Managed Instance Vulnerability Assessments - Create Or Update
Creates or updates the managed instance's vulnerability assessment. Learn more about setting SQL vulnerability assessment with managed identity - https://docs.microsoft.com/azure/azure-sql/database/sql-database-vulnerability-assessment-storage
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/managedInstances/{managedInstanceName}/vulnerabilityAssessments/default?api-version=2025-01-01URI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
managed
|
path | True |
string |
The name of the managed instance. |
|
resource
|
path | True |
string minLength: 1maxLength: 90 |
The name of the resource group. The name is case insensitive. |
|
subscription
|
path | True |
string (uuid) |
The ID of the target subscription. The value must be an UUID. |
|
vulnerability
|
path | True |
The name of the vulnerability assessment. |
|
|
api-version
|
query | True |
string minLength: 1 |
The API version to use for this operation. |
Request Body
| Name | Required | Type | Description |
|---|---|---|---|
| properties.storageContainerPath | True |
string |
A blob storage container path to hold the scan results (e.g. |
| properties.recurringScans |
The recurring scans settings |
||
| properties.storageAccountAccessKey |
string |
Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required. Applies only if the storage account is not behind a Vnet or a firewall |
|
| properties.storageContainerSasKey |
string |
A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required. Applies only if the storage account is not behind a Vnet or a firewall |
Responses
| Name | Type | Description |
|---|---|---|
| 200 OK |
Resource 'ManagedInstanceVulnerabilityAssessment' update operation succeeded |
|
| 201 Created |
Resource 'ManagedInstanceVulnerabilityAssessment' create operation succeeded |
|
| Other Status Codes |
An unexpected error response. |
Security
azure_auth
Azure Active Directory OAuth2 Flow.
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Name | Description |
|---|---|
| user_impersonation | impersonate your user account |
Examples
Create a managed instance's vulnerability assessment with all parameters
Sample request
PUT https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/managedInstances/vulnerabilityaseessmenttest-6440/vulnerabilityAssessments/default?api-version=2025-01-01
{
"properties": {
"recurringScans": {
"emailSubscriptionAdmins": true,
"emails": [
"email1@mail.com",
"email2@mail.com"
],
"isEnabled": true
},
"storageAccountAccessKey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"storageContainerPath": "https://myStorage.blob.core.windows.net/vulnerability-assessment/",
"storageContainerSasKey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}
}
Sample response
{
"name": "default",
"type": "Microsoft.Sql/managedInstances/vulnerabilityAssessments",
"id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/managedInstances/vulnerabilityaseessmenttest-6440/vulnerabilityAssessments/default",
"properties": {
"recurringScans": {
"emailSubscriptionAdmins": true,
"emails": [
"email1@mail.com",
"email2@mail.com"
],
"isEnabled": true
}
}
}{
"name": "default",
"type": "Microsoft.Sql/managedInstances/vulnerabilityAssessments",
"id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/managedInstances/vulnerabilityaseessmenttest-6440/vulnerabilityAssessments/default",
"properties": {
"recurringScans": {
"emailSubscriptionAdmins": true,
"emails": [
"email1@mail.com",
"email2@mail.com"
],
"isEnabled": true
}
}
}Create a managed instance's vulnerability assessment with minimal parameters, when storageAccountAccessKey is specified
Sample request
PUT https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/managedInstances/vulnerabilityaseessmenttest-6440/vulnerabilityAssessments/default?api-version=2025-01-01
{
"properties": {
"storageAccountAccessKey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"storageContainerPath": "https://myStorage.blob.core.windows.net/vulnerability-assessment/"
}
}
Sample response
{
"name": "default",
"type": "Microsoft.Sql/managedInstances/vulnerabilityAssessments",
"id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/managedInstances/vulnerabilityaseessmenttest-6440/vulnerabilityAssessments/default",
"properties": {
"recurringScans": {
"emailSubscriptionAdmins": false,
"emails": [],
"isEnabled": true
}
}
}{
"name": "default",
"type": "Microsoft.Sql/managedInstances/vulnerabilityAssessments",
"id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/managedInstances/vulnerabilityaseessmenttest-6440/vulnerabilityAssessments/default",
