specification/sql/resource-manager/Microsoft.Sql/preview/2023-02-01-preview/SqlVulnerabilityAssessmentScanResult.json

{
  "swagger": "2.0",
  "info": {
    "version": "2023-02-01-preview",
    "title": "SqlManagementClient",
    "description": "The Azure SQL Database management API provides a RESTful set of web APIs that interact with Azure SQL Database services to manage your databases. The API enables users to create, retrieve, update, and delete databases, servers, and other entities."
  },
  "host": "management.azure.com",
  "schemes": [
    "https"
  ],
  "consumes": [
    "application/json"
  ],
  "produces": [
    "application/json"
  ],
  "paths": {
    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/sqlVulnerabilityAssessments/{vulnerabilityAssessmentName}/scans/{scanId}/scanResults": {
      "get": {
        "tags": [
          "SqlVulnerabilityAssessmentScanResult"
        ],
        "description": "Gets a vulnerability assessment scan record of a database.",
        "operationId": "SqlVulnerabilityAssessmentScanResult_ListByScan",
        "parameters": [
          {
            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupParameter"
          },
          {
            "$ref": "#/parameters/ServerNameParameter"
          },
          {
            "name": "vulnerabilityAssessmentName",
            "in": "path",
            "description": "The name of the SQL Vulnerability Assessment.",
            "required": true,
            "type": "string",
            "enum": [
              "default"
            ],
            "x-ms-enum": {
              "name": "SqlVulnerabilityAssessmentName",
              "modelAsString": true
            }
          },
          {
            "name": "scanId",
            "in": "path",
            "description": "The scan id of the SQL Vulnerability Assessment scan to retrieve result from.",
            "required": true,
            "type": "string"
          },
          {
            "name": "systemDatabaseName",
            "in": "query",
            "description": "The SQL vulnerability assessment system database name.",
            "required": true,
            "type": "string",
            "enum": [
              "master"
            ],
            "x-ms-enum": {
              "name": "VulnerabilityAssessmentSystemDatabaseName",
              "modelAsString": false
            }
          },
          {
            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionIdParameter"
          },
          {
            "$ref": "../../../common/v1/types.json#/parameters/ApiVersionParameter"
          }
        ],
        "responses": {
          "200": {
            "description": "Successfully retrieved SQL Vulnerability Assessment scan results.",
            "schema": {
              "$ref": "#/definitions/SQLVulnerabilityAssessmentScanListResult"
            }
          },
          "default": {
            "description": "*** Error Responses: ***\n\n * 400 SqlVulnerabilityAssessmentIsDisabled - SQL vulnerability assessment feature is disabled. please enable the feature before executing other SQL vulnerability assessment operations.\n\n * 400 SqlVulnerabilityAssessmentInvalidUserSuppliedParameter - An invalid parameter value was provided by the client.\n\n * 400 InvalidSqlVulnerabilityAssessmentBaselineInput - The SQL vulnerability assessment baseline input is null or empty.\n\n * 400 InvalidSqlVulnerabilityAssessmentSettingsInput - The SQL vulnerability assessment setting input is null or empty\n\n * 400 SqlVulnerabilityAssessmentScanResultsAreNotAvailableYet - SQL vulnerability assessment results are not available yet, please try again later.\n\n * 400 SqlVulnerabilityAssessmentInvalidRuleId - The SQL vulnerability assessment rule id is invalid.\n\n * 400 SqlVulnerabilityAssessmentScanDoesNotExist - SQL vulnerability assessment scan does not exist.