Note
Access to this page requires authorization. You can try signing in or .
Access to this page requires authorization. You can try .
Set-AzSecuritySqlVulnerabilityAssessmentBaseline
- Module:
- Az.Security Module
Sets new SQL vulnerability assessment baseline on a specific database discards old baseline if any exists.
Syntax
ResourceIdWithBaselineObject (Default)
Set-AzSecuritySqlVulnerabilityAssessmentBaseline
-ResourceId <String>
-WorkspaceId <String>
-Server <String>
-Database <String>
[-BaselineSet <Hashtable>]
[-Force]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
InputObjectWithResourceId
Set-AzSecuritySqlVulnerabilityAssessmentBaseline
-InputObject <PSSqlVulnerabilityAssessmentBaselineResults>
-ResourceId <String>
-WorkspaceId <String>
-Server <String>
-Database <String>
[-Force]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
InputObjectBaselineWithOnPrem
Set-AzSecuritySqlVulnerabilityAssessmentBaseline
-InputObject <PSSqlVulnerabilityAssessmentBaselineResults>
-WorkspaceId <String>
-Server <String>
-Database <String>
-ComputerName <String>
-VmUuid <String>
-AgentId <String>
-WorkspaceResourceId <String>
[-Force]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
OnPremMachinesWithBaselineObject
Set-AzSecuritySqlVulnerabilityAssessmentBaseline
-WorkspaceId <String>
-Server <String>
-Database <String>
-ComputerName <String>
-VmUuid <String>
-AgentId <String>
-WorkspaceResourceId <String>
[-BaselineSet <Hashtable>]
[-Force]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Sets new SQL vulnerability assessment baseline on a specific database, discards old baseline if any exists.
Examples
Example 1: Set results as baseline using resource id parameters.
Set-AzSecuritySqlVulnerabilityAssessmentBaseline -ResourceId /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace/onPremiseMachines/ahabas-dev01.middleeast.corp.microsoft.com_49640166-652f-4ee6-b48b-cfb840b8afe2_4c4c4544-0030-4b10-8039-b8c04f4a3332 -WorkspaceId ba7c9d0e-a6e3-4997-b575-cf7a18a98a49 -Server AHABASDEV01SRV -Database master -BaselineSet @{VA2108 = @( , @("dbo", "db_owner1", "SQL_USER"))}
Setting baseline for
/subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace/onPremiseMachines/ahabas-dev01.middleeast.corp.microsoft.com_49640166-652f-4ee6-b48b-cfb840b8afe2_4c4c4544-0030-4b10-8039-b8c04f4a3332/sqlServers/AHABASDEV01SRV/databas
es/master.
Are you sure you want to set baseline? - This will discard your old baseline work.
[Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): y
Results WorkSpaceId
------- -----------
{VA2108 => [[dbo, db_owner1, SQL_USER]]} ba7c9d0e-a6e3-4997-b575-cf7a18a98a49
Example of using resource id parameters. Supported resources are:
- ARC: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.HybridCompute/machines/{machineName}
- VM: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/virtualMachines/{machineName}
- On-Premise: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/microsoft.operationalinsights/workspaces/{workspaceName}/onPremiseMachines/{machineName}
For on premise resources, the parameter machineName is composed as follows: {ComputerName}{AgentId}{VmUuid}
Example 2: Set results as baseline using on premise parameters.
Set-AzSecuritySqlVulnerabilityAssessmentBaseline -WorkspaceResourceId /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace -ComputerName ahabas-dev01.middleeast.corp.microsoft.com -AgentId 49640166-652f-4ee6-b48b-cfb840b8afe2 -VmUuid 4c4c4544-0030-4b10-8039-b8c04f4a3332 -WorkspaceId ba7c9d0e-a6e3-4997-b575-cf7a18a98a49 -Server AHABASDEV01SRV -Database master -BaselineSet @{VA2108 = @( , @("dbo", "db_owner1", "SQL_USER"))}
Setting baseline for
/subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace/onPremiseMachines/ahabas-dev01.middleeast.corp.microsoft.com_49640166-652f-4ee6-b48b-cfb840b8afe2_4c4c4544-0030-4b10-8039-b8c04f4a3332/sqlServers/AHABASDEV01SRV/databas
es/master.
Are you sure you want to set baseline? - This will discard your old baseline work.
[Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): y
Results WorkSpaceId
------- -----------
{VA2108 => [[dbo, db_owner1, SQL_USER]]} ba7c9d0e-a6e3-4997-b575-cf7a18a98a49
Example of using OnPremMachinesWithBaselineObject parameters.