"properties": {
"recurringScans": {
"emailSubscriptionAdmins": false,
"emails": [],
"isEnabled": true
}
}
}Create a managed instance's vulnerability assessment with minimal parameters, when storageContainerSasKey is specified
Sample request
PUT https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/managedInstances/vulnerabilityaseessmenttest-6440/vulnerabilityAssessments/default?api-version=2025-01-01
{
"properties": {
"storageContainerPath": "https://myStorage.blob.core.windows.net/vulnerability-assessment/",
"storageContainerSasKey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}
}
Sample response
{
"name": "default",
"type": "Microsoft.Sql/managedInstances/vulnerabilityAssessments",
"id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/managedInstances/vulnerabilityaseessmenttest-6440/vulnerabilityAssessments/default",
"properties": {
"recurringScans": {
"emailSubscriptionAdmins": false,
"emails": [],
"isEnabled": true
}
}
}{
"name": "default",
"type": "Microsoft.Sql/managedInstances/vulnerabilityAssessments",
"id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Sql/managedInstances/vulnerabilityaseessmenttest-6440/vulnerabilityAssessments/default",
"properties": {
"recurringScans": {
"emailSubscriptionAdmins": false,
"emails": [],
"isEnabled": true
}
}
}Definitions
| Name | Description |
|---|---|
|
created |
The type of identity that created the resource. |
|
Error |
The resource management error additional info. |
|
Error |
The error detail. |
|
Error |
Error response |
|
Managed |
A managed instance vulnerability assessment. |
|
system |
Metadata pertaining to creation and last modification of the resource. |
|
Vulnerability |
|
|
Vulnerability |
Properties of a Vulnerability Assessment recurring scans. |
createdByType
The type of identity that created the resource.
| Value | Description |
|---|---|
| User | |
| Application | |
| ManagedIdentity | |
| Key |
ErrorAdditionalInfo
The resource management error additional info.
| Name | Type | Description |
|---|---|---|
| info |
object |
The additional info. |
| type |
string |
The additional info type. |
ErrorDetail
The error detail.
| Name | Type | Description |
|---|---|---|
| additionalInfo |
The error additional info. |
|
| code |
string |
The error code. |
| details |
The error details. |
|
| message |
string |
The error message. |
| target |
string |
The error target. |
ErrorResponse
Error response
| Name | Type | Description |
|---|---|---|
| error |
The error object. |
ManagedInstanceVulnerabilityAssessment
A managed instance vulnerability assessment.
| Name | Type | Description |
|---|---|---|
| id |
string (arm-id) |
Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" |
| name |
string |
The name of the resource |
| properties.recurringScans |
The recurring scans settings |
|
| properties.storageAccountAccessKey |
string |
Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required. Applies only if the storage account is not behind a Vnet or a firewall |
| properties.storageContainerPath |
string |
A blob storage container path to hold the scan results (e.g. |
| properties.storageContainerSasKey |
string |
A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required. Applies only if the storage account is not behind a Vnet or a firewall |
| systemData |
Azure Resource Manager metadata containing createdBy and modifiedBy information. |
|
| type |
string |
The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" |
systemData
Metadata pertaining to creation and last modification of the resource.
| Name | Type | Description |
|---|---|---|
| createdAt |
string (date-time) |
The timestamp of resource creation (UTC). |
| createdBy |
string |
The identity that created the resource. |
| createdByType |
The type of identity that created the resource. |
|
| lastModifiedAt |
string (date-time) |
The timestamp of resource last modification (UTC) |
| lastModifiedBy |
string |
The identity that last modified the resource. |
| lastModifiedByType |
The type of identity that last modified the resource. |
VulnerabilityAssessmentName
| Value | Description |
|---|---|
| default |
default |
VulnerabilityAssessmentRecurringScansProperties
Properties of a Vulnerability Assessment recurring scans.
| Name | Type | Default value | Description |
|---|---|---|---|
| emailSubscriptionAdmins |
boolean |
True |
Specifies that the schedule scan notification will be is sent to the subscription administrators. |
| emails |
string[] |
Specifies an array of e-mail addresses to which the scan notification is sent. |
|
| isEnabled |
boolean |
Recurring scans state. |