\n\n * 400 SqlVulnerabilityAssessmentNoBaseline - No baseline have been found for the latest scan in the resource\n\n * 400 SqlVulnerabilityAssessmentNoRuleBaseline - No SQL vulnerability assessment baseline was found\n\n * 400 SqlVulnerabilityAssessmentBaselineNoScanResults - No scan results have been found for rule Id. To set a baseline there must be results for this rule in the latest scan available\n\n * 400 SqlVulnerabilityAssessmentBadBinaryRuleFormat - Input for binary rule is not a boolean representation\n\n * 400 SqlVulnerabilityAssessmentBadRuleFormat - The provided results do not comply with the actual layout of the scan results\n\n * 400 SqlVulnerabilityAssessmentBadRuleWithoutRuleIdFormat - The provided results do not comply with the actual layout of the scan results\n\n * 400 SqlVulnerabilityAssessmentBadBinaryRuleWithoutRuleIdFormat - Input for binary rule is not a boolean representation\n\n * 400 SqlVulnerabilityAssessmentBaselineNoScanResultsWithoutRuleId - No scan results have been found for one of the rules. To set a baseline there must be results for this rule in the latest scan available\n\n * 400 SqlVulnerabilityAssessmentEmptyBaseline - Baseline not set because the results are null or empty\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 409 DatabaseVulnerabilityAssessmentScanIsAlreadyInProgress - SQL Vulnerability Assessment scan is already in progress\n\n * 409 SqlVulnerabilityAssessmentStoragefullApiIsEnabled - Vulnerability Assessment is enabled on this server or one of its underlying databases with an incompatible version. Additional troubleshooting information can be found https://aka.ms/SQLVAStoragelessDocumentation.\n\n * 500 DatabaseIsUnavailable - Loading failed. Please try again later."
          }
        },
        "x-ms-pageable": {
          "nextLinkName": "nextLink"
        },
        "x-ms-examples": {
          "List system database SQL Vulnerability Assessment scan results for scan id": {
            "$ref": "./examples/SqlVulnerabilityAssessmentListScansResults.json"
          }
        }
      }
    },
    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/sqlVulnerabilityAssessments/{vulnerabilityAssessmentName}/scans/{scanId}/scanResults/{scanResultId}": {
      "get": {
        "tags": [
          "SqlVulnerabilityAssessmentScanResult"
        ],
        "description": "Gets a vulnerability assessment scan record of a database.",
        "operationId": "SqlVulnerabilityAssessmentScanResult_Get",
        "parameters": [
          {
            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupParameter"
          },
          {
            "$ref": "#/parameters/ServerNameParameter"
          },
          {
            "name": "vulnerabilityAssessmentName",
            "in": "path",
            "description": "The name of the SQL Vulnerability Assessment.",
            "required": true,
            "type": "string",
            "enum": [
              "default"
            ],
            "x-ms-enum": {
              "name": "SqlVulnerabilityAssessmentName",
              "modelAsString": true
            }
          },
          {
            "name": "scanId",
            "in": "path",
            "description": "The scan id of the SQL Vulnerability Assessment scan to retrieve result from.",
            "required": true,
            "type": "string"
          },
          {
            "name": "scanResultId",
            "in": "path",
            "description": "The scan result id of the specific result to retrieve.",
            "required": true,
            "type": "string"
          },
          {
            "name": "systemDatabaseName",
            "in": "query",
            "description": "The SQL vulnerability assessment system database name.",
            "required": true,
            "type": "string",
            "enum": [
              "master"
            ],
            "x-ms-enum": {
              "name": "VulnerabilityAssessmentSystemDatabaseName",
              "modelAsString": false
            }
          },
          {
            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionIdParameter"
          },
          {
            "$ref": "../../../common/v1/types.json#/parameters/ApiVersionParameter"
          }
        ],
        "responses": {
          "200": {
            "description": "Successfully retrieved SQL Vulnerability Assessment scan results for id.",
            "schema": {
              "$ref": "#/definitions/SqlVulnerabilityAssessmentScanResults"
            }
          },
          "default": {
