Microsoft
MicrosoftHi joe-zuchora. Yes, if you're choosing MDVM as your vulnerability assessment provider, there's a simpler way of enabling it (no need for a Policy assignment). It is undocumented and I hadn't time to test it thoroughly, but with the AzApi Terraform resource provider, you should be able to do it like the example below:
resource "azapi_resource" "DfSMDVMSettings" {
type = "Microsoft.Security/serverVulnerabilityAssessmentsSettings@2022-01-01-preview"
name = "AzureServersSetting"
parent_id = "<subscription id>"
body = jsonencode({
properties = {
selectedProvider = "MdeTvm"
}
kind = "AzureServersSetting"
})
}
If you want to do it with a REST API call, you can do it as the below (Azure PowerShell):
$url = "https://management.azure.com/subscriptions/<susbcription id>/providers/Microsoft.Security/serverVulnerabilityAssessmentsSettings/AzureServersSetting?api-version=2022-01-01-preview"
$body = '{ "properties": {"selectedProvider":"MdeTvm"}, "kind":"AzureServersSetting" }'
Invoke-AzRestMethod -Uri $url -Method PUT -Payload $body
