az security va sql results
Command group 'az security va sql' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
View Sql Vulnerability Assessment scan results.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az security va sql results list |
List a list of scan results for a single scan record. |
Core | Preview |
| az security va sql results show |
Get the scan results of a single rule in a scan record. |
Core | Preview |
az security va sql results list
Command group 'az security va sql results' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
List a list of scan results for a single scan record.
az security va sql results list --resource-id
--scan-id
[--database-name]
[--max-items]
[--next-token]
Examples
List all scan results for a given scan id on an Azure SQL database.
az security va sql results list --resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Sql/servers/{server}/databases/{db} --scan-id Scan_2026-01-01T00-00-00Z
List scan results on a SQL DB hosted on an Azure virtual machine.
az security va sql results list --resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Compute/virtualMachines/{vm} --database-name MyDb --scan-id Scan_2026-01-01T00-00-00Z
Required Parameters
The fully qualified Azure Resource manager identifier of the resource.
The scan Id.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
The name of the database to assess. Required when the API is called on the parent resource (e.g., server level) rather than on a specific database resource, since the database name is not part of the resource URI. This is the only way to assess system databases (e.g., master), which cannot be referenced directly in the resource URI.
Total number of items to return in the command's output. If the total number of items available is more than the value specified, a token is provided in the command's output. To resume pagination, provide the token value in --next-token argument of a subsequent command.
| Property | Value |
|---|---|
| Parameter group: | Pagination Arguments |
Token to specify where to start paginating. This is the token value from a previously truncated response.
| Property | Value |
|---|---|
| Parameter group: | Pagination Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az security va sql results show
Command group 'az security va sql results' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Get the scan results of a single rule in a scan record.
az security va sql results show --resource-id
--rule-id --scan-result-id
--scan-id
[--database-name]
Examples
Show results for rule VA1234 from a given scan id on an Azure SQL database.
az security va sql results show --resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Sql/servers/{server}/databases/{db} --scan-id Scan_2026-01-01T00-00-00Z --rule-id VA1234
Show results for a single rule on an Arc-enabled SQL server.
az security va sql results show --resource-id /subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.HybridCompute/machines/{arc} --database-name MyDb --scan-id Scan_2026-01-01T00-00-00Z --rule-id VA1234
Required Parameters
The fully qualified Azure Resource manager identifier of the resource.
The rule Id of the results.
The scan Id.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
The name of the database to assess. Required when the API is called on the parent resource (e.g., server level) rather than on a specific database resource, since the database name is not part of the resource URI. This is the only way to assess system databases (e.g., master), which cannot be referenced directly in the resource URI.
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |