external help file | Module Name | online version | schema |
---|---|---|---|
Microsoft.Azure.PowerShell.Cmdlets.Security.dll-Help.xml |
Az.Security |
2.0.0 |
Sets new SQL vulnerability assessment baseline on a specific database discards old baseline if any exists.
Set-AzSecuritySqlVulnerabilityAssessmentBaseline [-BaselineSet <Hashtable>] [-Force] -ResourceId <String>
-WorkspaceId <String> -Server <String> -Database <String> [-DefaultProfile <IAzureContextContainer>]
[-WhatIf] [-Confirm] [<CommonParameters>]
Set-AzSecuritySqlVulnerabilityAssessmentBaseline -InputObject <PSSqlVulnerabilityAssessmentBaselineResults>
[-Force] -ResourceId <String> -WorkspaceId <String> -Server <String> -Database <String>
[-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm]
[<CommonParameters>]
Set-AzSecuritySqlVulnerabilityAssessmentBaseline -InputObject <PSSqlVulnerabilityAssessmentBaselineResults>
[-Force] -WorkspaceId <String> -Server <String> -Database <String> -ComputerName <String> -VmUuid <String>
-AgentId <String> -WorkspaceResourceId <String> [-DefaultProfile <IAzureContextContainer>]
[-WhatIf] [-Confirm] [<CommonParameters>]
Set-AzSecuritySqlVulnerabilityAssessmentBaseline [-BaselineSet <Hashtable>] [-Force] -WorkspaceId <String>
-Server <String> -Database <String> -ComputerName <String> -VmUuid <String> -AgentId <String>
-WorkspaceResourceId <String> [-DefaultProfile <IAzureContextContainer>]
[-WhatIf] [-Confirm] [<CommonParameters>]
Sets new SQL vulnerability assessment baseline on a specific database, discards old baseline if any exists.
Set-AzSecuritySqlVulnerabilityAssessmentBaseline -ResourceId /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace/onPremiseMachines/ahabas-dev01.middleeast.corp.microsoft.com_49640166-652f-4ee6-b48b-cfb840b8afe2_4c4c4544-0030-4b10-8039-b8c04f4a3332 -WorkspaceId ba7c9d0e-a6e3-4997-b575-cf7a18a98a49 -Server AHABASDEV01SRV -Database master -BaselineSet @{VA2108 = @( , @("dbo", "db_owner1", "SQL_USER"))}
Setting baseline for
/subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace/onPremiseMachines/ahabas-dev01.middleeast.corp.microsoft.com_49640166-652f-4ee6-b48b-cfb840b8afe2_4c4c4544-0030-4b10-8039-b8c04f4a3332/sqlServers/AHABASDEV01SRV/databas
es/master.
Are you sure you want to set baseline? - This will discard your old baseline work.
[Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): y
Results WorkSpaceId
------- -----------
{VA2108 => [[dbo, db_owner1, SQL_USER]]} ba7c9d0e-a6e3-4997-b575-cf7a18a98a49
Example of using resource id parameters. Supported resources are:
- ARC: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.HybridCompute/machines/{machineName}
- VM: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/virtualMachines/{machineName}
- On-Premise: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/microsoft.operationalinsights/workspaces/{workspaceName}/onPremiseMachines/{machineName}
For on premise resources, the patameter machineName is composed as follows: {ComputerName}{AgentId}{VmUuid}
Set-AzSecuritySqlVulnerabilityAssessmentBaseline -WorkspaceResourceId /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace -ComputerName ahabas-dev01.middleeast.corp.microsoft.com -AgentId 49640166-652f-4ee6-b48b-cfb840b8afe2 -VmUuid 4c4c4544-0030-4b10-8039-b8c04f4a3332 -WorkspaceId ba7c9d0e-a6e3-4997-b575-cf7a18a98a49 -Server AHABASDEV01SRV -Database master -BaselineSet @{VA2108 = @( , @("dbo", "db_owner1", "SQL_USER"))}
Setting baseline for
/subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace/onPremiseMachines/ahabas-dev01.middleeast.corp.microsoft.com_49640166-652f-4ee6-b48b-cfb840b8afe2_4c4c4544-0030-4b10-8039-b8c04f4a3332/sqlServers/AHABASDEV01SRV/databas
es/master.
Are you sure you want to set baseline? - This will discard your old baseline work.
[Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): y
Results WorkSpaceId
------- -----------
{VA2108 => [[dbo, db_owner1, SQL_USER]]} ba7c9d0e-a6e3-4997-b575-cf7a18a98a49
Example of using OnPremMachinesWithBaselineObject parameters.
Set-AzSecuritySqlVulnerabilityAssessmentBaseline -WorkspaceResourceId /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace -ComputerName ahabas-dev01.middleeast.corp.microsoft.com -AgentId 49640166-652f-4ee6-b48b-cfb840b8afe2 -VmUuid 4c4c4544-0030-4b10-8039-b8c04f4a3332 -WorkspaceId ba7c9d0e-a6e3-4997-b575-cf7a18a98a49 -Server AHABASDEV01SRV -Database master
Setting baseline for
/subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace/onPremiseMachines/ahabas-dev01.middleeast.corp.microsoft.com_49640166-652f-4ee6-b48b-cfb840b8afe2_4c4c4544-0030-4b10-8039-b8c04f4a3332/sqlServers/AHABASDEV01SRV/databas
es/master.
