如何使用 Terraform 在 Microsoft Defender for Cloud 中启用“Log Analytics 代理/Azure Monitor 代理”?
我有以下 Terraform 代码,但它没有启用此设置。
resource "azurerm_security_center_subscription_pricing" "mdc_vm" {
count = var.enable_defender_plan_for_virtualmachines ? 1 : 0
tier = "Standard"
resource_type = "VirtualMachines"
}
resource "null_resource" "reset_vm" {
count = var.enable_defender_plan_for_virtualmachines ? 1 : 0
triggers = {
ad_info = local.az_info
}
provisioner "local-exec" {
when = destroy
command = <<-EOD
az login --service-principal -u ${element(split(",", self.triggers.ad_info), 0)} -p $ARM_CLIENT_SECRET --tenant ${element(split(",", self.triggers.ad_info), 2)}
az security pricing create -n VirtualMachines --tier 'Free' --subscription ${element(split(",", self.triggers.ad_info), 1)}
EOD
}
}
最佳答案
azurerm 提供商有一个 resource用于自动预配 Log Analytics/Azure Monitor 代理,因此无需使用 local-exec 预配程序:
resource "azurerm_security_center_auto_provisioning" "auto-provisioning" {
auto_provision = "On"
}
关于azure - 如何使用 Terraform 在 Microsoft Defender for Cloud 中启用 "Log Analytics agent/Azure Monitor agent"?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/75031556/