Note
Access to this page requires authorization. You can try signing in or .
Access to this page requires authorization. You can try .
Add-AzSecuritySqlVulnerabilityAssessmentBaseline
- Module:
- Az.Security Module
Add SQL vulnerability assessment baseline.
Syntax
ResourceIdWithBaselineObject (Default)
Add-AzSecuritySqlVulnerabilityAssessmentBaseline
-RuleId <String>
-ResourceId <String>
-WorkspaceId <String>
-Server <String>
-Database <String>
[-Baseline <String[][]>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
OnPremMachinesWithBaselineObject
Add-AzSecuritySqlVulnerabilityAssessmentBaseline
-RuleId <String>
-WorkspaceId <String>
-Server <String>
-Database <String>
-ComputerName <String>
-VmUuid <String>
-AgentId <String>
-WorkspaceResourceId <String>
[-Baseline <String[][]>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
InputObjectWithResourceId
Add-AzSecuritySqlVulnerabilityAssessmentBaseline
-InputObject <PSSqlVulnerabilityAssessmentBaselineResults>
-ResourceId <String>
-WorkspaceId <String>
-Server <String>
-Database <String>
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
InputObjectBaselineWithOnPrem
Add-AzSecuritySqlVulnerabilityAssessmentBaseline
-InputObject <PSSqlVulnerabilityAssessmentBaselineResults>
-WorkspaceId <String>
-Server <String>
-Database <String>
-ComputerName <String>
-VmUuid <String>
-AgentId <String>
-WorkspaceResourceId <String>
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Add SQL vulnerability assessment baseline
Examples
Example 1: Add results as baseline using resource id parameters.
Add-AzSecuritySqlVulnerabilityAssessmentBaseline -ResourceId /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace/onPremiseMachines/ahabas-dev01.middleeast.corp.microsoft.com_49640166-652f-4ee6-b48b-cfb840b8afe2_4c4c4544-0030-4b10-8039-b8c04f4a3332 -WorkspaceId ba7c9d0e-a6e3-4997-b575-cf7a18a98a49 -Server AHABASDEV01SRV -Database master -RuleId "VA2108" -Baseline @( , @("dbo", "db_owner1", "SQL_USER"))
Results Id
------- --
{dbo db_owner1 SQL_USER} /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace/onpremisemachines/ahabas-dev01.middleeast.corp.microsoft.com_49640166-652f-4ee6-b48b-cfb840b8afe2_4c4c4544-0030-4b10-8039-b8c04f4a3332/sqlServ…
Example of resource id parameters. Supported resources are:
- ARC: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.HybridCompute/machines/{machineName}
- VM: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/virtualMachines/{machineName}
- On-Premise: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/microsoft.operationalinsights/workspaces/{workspaceName}/onPremiseMachines/{machineName}
For on premise resources, the parameter machineName is composed as follows: {ComputerName}{AgentId}{VmUuid}
Notice the @(,@('a','b',...)) syntax for array of arrays of string with only one inner array. Each inner array represents a row in the query results.
Example 2: Add results as baseline using on premise parameters.
Add-AzSecuritySqlVulnerabilityAssessmentBaseline -WorkspaceResourceId /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace -ComputerName ahabas-dev01.middleeast.corp.microsoft.com -AgentId 49640166-652f-4ee6-b48b-cfb840b8afe2 -VmUuid 4c4c4544-0030-4b10-8039-b8c04f4a3332 -WorkspaceId ba7c9d0e-a6e3-4997-b575-cf7a18a98a49 -Server AHABASDEV01SRV -Database master -RuleId "VA2108" -Baseline @( , @("dbo", "db_owner1", "SQL_USER"))
Results Id
------- --
{dbo db_owner1 SQL_USER} /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace/onpremisemachines/ahabas-dev01.middleeast.corp.microsoft.com_49640166-652f-4ee6-b48b-cfb840b8afe2_4c4c4544-0030-4b10-8039-b8c04f4a3332/sqlServ…
Example of on premise parameters.
