ip_address\nFROM sys.firewall_rules\nWHERE ( \n        (CONVERT(bigint, parsename(end_ip_address, 1)) +\n         CONVERT(bigint, parsename(end_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(end_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(end_ip_address, 4)) * 16777216 ) \n        - \n        (CONVERT(bigint, parsename(start_ip_address, 1)) +\n         CONVERT(bigint, parsename(start_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(start_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(start_ip_address, 4)) * 16777216 )\n      ) > 255;"),
	// 												},
	// 												Rationale: to.Ptr("Often, administrators add rules that grant excessive access as part of a troubleshooting process � to eliminate the firewall as the source of a problem, they simply create a rule that allows all traffic to pass to the affected server.\n\nGranting excessive access using server firewall rules is a clear security concern, as it violates the principle of least privilege by allowing unnecessary access to your databases. In fact, it's the equivalent of placing the server outside of the firewall."),
	// 												RuleID: to.Ptr("VA2063"),
	// 												RuleType: to.Ptr(armsecurity.RuleTypeNegativeList),
	// 												Severity: to.Ptr(armsecurity.RuleSeverityHigh),
	// 												Title: to.Ptr("Server-level firewall rules should not grant excessive access"),
	// 											},
	// 											Status: to.Ptr(armsecurity.RuleStatusFinding),
	// 										},
	// 								}},
	// 							}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Gets a list of scan results for a single scan record.
 *
 * @summary Gets a list of scan results for a single scan record.
 * x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_ListLatest.json
 */
async function listScanResultsOfTheLatestScan() {
  const scanId = "latest";
  const workspaceId = "55555555-6666-7777-8888-999999999999";
  const resourceId =
    "subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master";
  const credential = new DefaultAzureCredential();
  const client = new SecurityCenter(credential);
  const result = await client.sqlVulnerabilityAssessmentScanResults.list(
    scanId,
    workspaceId,
    resourceId,
  );
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.SecurityCenter.Models;
using Azure.ResourceManager.SecurityCenter;

// Generated from example definition: specification/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_ListLatest.json
// this example is just showing the usage of "SqlVulnerabilityAssessmentScanResults_List" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this SqlVulnerabilityAssessmentScanResource created on azure
// for more information of creating SqlVulnerabilityAssessmentScanResource, please refer to the document of SqlVulnerabilityAssessmentScanResource
string resourceId = "subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master";
string scanId = "latest";
ResourceIdentifier sqlVulnerabilityAssessmentScanResourceId = SqlVulnerabilityAssessmentScanResource.CreateResourceIdentifier(resourceId, scanId);
SqlVulnerabilityAssessmentScanResource sqlVulnerabilityAssessmentScan = client.GetSqlVulnerabilityAssessmentScanResource(sqlVulnerabilityAssessmentScanResourceId);

// invoke the operation and iterate over the result
Guid workspaceId = Guid.Parse("55555555-6666-7777-8888-999999999999");
await foreach (SqlVulnerabilityAssessmentScanResult item in sqlVulnerabilityAssessmentScan.GetSqlVulnerabilityAssessmentScanResultsAsync(workspaceId))
{
    Console.WriteLine($"Succeeded: {item}");
}

Console.WriteLine("Succeeded");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