            "description": "*** Error Responses: ***\n\n * 400 SqlVulnerabilityAssessmentIsDisabled - SQL vulnerability assessment feature is disabled. please enable the feature before executing other SQL vulnerability assessment operations.\n\n * 400 SqlVulnerabilityAssessmentInvalidUserSuppliedParameter - An invalid parameter value was provided by the client.\n\n * 400 InvalidSqlVulnerabilityAssessmentBaselineInput - The SQL vulnerability assessment baseline input is null or empty.\n\n * 400 InvalidSqlVulnerabilityAssessmentSettingsInput - The SQL vulnerability assessment setting input is null or empty\n\n * 400 SqlVulnerabilityAssessmentScanResultsAreNotAvailableYet - SQL vulnerability assessment results are not available yet, please try again later.\n\n * 400 SqlVulnerabilityAssessmentInvalidRuleId - The SQL vulnerability assessment rule id is invalid.\n\n * 400 SqlVulnerabilityAssessmentScanDoesNotExist - SQL vulnerability assessment scan does not exist.\n\n * 400 SqlVulnerabilityAssessmentNoBaseline - No baseline have been found for the latest scan in the resource\n\n * 400 SqlVulnerabilityAssessmentNoRuleBaseline - No SQL vulnerability assessment baseline was found\n\n * 400 SqlVulnerabilityAssessmentBaselineNoScanResults - No scan results have been found for rule Id. To set a baseline there must be results for this rule in the latest scan available\n\n * 400 SqlVulnerabilityAssessmentBadBinaryRuleFormat - Input for binary rule is not a boolean representation\n\n * 400 SqlVulnerabilityAssessmentBadRuleFormat - The provided results do not comply with the actual layout of the scan results\n\n * 400 SqlVulnerabilityAssessmentBadRuleWithoutRuleIdFormat - The provided results do not comply with the actual layout of the scan results\n\n * 400 SqlVulnerabilityAssessmentBadBinaryRuleWithoutRuleIdFormat - Input for binary rule is not a boolean representation\n\n * 400 SqlVulnerabilityAssessmentBaselineNoScanResultsWithoutRuleId - No scan results have been found for one of the rules. To set a baseline there must be results for this rule in the latest scan available\n\n * 400 SqlVulnerabilityAssessmentEmptyBaseline - Baseline not set because the results are null or empty\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 409 DatabaseVulnerabilityAssessmentScanIsAlreadyInProgress - SQL Vulnerability Assessment scan is already in progress\n\n * 409 SqlVulnerabilityAssessmentStoragefullApiIsEnabled - Vulnerability Assessment is enabled on this server or one of its underlying databases with an incompatible version. Additional troubleshooting information can be found https://aka.ms/SQLVAStoragelessDocumentation.\n\n * 500 DatabaseIsUnavailable - Loading failed. Please try again later."
          }
        },
        "x-ms-examples": {
          "Get a system database SQL Vulnerability Assessment scan result for scan id and scan result id": {
            "$ref": "./examples/SqlVulnerabilityAssessmentScansResults.json"
          }
        }
      }
    }
  },
  "definitions": {
    "Baseline": {
      "description": "SQL Vulnerability Assessment baseline Details",
      "type": "object",
      "properties": {
        "expectedResults": {
          "description": "SQL Vulnerability Assessment baseline expected results",
          "type": "array",
          "items": {
            "type": "array",
            "items": {
              "type": "string"
            }
          },
          "readOnly": true
        },
        "updatedTime": {
          "format": "date-time",
          "description": "SQL Vulnerability Assessment baseline update time (UTC)",
          "type": "string",
          "readOnly": true
        }
      }
    },
    "BaselineAdjustedResult": {
      "description": "SQL Vulnerability Assessment baseline adjusted results",
      "type": "object",
      "properties": {
        "baseline": {
          "$ref": "#/definitions/Baseline",
          "description": "SQL Vulnerability Assessment baseline details",
          "readOnly": true
        },
        "status": {
          "description": "SQL Vulnerability Assessment baseline status",
          "enum": [
            "NonFinding",
            "Finding",
            "InternalError"
          ],
          "type": "string",
          "readOnly": true,
          "x-ms-enum": {
            "name": "RuleStatus",
            "modelAsString": true
          }
        },
        "resultsNotInBaseline": {
          "description": "SQL Vulnerability Assessment results that are not in baseline",
          "type": "array",
          "items": {
            "type": "array",
