Update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings

Updates the vulnerability assessment settings of a database.

Important

Because Az PowerShell modules now have all the capabilities of AzureRM PowerShell modules and more, we'll retire AzureRM PowerShell modules on 29 February 2024.

To avoid service interruptions, update your scripts that use AzureRM PowerShell modules to use Az PowerShell modules by 29 February 2024. To automatically update your scripts, follow the quickstart guide.

Syntax

Update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings
      [-StorageAccountName <String>]
      [-ScanResultsContainerName <String>]
      [-RecurringScansInterval <RecurringScansInterval>]
      [-EmailAdmins <Boolean>]
      [-NotificationEmail <String[]>]
      [-ServerName] <String>
      [-DatabaseName] <String>
      [-ResourceGroupName] <String>
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]
Update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings
      -InputObject <DatabaseVulnerabilityAssessmentSettingsModel>
      [-RecurringScansInterval <RecurringScansInterval>]
      [-EmailAdmins <Boolean>]
      [-NotificationEmail <String[]>]
      [-ServerName] <String>
      [-DatabaseName] <String>
      [-ResourceGroupName] <String>
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]
Update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings
      -BlobStorageSasUri <Uri>
      [-RecurringScansInterval <RecurringScansInterval>]
      [-EmailAdmins <Boolean>]
      [-NotificationEmail <String[]>]
      [-ServerName] <String>
      [-DatabaseName] <String>
      [-ResourceGroupName] <String>
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]

Description

The Update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings cmdlet updates the vulnerability assessment settings of an Azure SQL Database. Note that you need to run Enable-AzureRmSqlServerAdvancedThreatProtection cmdlet as a prerequisite for using this cmdlet.

Examples

Example 1: Update Vulnerability Assessment settings with storage account name

PS C:\> Update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings `
            -ResourceGroupName "ResourceGroup01"`
            -ServerName "Server01"`
            -DatabaseName "Database01" `
            -StorageAccountName "mystorage" `
            -ScanResultsContainerName "vulnerability-assessment" `
            -RecurringScansInterval Weekly `
            -EmailSubscriptionAdmins True `
            -NotificationEmail {mail1@mail.com , mail2@mail.com}

ResourceGroupName				: ResourceGroup01
ServerName			        	: Server01
DatabaseName			    	: Database01
StorageAccountName     			: mystorage
ScanResultsContainerName		: vulnerability-assessment
RecurringScansInterval			: Weekly
EmailSubscriptionAdmins			: True
NotificationEmail				: {mail1@mail.com , mail2@mail.com}

Example 2: Update Vulnerability Assessment settings with blob storage SAS URI

PS C:\> Update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings `
            -ResourceGroupName "ResourceGroup01"`
            -ServerName "Server01"`
            -DatabaseName "Database01" `
            -BlobStorageSasUri "https://mystorage.blob.core.windows.net/vulnerability-assessment?st=XXXXXX" `
            -RecurringScansInterval Weekly `
            -EmailSubscriptionAdmins True `
            -NotificationEmail {mail1@mail.com , mail2@mail.com}

ResourceGroupName				: ResourceGroup01
ServerName			        	: Server01
DatabaseName			    	: Database01
StorageAccountName     			: mystorage
ScanResultsContainerName		: vulnerability-assessment
RecurringScansInterval			: Weekly
EmailSubscriptionAdmins			: True
NotificationEmail				: {mail1@mail.com , mail2@mail.com}

Example 3: Update the Vulnerability Assessment settings from DatabaseVulnerabilityAssessmentSettingsModel instance definition

PS C:\> Update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings `
            -ResourceGroupName "ResourceGroup01"`
            -ServerName "Server01"`
            -DatabaseName "Database01" `
            -StorageAccountName "mystorage" `
            -ScanResultsContainerName "vulnerability-assessment" `
            -RecurringScansInterval Weekly `
            -EmailSubscriptionAdmins True `
            -NotificationEmail {mail1@mail.com , mail2@mail.com}

