Edit

Update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings

  • Reference
Module:
AzureRM.Sql

Updates the vulnerability assessment settings of a database.

Warning

The AzureRM PowerShell module has been officially deprecated as of February 29, 2024. Users are advised to migrate from AzureRM to the Az PowerShell module to ensure continued support and updates.

Although the AzureRM module may still function, it's no longer maintained or supported, placing any continued use at the user's discretion and risk. Please refer to our migration resources for guidance on transitioning to the Az module.

Syntax

Update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings
      [-StorageAccountName <String>]
      [-ScanResultsContainerName <String>]
      [-RecurringScansInterval <RecurringScansInterval>]
      [-EmailAdmins <Boolean>]
      [-NotificationEmail <String[]>]
      [-ServerName] <String>
      [-DatabaseName] <String>
      [-ResourceGroupName] <String>
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]
Update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings
      -InputObject <DatabaseVulnerabilityAssessmentSettingsModel>
      [-RecurringScansInterval <RecurringScansInterval>]
      [-EmailAdmins <Boolean>]
      [-NotificationEmail <String[]>]
      [-ServerName] <String>
      [-DatabaseName] <String>
      [-ResourceGroupName] <String>
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]
Update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings
      -BlobStorageSasUri <Uri>
      [-RecurringScansInterval <RecurringScansInterval>]
      [-EmailAdmins <Boolean>]
      [-NotificationEmail <String[]>]
      [-ServerName] <String>
      [-DatabaseName] <String>
      [-ResourceGroupName] <String>
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]

Description

The Update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings cmdlet updates the vulnerability assessment settings of an Azure SQL Database. Note that you need to run Enable-AzureRmSqlServerAdvancedThreatProtection cmdlet as a prerequisite for using this cmdlet.

Examples

Example 1: Update Vulnerability Assessment settings with storage account name

PS C:\> Update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings `
            -ResourceGroupName "ResourceGroup01"`
            -ServerName "Server01"`
            -DatabaseName "Database01" `
            -StorageAccountName "mystorage" `
            -ScanResultsContainerName "vulnerability-assessment" `
            -RecurringScansInterval Weekly `
            -EmailSubscriptionAdmins True `
            -NotificationEmail {mail1@mail.com , mail2@mail.com}

ResourceGroupName				: ResourceGroup01
ServerName			        	: Server01
DatabaseName			    	: Database01
StorageAccountName     			: mystorage
ScanResultsContainerName		: vulnerability-assessment
RecurringScansInterval			: Weekly
EmailSubscriptionAdmins			: True
NotificationEmail				: {mail1@mail.com , mail2@mail.com}

Example 2: Update Vulnerability Assessment settings with blob storage SAS URI

PS C:\> Update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings `
            -ResourceGroupName "ResourceGroup01"`
            -ServerName "Server01"`
            -DatabaseName "Database01" `
            -BlobStorageSasUri "https://mystorage.blob.core.windows.net/vulnerability-assessment?st=XXXXXX" `
            -RecurringScansInterval Weekly `
            -EmailSubscriptionAdmins True `
            -NotificationEmail {mail1@mail.com , mail2@mail.com}

ResourceGroupName				: ResourceGroup01
ServerName			        	: Server01
DatabaseName			    	: Database01
StorageAccountName     			: mystorage
ScanResultsContainerName		: vulnerability-assessment
RecurringScansInterval			: Weekly
EmailSubscriptionAdmins			: True
NotificationEmail				: {mail1@mail.com , mail2@mail.com}

Example 3: Update the Vulnerability Assessment settings from DatabaseVulnerabilityAssessmentSettingsModel instance definition

PS C:\> Update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings `
            -ResourceGroupName "ResourceGroup01"`
            -ServerName "Server01"`
            -DatabaseName "Database01" `
            -StorageAccountName "mystorage" `
            -ScanResultsContainerName "vulnerability-assessment" `
            -RecurringScansInterval Weekly `
            -EmailSubscriptionAdmins True `
            -NotificationEmail {mail1@mail.com , mail2@mail.com}

PS C:\> Get-AzureRmSqlDatabaseVulnerabilityAssessmentSettings `
            -ResourceGroupName "ResourceGroup01" `
            -ServerName "Server01" `
            -DatabaseName "Database01" `
            | Update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings `
                -ResourceGroupName "ResourceGroup02" `
                -ServerName "Server02" `
                -DatabaseName "Database02"

ResourceGroupName				: ResourceGroup02
ServerName			        	: Server02
DatabaseName			    	: Database02
StorageAccountName     			: mystorage
ScanResultsContainerName		: vulnerability-assessment
RecurringScansInterval			: Weekly
EmailSubscriptionAdmins			: True
NotificationEmail				: {mail1@mail.com , mail2@mail.com}

This command updated the Vulnerability Assessment settings on Database02 from the settings on Database01

Example 4: Update the Vulnerability Assessment settings on all the databases under a server

PS C:\> Get-AzureRmSqlDatabase -ResourceGroupName "ResourceGroup01" `
			-ServerName $"Server01" `
            | where {$_.DatabaseName -ne "master"}  `
            | Update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings `
                -StorageAccountName "mystorage" `
                -ScanResultsContainerName "vulnerability-assessment" `
                -RecurringScansInterval Weekly `
                -EmailSubscriptionAdmins True `
                -NotificationEmail {mail1@mail.com , mail2@mail.com}

ResourceGroupName				: ResourceGroup01
ServerName			        	: Server01
DatabaseName			    	: Database01
StorageAccountName     			: mystorage
ScanResultsContainerName		: vulnerability-assessment
RecurringScansInterval			: Weekly
EmailSubscriptionAdmins			: True
NotificationEmail				: {mail1@mail.com , mail2@mail.com}

ResourceGroupName				: ResourceGroup01
ServerName			        	: Server01
DatabaseName			    	: Database02
StorageAccountName     			: mystorage
ScanResultsContainerName		: vulnerability-assessment
RecurringScansInterval			: Weekly
EmailSubscriptionAdmins			: True
NotificationEmail				: {mail1@mail.com , mail2@mail.com}

This command updates all Vulnerability Assessment settings on all the databases under Server01

Parameters

-BlobStorageSasUri

A SAS URI to a storage container that will hold the scan results.

Type:Uri
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DatabaseName

SQL Database name.

Type:String
Position:2
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:IAzureContextContainer
Aliases:AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-EmailAdmins

A value indicating whether to email service and co-administrators on recurring scan completion.

Type:Boolean
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-InputObject

The Vulnerability Assessment settings object to set

Type:DatabaseVulnerabilityAssessmentSettingsModel
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-NotificationEmail

A list of mail addresses to send on recurring scan completion.

Type:String[]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-RecurringScansInterval

The recurring scans interval.

Type:RecurringScansInterval
Accepted values:None, Weekly
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ResourceGroupName

The name of the resource group.

Type:String
Position:0
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-ScanResultsContainerName

The name of the storage container that will hold the scan results.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ServerName

SQL Database server name.

Type:String
Position:1
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-StorageAccountName

The name of the storage account that will hold the scan results.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

DatabaseVulnerabilityAssessmentSettingsModel

Parameters: InputObject (ByValue)

String

Uri

RecurringScansInterval

Boolean

String[]

Outputs

DatabaseVulnerabilityAssessmentSettingsModel