示例响应

状态代码:: 200

{
  "value": [
    {
      "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults/VA2062",
      "name": "VA2062",
      "type": "Microsoft.Security/sqlVulnerabilityAssessments/scans/scanResults",
      "properties": {
        "ruleId": "VA2062",
        "status": "NonFinding",
        "isTrimmed": false,
        "queryResults": [],
        "remediation": {
          "description": "Remove database firewall rules that grant excessive access",
          "scripts": [],
          "automated": false,
          "portalLink": ""
        },
        "baselineAdjustedResult": null,
        "ruleMetadata": {
          "ruleId": "VA2062",
          "severity": "High",
          "category": "SurfaceAreaReduction",
          "ruleType": "NegativeList",
          "title": "Database-level firewall rules should not grant excessive access",
          "description": "The Azure SQL Database-level firewall helps protect your data by preventing all access to your database until you specify which IP addresses have permission. Database-level firewall rules grant access to the specific database based on the originating IP address of each request.\n\nDatabase-level firewall rules for master and user databases can only be created and managed through Transact-SQL (unlike server-level firewall rules which can also be created and managed using the Azure portal or PowerShell). For more details please see: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-firewall-configure\n\nThis check verifies that database-level firewall rules do not grant excessive access.",
          "rationale": "Often, administrators add rules that grant excessive access as part of a troubleshooting process - to eliminate the firewall as the source of a problem, they simply create a rule that allows all traffic to pass to the affected database.\n\nGranting excessive access using database firewall rules is a clear security concern, as it violates the principle of least privilege by allowing unnecessary access to your database. In fact, it's the equivalent of placing the database outside of the firewall.",
          "queryCheck": {
            "query": "SELECT name\n    ,start_ip_address\n    ,end_ip_address\nFROM sys.database_firewall_rules\nWHERE ( \n        (CONVERT(bigint, parsename(end_ip_address, 1)) +\n         CONVERT(bigint, parsename(end_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(end_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(end_ip_address, 4)) * 16777216 ) \n        - \n        (CONVERT(bigint, parsename(start_ip_address, 1)) +\n         CONVERT(bigint, parsename(start_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(start_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(start_ip_address, 4)) * 16777216 )\n      ) > 255;",
            "expectedResult": [],
            "columnNames": [
              "Firewall Rule Name",
              "Start Address",
              "End Address"
            ]
          },
          "benchmarkReferences": []
        }
      }
    },
    {
      "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Rg/providers/Microsoft.HybridCompute/machines/MyMachine/sqlServers/server1/databases/master/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/Scheduled-20200623/scanResults/VA2063",
      "name": "VA2063",
      "type": "Microsoft.Security/sqlVulnerabilityAssessments/scans/scanResults",
      "properties": {
        "ruleId": "VA2063",
        "status": "Finding",
        "isTrimmed": false,
        "queryResults": [
          [
            "Test",
            "0.0.0.0",
            "125.125.125.125"
          ]
        ],
        "remediation": {
          "description": "Remove server firewall rules that grant excessive access",
          "scripts": [
            "EXECUTE sp_delete_firewall_rule N'Test';"
          ],
          "automated": false,
          "portalLink": "ReviewServerFirewallRules"
        },
        "baselineAdjustedResult": {
          "baseline": {
            "expectedResults": [
              [
                "Test",
                "0.0.0.0",
                "125.125.125.125"
              ]
            ],
            "updatedTime": "2020-02-04T12:49:41.027771+00:00"
          },
          "status": "NonFinding",
          "resultsNotInBaseline": [],
          "resultsOnlyInBaseline": []
        },
        "ruleMetadata": {
          "ruleId": "VA2063",
          "severity": "High",
          "category": "SurfaceAreaReduction",
          "ruleType": "NegativeList",
          "title": "Server-level firewall rules should not grant excessive access",
          "description": "The Azure SQL server-level firewall helps protect your server by preventing all access to your databases until you specify which IP addresses have permission. Server-level firewall rules grant access to all databases that belong to the server based on the originating IP address of each request.\n\nServer-level firewall rules can only be created and managed through Transact-SQL as well as through the Azure portal or PowerShell. For more details please see: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-firewall-configure\n\nThis check verifies that server-level firewall rules do not grant excessive access.",
          "rationale": "Often, administrators add rules that grant excessive access as part of a troubleshooting process � to eliminate the firewall as the source of a problem, they simply create a rule that allows all traffic to pass to the affected server.\n\nGranting excessive access using server firewall rules is a clear security concern, as it violates the principle of least privilege by allowing unnecessary access to your databases. In fact, it's the equivalent of placing the server outside of the firewall.",
          "queryCheck": {
            "query": "SELECT name\n    ,start_ip_address\n    ,end_ip_address\nFROM sys.firewall_rules\nWHERE ( \n        (CONVERT(bigint, parsename(end_ip_address, 1)) +\n         CONVERT(bigint, parsename(end_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(end_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(end_ip_address, 4)) * 16777216 ) \n        - \n        (CONVERT(bigint, parsename(start_ip_address, 1)) +\n         CONVERT(bigint, parsename(start_ip_address, 2)) * 256 + \n         CONVERT(bigint, parsename(start_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(start_ip_address, 4)) * 16777216 )\n      ) > 255;",
            "expectedResult": [],
            "columnNames": [
              "Firewall Rule Name",
              "Start Address",
              "End Address"
            ]
          },
          "benchmarkReferences": []
        }
      }
    }
  ]
}