Example 3: Set results as baseline for all checks on database.
Set-AzSecuritySqlVulnerabilityAssessmentBaseline -WorkspaceResourceId /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace -ComputerName ahabas-dev01.middleeast.corp.microsoft.com -AgentId 49640166-652f-4ee6-b48b-cfb840b8afe2 -VmUuid 4c4c4544-0030-4b10-8039-b8c04f4a3332 -WorkspaceId ba7c9d0e-a6e3-4997-b575-cf7a18a98a49 -Server AHABASDEV01SRV -Database master
Setting baseline for
/subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace/onPremiseMachines/ahabas-dev01.middleeast.corp.microsoft.com_49640166-652f-4ee6-b48b-cfb840b8afe2_4c4c4544-0030-4b10-8039-b8c04f4a3332/sqlServers/AHABASDEV01SRV/databas
es/master.
Are you sure you want to set baseline? - This will discard your old baseline work.
[Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): y
Results WorkSpaceId
------- -----------
{VA1017 => [], VA1018 => [[True]], VA1020 => [], VA1022 => [[False]]…} ba7c9d0e-a6e3-4997-b575-cf7a18a98a49
In this example the BaselineSet is not specified thus setting all latest results as baseline.
Example 4: Copy baseline from a database to an on prem database using pipe.
Get-AzSecuritySqlVulnerabilityAssessmentBaseline -ResourceId /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace/onPremiseMachines/ahabas-dev01.middleeast.corp.microsoft.com_49640166-652f-4ee6-b48b-cfb840b8afe2_4c4c4544-0030-4b10-8039-b8c04f4a3332 -WorkspaceId ba7c9d0e-a6e3-4997-b575-cf7a18a98a49 -Server AHABASDEV01SRV -Database master | Set-AzSecuritySqlVulnerabilityAssessmentBaseline -ResourceId /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/talmachinegroupeuap/providers/microsoft.operationalinsights/workspaces/talworkspaceeuap2/onPremiseMachines/TAHERSCO-DEV.middleeast.corp.microsoft.com_7adcdd86-adb6-4008-a254-80e0fc425c55_4c4c4544-0058-3310-8032-c4c04f4a4e32 -WorkspaceId 806d6dfa-132f-488d-975b-9bcf2fcd6802 -Server SQLEXPRESS -Database master
Setting baseline for
/subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/talmachinegroupeuap/providers/microsoft.operationalinsights/workspaces/talworkspaceeuap2/onPremiseMachines/TAHERSCO-DEV.middleeast.corp.microsoft.com_7adcdd86-adb6-4008-a254-80e0fc425c55_4c4c4544-0058-3310-8032-c4c04f4a4e32/sqlServers/SQLEXPRESS/dat
abases/master.
Are you sure you want to set baseline? - This will discard your old baseline work.
[Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): y
Results WorkSpaceId
------- -----------
{VA2108 => [[dbo, db_owner1, SQL_USER]]} 806d6dfa-132f-488d-975b-9bcf2fcd6802
Note
In this example, we move all baseline objects from one database to another using InputObjectWithResourceId parameter set. It's important that all the rules in source database exist in the destination database otherwise the operation will fail.
Parameters
-AgentId
Agent ID - on premise parameter
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-BaselineSet
Vulnerability assessment baseline object
Parameter properties
| Type: | Hashtable |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-ComputerName
Computer full name - on premise parameter
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | cf |
Parameter sets
-Database
Database name
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
Parameter properties
| Type: | IAzureContextContainer |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | AzContext, AzureRmContext, AzureCredential |
Parameter sets
-Force
Force set baseline without confirmation
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-InputObject
Input Object.
Parameter properties
| Type: | PSSqlVulnerabilityAssessmentBaselineResults |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-ResourceId
ID of the security resource that you want to invoke the command on. Supported resources are:
- ARC: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.HybridCompute/machines/{machineName}
- VM: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/virtualMachines/{machineName}
- On-Premise: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/microsoft.operationalinsights/workspaces/{workspaceName}/onPremiseMachines/{machineName}
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Server
Server name
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-VmUuid
Virtual machine universal unique identifier - on premise parameter
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | wi |
Parameter sets
-WorkspaceId
Workspace ID.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-WorkspaceResourceId
Workspace resource ID - on premise parameter
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
PSSqlVulnerabilityAssessmentBaselineResults
Outputs
PSSqlVulnerabilityAssessmentBaselineResults
Related Links
Collaborate with us on GitHub
The source for this content can be found on GitHub, where you can also create and review issues and pull requests. For more information, see our contributor guide.
Azure PowerShell
Feedback
Was this page helpful?