ServerVulnerabilityAssessment

Manages the Vulnerability Assessment for a MS SQL Server.

NOTE Vulnerability Assessment is currently only available for MS SQL databases.

Create a ServerVulnerabilityAssessment Resource

new ServerVulnerabilityAssessment(name: string, args: ServerVulnerabilityAssessmentArgs, opts?: CustomResourceOptions);

def ServerVulnerabilityAssessment(resource_name, opts=None, recurring_scans=None, server_security_alert_policy_id=None, storage_account_access_key=None, storage_container_path=None, storage_container_sas_key=None, __props__=None);

func NewServerVulnerabilityAssessment(ctx *Context, name string, args ServerVulnerabilityAssessmentArgs, opts ...ResourceOption) (*ServerVulnerabilityAssessment, error)

public ServerVulnerabilityAssessment(string name, ServerVulnerabilityAssessmentArgs args, CustomResourceOptions? opts = null)

name string: The unique name of the resource.
args ServerVulnerabilityAssessmentArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
opts ResourceOptions: A bag of options that control this resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ServerVulnerabilityAssessmentArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ServerVulnerabilityAssessmentArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

ServerVulnerabilityAssessment Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The ServerVulnerabilityAssessment resource accepts the following input properties:

ServerSecurityAlertPolicyId string: The id of the security alert policy of the MS SQL Server. Changing this forces a new resource to be created.
StorageContainerPath string: A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/).
RecurringScans ServerVulnerabilityAssessmentRecurringScansArgs: The recurring scans settings. The recurring_scans block supports fields documented below.
StorageAccountAccessKey string: Specifies the identifier key of the storage account for vulnerability assessment scan results. If storage_container_sas_key isn’t specified, storage_account_access_key is required.
StorageContainerSasKey string: A shared access signature (SAS Key) that has write access to the blob container specified in storage_container_path parameter. If storage_account_access_key isn’t specified, storage_container_sas_key is required.

ServerSecurityAlertPolicyId string: The id of the security alert policy of the MS SQL Server. Changing this forces a new resource to be created.
StorageContainerPath string: A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/).
RecurringScans ServerVulnerabilityAssessmentRecurringScans: The recurring scans settings. The recurring_scans block supports fields documented below.
StorageAccountAccessKey string: Specifies the identifier key of the storage account for vulnerability assessment scan results. If storage_container_sas_key isn’t specified, storage_account_access_key is required.
StorageContainerSasKey string: A shared access signature (SAS Key) that has write access to the blob container specified in storage_container_path parameter. If storage_account_access_key isn’t specified, storage_container_sas_key is required.

serverSecurityAlertPolicyId string: The id of the security alert policy of the MS SQL Server. Changing this forces a new resource to be created.
storageContainerPath string: A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/).
recurringScans ServerVulnerabilityAssessmentRecurringScans: The recurring scans settings. The recurring_scans block supports fields documented below.
storageAccountAccessKey string: Specifies the identifier key of the storage account for vulnerability assessment scan results. If storage_container_sas_key isn’t specified, storage_account_access_key is required.
storageContainerSasKey string: A shared access signature (SAS Key) that has write access to the blob container specified in storage_container_path parameter. If storage_account_access_key isn’t specified, storage_container_sas_key is required.

server_security_alert_policy_id str: The id of the security alert policy of the MS SQL Server. Changing this forces a new resource to be created.
storage_container_path str: A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/).
recurring_scans Dict[ServerVulnerabilityAssessmentRecurringScans]: The recurring scans settings. The recurring_scans block supports fields documented below.
storage_account_access_key str: Specifies the identifier key of the storage account for vulnerability assessment scan results. If storage_container_sas_key isn’t specified, storage_account_access_key is required.
storage_container_sas_key str: A shared access signature (SAS Key) that has write access to the blob container specified in storage_container_path parameter. If storage_account_access_key isn’t specified, storage_container_sas_key is required.