定义

名称	说明
Baseline	基线详细信息。
BaselineAdjustedResult	使用基线调整的规则结果。
BenchmarkReference	基准引用。
CloudError	所有 Azure 资源管理器 API 的常见错误响应，以返回失败操作的错误详细信息。（这也遵循 OData 错误响应格式）。
CloudErrorBody	错误详细信息。
ErrorAdditionalInfo	资源管理错误附加信息。
QueryCheck	规则查询详细信息。
Remediation	修正详细信息。
RuleSeverity	规则严重性。
RuleStatus	规则结果状态。
RuleType	规则类型。
ScanResult	单个规则的漏洞评估扫描结果。
ScanResultProperties	单个规则的漏洞评估扫描结果属性。
ScanResults	漏洞评估扫描结果的列表。
VaRule	漏洞评估规则元数据详细信息。

Baseline

Object

基线详细信息。

名称	类型	说明
expectedResults	string[]	预期结果。
updatedTime	string (date-time)	基线更新时间（UTC）。

BaselineAdjustedResult

Object

使用基线调整的规则结果。

名称	类型	说明
baseline	Baseline	基线详细信息。
resultsNotInBaseline	string[]	结果不在基线中。
resultsOnlyInBaseline	string[]	结果为基线。
status	RuleStatus	规则结果状态。

BenchmarkReference

Object

基准引用。

名称	类型	说明
benchmark	string	基准名称。
reference	string	基准参考。

CloudError

Object

所有 Azure 资源管理器 API 的常见错误响应，以返回失败操作的错误详细信息。（这也遵循 OData 错误响应格式）。

名称	类型	说明
error.additionalInfo	ErrorAdditionalInfo[]	错误附加信息。
error.code	string	错误代码。
error.details	CloudErrorBody[]	错误详细信息。
error.message	string	错误消息。
error.target	string	错误目标。

CloudErrorBody

Object

错误详细信息。

名称	类型	说明
additionalInfo	ErrorAdditionalInfo[]	错误附加信息。
code	string	错误代码。
details	CloudErrorBody[]	错误详细信息。
message	string	错误消息。
target	string	错误目标。

ErrorAdditionalInfo

Object

资源管理错误附加信息。

名称	类型	说明
info	object	其他信息。
type	string	其他信息类型。

QueryCheck

Object

规则查询详细信息。

名称	类型	说明
columnNames	string[]	预期结果的列名。
expectedResult	string[]	预期结果。
query	string	规则查询。

Remediation

Object

修正详细信息。

名称	类型	说明
automated	boolean	是否自动修正。
description	string	修正说明。
portalLink	string	用于在 Azure 门户中修正的可选链接。
scripts	string[]	修正脚本。

RuleSeverity

枚举

规则严重性。

值	说明
High	高
Medium	中等
Low	低
Informational	信息
Obsolete	过时

RuleStatus

枚举

规则结果状态。

值	说明
NonFinding	NonFinding
Finding	发现
InternalError	InternalError

RuleType

枚举

规则类型。

值	说明
Binary	二元的
BaselineExpected	BaselineExpected
PositiveList	PositiveList
NegativeList	NegativeList

ScanResult

Object

单个规则的漏洞评估扫描结果。

名称	类型	说明
id	string	资源 ID
name	string	资源名称
properties	ScanResultProperties	单个规则的漏洞评估扫描结果属性。
type	string	资源类型

ScanResultProperties

Object

单个规则的漏洞评估扫描结果属性。

名称	类型	说明
baselineAdjustedResult	BaselineAdjustedResult	使用基线调整的规则结果。
isTrimmed	boolean	指示是否剪裁了此处指定的结果。
queryResults	string[]	运行的查询的结果。
remediation	Remediation	修正详细信息。
ruleId	string	规则 ID。
ruleMetadata	VaRule	漏洞评估规则元数据详细信息。
status	RuleStatus	规则结果状态。

ScanResults

Object

漏洞评估扫描结果的列表。

名称	类型	说明
value	ScanResult[]	漏洞评估扫描结果列表。

VaRule

Object

漏洞评估规则元数据详细信息。

名称	类型	说明
benchmarkReferences	BenchmarkReference[]	基准引用。
category	string	规则类别。
description	string	规则说明。
queryCheck	QueryCheck	规则查询详细信息。
rationale	string	规则的理由。
ruleId	string	规则 ID。
ruleType	RuleType	规则类型。
severity	RuleSeverity	规则严重性。
title	string	规则标题。

通过

Sql Vulnerability Assessment Scan Results - List

URI 参数

响应

安全性

azure_auth

作用域

示例

List scan results

示例请求

示例响应

List scan results of the latest scan

示例请求

示例响应

定义

Baseline

BaselineAdjustedResult

BenchmarkReference

CloudError

CloudErrorBody

ErrorAdditionalInfo

QueryCheck

Remediation

RuleSeverity

RuleStatus

RuleType

ScanResult

ScanResultProperties

ScanResults

VaRule