Select Language:
If you’re experiencing issues with Vulnerability Assessment in your Azure SQL database, and you’re seeing problems like query results failing to load or the “Add as baseline” option being disabled, the problem often comes down to storage account access.
Usually, this happens when the storage account used for the assessment isn’t accessible by the Defender for SQL service. Even if your client IP and virtual network are allowed, the service itself needs permission to read and write data to that storage account. If firewalls or private endpoint settings block this access, you’ll see the symptoms you’re describing.
Here’s how you can fix it:
First, check how your Vulnerability Assessment is set up. If you’re using a custom, classic storage account, make sure the service can connect to it properly.
Next, review the storage account’s networking rules. To test whether access is the problem, temporarily allow access from all networks. After doing this, go back to Defender for Cloud and save the Vulnerability Assessment settings again. This step helps the service recheck if it can connect to the storage.
If this step works, you can then tighten up the access restrictions once more. But be aware that in more secure setups—like those using private endpoints—you might need to do additional network configuration to allow the service to reach the storage account.
Also, double-check that your storage account is the correct type. It should be a general-purpose v2 account, on the standard tier, and not using archive access tier, as these aren’t supported for Vulnerability Assessment.
Once your storage account is accessible and the settings are saved successfully, the portal should load query results properly and enable the “Add as baseline” option.
For more detailed guidance, you can review the official documentation here:
Hopefully, this helps you resolve the issue quickly.
ChatGPT
Perplexity
Gemini AI
Grok AI
