MicrosoftAnthonyWatherston I made modification to the initial block, the challenge happens to be the fact that I can't even get the event to trigger for compliance. It's inaccurately reporting those resources as compliant
I have manually installed the application to make sure the value I'm providing to the unique field is correct. I might be missing something on that end.
All things equal, the windows side of thing works just fine.
Param([object]$WebhookData)
$eventData = (ConvertFrom-Json -InputObject $WebhookData.RequestBody)
if ($eventData.subject -match 'microsoft.compute/virtualmachines') {
$vmName = $eventData.subject.Split('/')[8]
$vmResourceGroupName = $eventData.subject.Split('/')[4]
Connect-AzAccount -Identity -Environment environment
## Install sensor into the Linux Server
$scriptBlock = @'
sudo apt-get install git
sudo wget https://application pull location
sudo dpkg -i application.deb
sudo chmod 777
sudo /opt/aplicationfolder/application -s --cid=xxxxxxxxxxxxxxxxxxxx-xx
sudo service application-name start
'@
$scriptBlock | Out-File $env:C:\script.ps1
(Get-Content $env:C:\script.ps1 -Raw) -replace "VALUE", $sasUri | Set-Content $env:C:\script.ps1 -Force
Invoke-AzVMRunCommand -ResourceGroupName $vmResourceGroupName -VMName $vmName -ScriptPath $env:C:\script.ps1 -CommandId 'RunShellScript' -Verbose
}
else {
Write-Output "Event subject does not match microsoft.compute"
}