Server
Manages the Vulnerability Assessment for a MS SQL Server.
NOTE Vulnerability Assessment is currently only available for MS SQL databases.
Example Usage
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.sql.SqlServer;
import com.pulumi.azure.sql.SqlServerArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import com.pulumi.azure.storage.Container;
import com.pulumi.azure.storage.ContainerArgs;
import com.pulumi.azure.mssql.ServerSecurityAlertPolicy;
import com.pulumi.azure.mssql.ServerSecurityAlertPolicyArgs;
import com.pulumi.azure.mssql.ServerVulnerabilityAssessment;
import com.pulumi.azure.mssql.ServerVulnerabilityAssessmentArgs;
import com.pulumi.azure.mssql.inputs.ServerVulnerabilityAssessmentRecurringScansArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
.location("West Europe")
.build());
var exampleSqlServer = new SqlServer("exampleSqlServer", SqlServerArgs.builder()
.resourceGroupName(exampleResourceGroup.name())
.location(exampleResourceGroup.location())
.version("12.0")
.administratorLogin("4dm1n157r470r")
.administratorLoginPassword("4-v3ry-53cr37-p455w0rd")
.build());
var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
.resourceGroupName(exampleResourceGroup.name())
.location(exampleResourceGroup.location())
.accountTier("Standard")
.accountReplicationType("GRS")
.build());
var exampleContainer = new Container("exampleContainer", ContainerArgs.builder()
.storageAccountName(exampleAccount.name())
.containerAccessType("private")
.build());
var exampleServerSecurityAlertPolicy = new ServerSecurityAlertPolicy("exampleServerSecurityAlertPolicy", ServerSecurityAlertPolicyArgs.builder()
.resourceGroupName(exampleResourceGroup.name())
.serverName(exampleSqlServer.name())
.state("Enabled")
.build());
var exampleServerVulnerabilityAssessment = new ServerVulnerabilityAssessment("exampleServerVulnerabilityAssessment", ServerVulnerabilityAssessmentArgs.builder()
.serverSecurityAlertPolicyId(exampleServerSecurityAlertPolicy.id())
.storageContainerPath(Output.tuple(exampleAccount.primaryBlobEndpoint(), exampleContainer.name()).applyValue(values -> {
var primaryBlobEndpoint = values.t1;
var name = values.t2;
return String.format("%s%s/", primaryBlobEndpoint,name);
}))
.storageAccountAccessKey(exampleAccount.primaryAccessKey())
.recurringScans(ServerVulnerabilityAssessmentRecurringScansArgs.builder()
.enabled(true)
.emailSubscriptionAdmins(true)
.emails(
"email@example1.com",
"email@example2.com")
.build())
.build());
}
}Content copied to clipboard
Import
MS SQL Server Vulnerability Assessment can be imported using the resource id, e.g.
$ pulumi import azure:mssql/serverVulnerabilityAssessment:ServerVulnerabilityAssessment example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/acceptanceTestResourceGroup1/providers/Microsoft.Sql/servers/mssqlserver/vulnerabilityAssessments/DefaultContent copied to clipboard
Properties
Link copied to clipboard
A blob storage container path to hold the scan results (e.g. https://example.blob.core.windows.net/VaScans/).