            "items": {
              "type": "string"
            }
          },
          "readOnly": true
        },
        "resultsOnlyInBaseline": {
          "description": "SQL Vulnerability Assessment results that are in baseline.",
          "type": "array",
          "items": {
            "type": "array",
            "items": {
              "type": "string"
            }
          },
          "readOnly": true
        }
      }
    },
    "BenchmarkReference": {
      "description": "SQL Vulnerability Assessment benchmark reference",
      "type": "object",
      "properties": {
        "benchmark": {
          "description": "SQL Vulnerability Assessment benchmark name",
          "type": "string",
          "readOnly": true
        },
        "reference": {
          "description": "SQL Vulnerability Assessment benchmark reference.",
          "type": "string",
          "readOnly": true
        }
      }
    },
    "QueryCheck": {
      "description": "SQL Vulnerability Assessment query check object.",
      "type": "object",
      "properties": {
        "query": {
          "description": "SQL Vulnerability Assessment rule query.",
          "type": "string",
          "readOnly": true
        },
        "expectedResult": {
          "description": "SQL Vulnerability Assessment query expected result.",
          "type": "array",
          "items": {
            "type": "array",
            "items": {
              "type": "string"
            }
          },
          "readOnly": true
        },
        "columnNames": {
          "description": "SQL Vulnerability Assessment column names of query expected result.",
          "type": "array",
          "items": {
            "type": "string"
          },
          "readOnly": true
        }
      }
    },
    "Remediation": {
      "description": "SQL Vulnerability Assessment remediation Details.",
      "type": "object",
      "properties": {
        "description": {
          "description": "SQL Vulnerability Assessment remediation description.",
          "type": "string",
          "readOnly": true
        },
        "scripts": {
          "description": "SQL Vulnerability Assessment remediation script.",
          "type": "array",
          "items": {
            "type": "string"
          },
          "readOnly": true
        },
        "automated": {
          "description": "SQL Vulnerability Assessment is remediation automated.",
          "type": "boolean",
          "readOnly": true
        },
        "portalLink": {
          "description": "SQL Vulnerability Assessment optional link to remediate in Azure Portal.",
          "type": "string",
          "readOnly": true
        }
      }
    },
    "SQLVulnerabilityAssessmentScanListResult": {
      "description": "A list of vulnerability assessment scan results.",
      "type": "object",
      "properties": {
        "value": {
          "description": "Array of results.",
          "type": "array",
          "items": {
            "$ref": "#/definitions/SqlVulnerabilityAssessmentScanResults"
          },
          "readOnly": true
        },
        "nextLink": {
          "description": "Link to retrieve next page of results.",
          "type": "string",
          "readOnly": true
        }
      }
    },
    "SqlVulnerabilityAssessmentScanResultProperties": {
      "description": "SQL Vulnerability Assessment scan result properties for a single rule.",
      "type": "object",
      "properties": {
        "ruleId": {
          "description": "SQL Vulnerability Assessment rule Id.",
          "type": "string",
          "readOnly": true
        },
        "status": {
          "description": "SQL Vulnerability Assessment rule result status.",
          "enum": [
            "NonFinding",
            "Finding",
            "InternalError"
          ],
          "type": "string",
          "readOnly": true,
          "x-ms-enum": {
            "name": "RuleStatus",
            "modelAsString": true
          }
        },
        "errorMessage": {
          "description": "SQL Vulnerability Assessment error message.",
          "type": "string",
          "readOnly": true
        },
        "isTrimmed": {
          "description": "SQL Vulnerability Assessment is the query results trimmed.",
          "type": "boolean",
          "readOnly": true