Outputs

All input properties are implicitly available as output properties. Additionally, the ServerVulnerabilityAssessment resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

Look up an Existing ServerVulnerabilityAssessment Resource

Get an existing ServerVulnerabilityAssessment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ServerVulnerabilityAssessmentState, opts?: CustomResourceOptions): ServerVulnerabilityAssessment

static get(resource_name, id, opts=None, recurring_scans=None, server_security_alert_policy_id=None, storage_account_access_key=None, storage_container_path=None, storage_container_sas_key=None, __props__=None);

func GetServerVulnerabilityAssessment(ctx *Context, name string, id IDInput, state *ServerVulnerabilityAssessmentState, opts ...ResourceOption) (*ServerVulnerabilityAssessment, error)

public static ServerVulnerabilityAssessment Get(string name, Input<string> id, ServerVulnerabilityAssessmentState? state, CustomResourceOptions? opts = null)

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

RecurringScans ServerVulnerabilityAssessmentRecurringScansArgs: The recurring scans settings. The recurring_scans block supports fields documented below.
ServerSecurityAlertPolicyId string: The id of the security alert policy of the MS SQL Server. Changing this forces a new resource to be created.
StorageAccountAccessKey string: Specifies the identifier key of the storage account for vulnerability assessment scan results. If storage_container_sas_key isn’t specified, storage_account_access_key is required.
StorageContainerPath string: A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/).
StorageContainerSasKey string: A shared access signature (SAS Key) that has write access to the blob container specified in storage_container_path parameter. If storage_account_access_key isn’t specified, storage_container_sas_key is required.

RecurringScans ServerVulnerabilityAssessmentRecurringScans: The recurring scans settings. The recurring_scans block supports fields documented below.
ServerSecurityAlertPolicyId string: The id of the security alert policy of the MS SQL Server. Changing this forces a new resource to be created.
StorageAccountAccessKey string: Specifies the identifier key of the storage account for vulnerability assessment scan results. If storage_container_sas_key isn’t specified, storage_account_access_key is required.
StorageContainerPath string: A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/).
StorageContainerSasKey string: A shared access signature (SAS Key) that has write access to the blob container specified in storage_container_path parameter. If storage_account_access_key isn’t specified, storage_container_sas_key is required.

recurringScans ServerVulnerabilityAssessmentRecurringScans: The recurring scans settings. The recurring_scans block supports fields documented below.
serverSecurityAlertPolicyId string: The id of the security alert policy of the MS SQL Server. Changing this forces a new resource to be created.
storageAccountAccessKey string: Specifies the identifier key of the storage account for vulnerability assessment scan results. If storage_container_sas_key isn’t specified, storage_account_access_key is required.
storageContainerPath string: A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/).
storageContainerSasKey string: A shared access signature (SAS Key) that has write access to the blob container specified in storage_container_path parameter. If storage_account_access_key isn’t specified, storage_container_sas_key is required.

recurring_scans Dict[ServerVulnerabilityAssessmentRecurringScans]: The recurring scans settings. The recurring_scans block supports fields documented below.
server_security_alert_policy_id str: The id of the security alert policy of the MS SQL Server. Changing this forces a new resource to be created.
storage_account_access_key str: Specifies the identifier key of the storage account for vulnerability assessment scan results. If storage_container_sas_key isn’t specified, storage_account_access_key is required.
storage_container_path str: A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/).
storage_container_sas_key str: A shared access signature (SAS Key) that has write access to the blob container specified in storage_container_path parameter. If storage_account_access_key isn’t specified, storage_container_sas_key is required.

Supporting Types

ServerVulnerabilityAssessmentRecurringScans

See the input and output API doc for this type.

EmailSubscriptionAdmins bool: Boolean flag which specifies if the schedule scan notification will be sent to the subscription administrators. Defaults to false.
Emails List<string>: Specifies an array of e-mail addresses to which the scan notification is sent.
Enabled bool: Boolean flag which specifies if recurring scans is enabled or disabled. Defaults to false.

EmailSubscriptionAdmins bool: Boolean flag which specifies if the schedule scan notification will be sent to the subscription administrators. Defaults to false.
Emails []string: Specifies an array of e-mail addresses to which the scan notification is sent.
Enabled bool: Boolean flag which specifies if recurring scans is enabled or disabled. Defaults to false.

emailSubscriptionAdmins boolean: Boolean flag which specifies if the schedule scan notification will be sent to the subscription administrators. Defaults to false.
emails string[]: Specifies an array of e-mail addresses to which the scan notification is sent.
enabled boolean: Boolean flag which specifies if recurring scans is enabled or disabled. Defaults to false.

emailSubscriptionAdmins bool: Boolean flag which specifies if the schedule scan notification will be sent to the subscription administrators. Defaults to false.
emails List[str]: Specifies an array of e-mail addresses to which the scan notification is sent.
enabled bool: Boolean flag which specifies if recurring scans is enabled or disabled. Defaults to false.

Package Details

Repository: https://github.com/pulumi/pulumi-azure
License: Apache-2.0
Notes: This Pulumi package is based on the azurerm Terraform Provider.

The Pulumi Platform

Get Started

Migrate to Pulumi

Solutions for All Teams and Engineers

Any Code

Any Cloud