Example 3: Add results as baseline for specific rule.
Add-AzSecuritySqlVulnerabilityAssessmentBaseline -WorkspaceResourceId /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace -ComputerName ahabas-dev01.middleeast.corp.microsoft.com -AgentId 49640166-652f-4ee6-b48b-cfb840b8afe2 -VmUuid 4c4c4544-0030-4b10-8039-b8c04f4a3332 -WorkspaceId ba7c9d0e-a6e3-4997-b575-cf7a18a98a49 -Server AHABASDEV01SRV -Database master -RuleId "VA2108"
Results Id
------- --
{dbo db_owner1 SQL_USER} /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace/onpremisemachines/ahabas-dev01.middleeast.corp.microsoft.com_49640166-652f-4ee6-b48b-cfb840b8afe2_4c4c4544-0030-4b10-8039-b8c04f4a3332/sqlServ…
In this example when the -Baseline parameter is not supplied, latest results are set as baseline.
Example 4: Copy baseline from a database to an on prem database using pipe.
Get-AzSecuritySqlVulnerabilityAssessmentBaseline -ResourceId /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace/onPremiseMachines/ahabas-dev01.middleeast.corp.microsoft.com_49640166-652f-4ee6-b48b-cfb840b8afe2_4c4c4544-0030-4b10-8039-b8c04f4a3332 -WorkspaceId ba7c9d0e-a6e3-4997-b575-cf7a18a98a49 -Server AHABASDEV01SRV -Database master | Add-AzSecuritySqlVulnerabilityAssessmentBaseline -ResourceId subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/talmachinegroupeuap/providers/microsoft.operationalinsights/workspaces/talworkspaceeuap2/onPremiseMachines/TAHERSCO-DEV.middleeast.corp.microsoft.com_7adcdd86-adb6-4008-a254-80e0fc425c55_4c4c4544-0058-3310-8032-c4c04f4a4e32 -WorkspaceId 806d6dfa-132f-488d-975b-9bcf2fcd6802 -Server SQLEXPRESS -Database master
Results Id
------- --
{dbo db_owner SQL_USER} /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/talmachinegroupeuap/providers/microsoft.operationalinsights/workspaces/talworkspaceeuap2/onpremisemachines/tahersco-dev.middleeast.corp.microsoft.com_7adcdd86-adb6-4008-a254-80e0fc425c55_4c…
Note
In this example, we transfer baseline objects from database 'master' from one server to another using InputObjectWithResourceId parameter set. it is important that both source and destination server have matching platforms, versions, and ruleset otherwise the operation might fail.
Parameters
-AgentId
Agent ID - on premise parameter
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Baseline
Vulnerability assessment baseline object
Parameter properties
| Type: | String[][] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-ComputerName
Computer full name - on premise parameter
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | cf |
Parameter sets
-Database
Database name
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
Parameter properties
| Type: | IAzureContextContainer |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | AzContext, AzureRmContext, AzureCredential |
Parameter sets
-InputObject
Input Object.
Parameter properties
| Type: | PSSqlVulnerabilityAssessmentBaselineResults |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-ResourceId
ID of the security resource that you want to invoke the command on. Supported resources are:
- ARC: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.HybridCompute/machines/{machineName}
- VM: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/virtualMachines/{machineName}
- On-Premise: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/microsoft.operationalinsights/workspaces/{workspaceName}/onPremiseMachines/{machineName}
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-RuleId
Vulnerability assessment rule ID
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Server
Server name
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-VmUuid
Virtual machine universal unique identifier - on premise parameter
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | wi |
Parameter sets
-WorkspaceId
Workspace ID.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-WorkspaceResourceId
Workspace resource ID - on premise parameter
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
PSSqlVulnerabilityAssessmentBaselineResults
Outputs
PSSqlVulnerabilityAssessmentBaselineResults
Related Links
Collaborate with us on GitHub
The source for this content can be found on GitHub, where you can also create and review issues and pull requests. For more information, see our contributor guide.
Azure PowerShell
Feedback
Was this page helpful?