PS C:\> Get-AzureRmSqlDatabaseVulnerabilityAssessmentSettings `
            -ResourceGroupName "ResourceGroup01" `
            -ServerName "Server01" `
            -DatabaseName "Database01" `
            | Update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings `
                -ResourceGroupName "ResourceGroup02" `
                -ServerName "Server02" `
                -DatabaseName "Database02"

ResourceGroupName				: ResourceGroup02
ServerName			        	: Server02
DatabaseName			    	: Database02
StorageAccountName     			: mystorage
ScanResultsContainerName		: vulnerability-assessment
RecurringScansInterval			: Weekly
EmailSubscriptionAdmins			: True
NotificationEmail				: {mail1@mail.com , mail2@mail.com}

This command updated the Vulnerability Assessment settings on Database02 from the settings on Database01

Example 4: Update the Vulnerability Assessment settings on all the databases under a server

PS C:\> Get-AzureRmSqlDatabase -ResourceGroupName "ResourceGroup01" `
			-ServerName $"Server01" `
            | where {$_.DatabaseName -ne "master"}  `
            | Update-AzureRmSqlDatabaseVulnerabilityAssessmentSettings `
                -StorageAccountName "mystorage" `
                -ScanResultsContainerName "vulnerability-assessment" `
                -RecurringScansInterval Weekly `
                -EmailSubscriptionAdmins True `
                -NotificationEmail {mail1@mail.com , mail2@mail.com}

ResourceGroupName				: ResourceGroup01
ServerName			        	: Server01
DatabaseName			    	: Database01
StorageAccountName     			: mystorage
ScanResultsContainerName		: vulnerability-assessment
RecurringScansInterval			: Weekly
EmailSubscriptionAdmins			: True
NotificationEmail				: {mail1@mail.com , mail2@mail.com}

ResourceGroupName				: ResourceGroup01
ServerName			        	: Server01
DatabaseName			    	: Database02
StorageAccountName     			: mystorage
ScanResultsContainerName		: vulnerability-assessment
RecurringScansInterval			: Weekly
EmailSubscriptionAdmins			: True
NotificationEmail				: {mail1@mail.com , mail2@mail.com}

This command updates all Vulnerability Assessment settings on all the databases under Server01

Parameters

-BlobStorageSasUri

A SAS URI to a storage container that will hold the scan results.

Type:Uri
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-DatabaseName

SQL Database name.

Type:String
Position:2
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:Microsoft.Azure.Commands.Common.Authentication.Abstractions.IAzureContextContainer
Aliases:AzureRmContext, AzureCredential
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-EmailAdmins

A value indicating whether to email service and co-administrators on recurring scan completion.

Type:Boolean
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-InputObject

The Vulnerability Assessment settings object to set

Type:Microsoft.Azure.Commands.Sql.VulnerabilityAssessment.Model.DatabaseVulnerabilityAssessmentSettingsModel
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-NotificationEmail

A list of mail addresses to send on recurring scan completion.

Type:String[]
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-RecurringScansInterval

The recurring scans interval.

Type:Microsoft.Azure.Commands.Sql.VulnerabilityAssessment.Model.RecurringScansInterval
Accepted values:None, Weekly
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-ResourceGroupName

The name of the resource group.

Type:String
Position:0
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-ScanResultsContainerName

The name of the storage container that will hold the scan results.

Type:String
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-ServerName

SQL Database server name.

Type:String
Position:1
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-StorageAccountName

The name of the storage account that will hold the scan results.

Type:String
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False

Inputs

Microsoft.Azure.Commands.Sql.VulnerabilityAssessment.Model.DatabaseVulnerabilityAssessmentSettingsModel

Parameters: InputObject (ByValue)

String

Uri

Microsoft.Azure.Commands.Sql.VulnerabilityAssessment.Model.RecurringScansInterval

Boolean

String[]

Outputs

Microsoft.Azure.Commands.Sql.VulnerabilityAssessment.Model.DatabaseVulnerabilityAssessmentSettingsModel