Are you sure you want to set baseline? - This will discard your old baseline work.
[Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): y
Results WorkSpaceId
------- -----------
{VA1017 => [], VA1018 => [[True]], VA1020 => [], VA1022 => [[False]]…} ba7c9d0e-a6e3-4997-b575-cf7a18a98a49
In this example the BaselineSet is not specified thus setting all latest results as baseline.
Get-AzSecuritySqlVulnerabilityAssessmentBaseline -ResourceId /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/ahmadtesting/providers/microsoft.operationalinsights/workspaces/ahabas-workspace/onPremiseMachines/ahabas-dev01.middleeast.corp.microsoft.com_49640166-652f-4ee6-b48b-cfb840b8afe2_4c4c4544-0030-4b10-8039-b8c04f4a3332 -WorkspaceId ba7c9d0e-a6e3-4997-b575-cf7a18a98a49 -Server AHABASDEV01SRV -Database master | Set-AzSecuritySqlVulnerabilityAssessmentBaseline -ResourceId /subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/talmachinegroupeuap/providers/microsoft.operationalinsights/workspaces/talworkspaceeuap2/onPremiseMachines/TAHERSCO-DEV.middleeast.corp.microsoft.com_7adcdd86-adb6-4008-a254-80e0fc425c55_4c4c4544-0058-3310-8032-c4c04f4a4e32 -WorkspaceId 806d6dfa-132f-488d-975b-9bcf2fcd6802 -Server SQLEXPRESS -Database master
Setting baseline for
/subscriptions/f26d1f13-67d5-4ad6-9012-67ca12d2436f/resourcegroups/talmachinegroupeuap/providers/microsoft.operationalinsights/workspaces/talworkspaceeuap2/onPremiseMachines/TAHERSCO-DEV.middleeast.corp.microsoft.com_7adcdd86-adb6-4008-a254-80e0fc425c55_4c4c4544-0058-3310-8032-c4c04f4a4e32/sqlServers/SQLEXPRESS/dat
abases/master.
Are you sure you want to set baseline? - This will discard your old baseline work.
[Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): y
Results WorkSpaceId
------- -----------
{VA2108 => [[dbo, db_owner1, SQL_USER]]} 806d6dfa-132f-488d-975b-9bcf2fcd6802
Note
In this example, we move all baseline objects from one database to another using InputObjectWithResourceId parameter set. It's important that all the rules in source database exist in the destination database otherwise the operation will fail.
Agent ID - on premise parameter
Type: System.String
Parameter Sets: InputObjectBaselineWithOnPrem, OnPremMachinesWithBaselineObject
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Vulnerability assessment baseline object
Type: System.Collections.Hashtable
Parameter Sets: ResourceIdWithBaselineObject, OnPremMachinesWithBaselineObject
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Computer full name - on premise parameter
Type: System.String
Parameter Sets: InputObjectBaselineWithOnPrem, OnPremMachinesWithBaselineObject
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Database name
Type: System.String
Parameter Sets: (All)
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
The credentials, account, tenant, and subscription used for communication with Azure.
Type: Microsoft.Azure.Commands.Common.Authentication.Abstractions.Core.IAzureContextContainer
Parameter Sets: (All)
Aliases: AzContext, AzureRmContext, AzureCredential
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Force set baseline without confirmation
Type: System.Management.Automation.SwitchParameter
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Input Object.
Type: Microsoft.Azure.Commands.SecurityCenter.Models.SqlVulnerabilityAssessment.PSSqlVulnerabilityAssessmentBaselineResults
Parameter Sets: InputObjectWithResourceId, InputObjectBaselineWithOnPrem
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByValue)
Accept wildcard characters: False
ID of the security resource that you want to invoke the command on. Supported resources are:
- ARC: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.HybridCompute/machines/{machineName}
- VM: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/virtualMachines/{machineName}
- On-Premise: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/microsoft.operationalinsights/workspaces/{workspaceName}/onPremiseMachines/{machineName}
Type: System.String
Parameter Sets: ResourceIdWithBaselineObject, InputObjectWithResourceId
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Server name
Type: System.String
Parameter Sets: (All)
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Virtual machine universal unique identifier - on premise parameter
Type: System.String
Parameter Sets: InputObjectBaselineWithOnPrem, OnPremMachinesWithBaselineObject
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Workspace ID.
Type: System.String
Parameter Sets: (All)
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Workspace resource ID - on premise parameter
Type: System.String
Parameter Sets: InputObjectBaselineWithOnPrem, OnPremMachinesWithBaselineObject
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Prompts you for confirmation before running the cmdlet.
Type: System.Management.Automation.SwitchParameter
Parameter Sets: (All)
Aliases: cf
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Type: System.Management.Automation.SwitchParameter
Parameter Sets: (All)
Aliases: wi
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Microsoft.Azure.Commands.SecurityCenter.Models.SqlVulnerabilityAssessment.PSSqlVulnerabilityAssessmentBaselineResults
Microsoft.Azure.Commands.SecurityCenter.Models.SqlVulnerabilityAssessment.PSSqlVulnerabilityAssessmentBaselineResults
Add-AzSecuritySqlVulnerabilityAssessmentBaseline