        },
        "queryResults": {
          "description": "SQL Vulnerability Assessment query results that was run.",
          "type": "array",
          "items": {
            "type": "array",
            "items": {
              "type": "string"
            }
          },
          "readOnly": true
        },
        "remediation": {
          "$ref": "#/definitions/Remediation",
          "description": "SQL Vulnerability Assessment the remediation details.",
          "readOnly": true
        },
        "baselineAdjustedResult": {
          "$ref": "#/definitions/BaselineAdjustedResult",
          "description": "SQL Vulnerability Assessment rule result adjusted with baseline.",
          "readOnly": true
        },
        "ruleMetadata": {
          "$ref": "#/definitions/VaRule",
          "description": "SQL Vulnerability Assessment rule metadata.",
          "readOnly": true
        }
      }
    },
    "SqlVulnerabilityAssessmentScanResults": {
      "type": "object",
      "allOf": [
        {
          "$ref": "../../../common/v1/types.json#/definitions/ProxyResource"
        }
      ],
      "properties": {
        "systemData": {
          "$ref": "../../../common/v1/types.json#/definitions/systemData",
          "description": "SystemData of AdvancedThreatProtectionResource.",
          "readOnly": true
        },
        "properties": {
          "$ref": "#/definitions/SqlVulnerabilityAssessmentScanResultProperties",
          "description": "Resource properties.",
          "x-ms-client-flatten": true
        }
      }
    },
    "VaRule": {
      "description": "SQL Vulnerability Assessment rule metadata details.",
      "type": "object",
      "properties": {
        "ruleId": {
          "description": "SQL Vulnerability Assessment rule Id.",
          "type": "string",
          "readOnly": true
        },
        "severity": {
          "description": "SQL Vulnerability Assessment rule severity.",
          "enum": [
            "High",
            "Medium",
            "Low",
            "Informational",
            "Obsolete"
          ],
          "type": "string",
          "readOnly": true,
          "x-ms-enum": {
            "name": "RuleSeverity",
            "modelAsString": true
          }
        },
        "category": {
          "description": "SQL Vulnerability Assessment rule category.",
          "type": "string",
          "readOnly": true
        },
        "ruleType": {
          "description": "SQL Vulnerability Assessment rule type.",
          "enum": [
            "Binary",
            "BaselineExpected",
            "PositiveList",
            "NegativeList"
          ],
          "type": "string",
          "readOnly": true,
          "x-ms-enum": {
            "name": "RuleType",
            "modelAsString": true
          }
        },
        "title": {
          "description": "SQL Vulnerability Assessment rule title.",
          "type": "string",
          "readOnly": true
        },
        "description": {
          "description": "SQL Vulnerability Assessment rule description.",
          "type": "string",
          "readOnly": true
        },
        "rationale": {
          "description": "SQL Vulnerability Assessment rule rationale.",
          "type": "string",
          "readOnly": true
        },
        "queryCheck": {
          "$ref": "#/definitions/QueryCheck",
          "description": "SQL Vulnerability Assessment rule query details.",
          "readOnly": true
        },
        "benchmarkReferences": {
          "description": "SQL Vulnerability Assessment benchmark references.",
          "type": "array",
          "items": {
            "$ref": "#/definitions/BenchmarkReference"
          },
          "readOnly": true
        }
      }
    }
  },
  "parameters": {
    "ServerNameParameter": {
      "name": "serverName",
      "in": "path",
      "description": "The name of the server.",
      "required": true,
      "type": "string",
      "x-ms-parameter-location": "method"
    }
  },
  "securityDefinitions": {
    "azure_auth": {
      "type": "oauth2",
      "description": "Azure Active Directory OAuth2 Flow",
      "flow": "implicit",
      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
      "scopes": {
        "user_impersonation": "impersonate your user account"
      }
    }
  }
}