Forum Discussion
Question regarding manual (or delayed automatic) onboarding of VMs to Microsoft Defender for Cloud
Hello, I have a use case scenario where my infrastructure consisting of both Linux and Windows Virtual Machines is deployed via Azure DevOps Pipeline to an Azure Subscription, which has Microsoft...
StanislavBelov
Microsoft
MicrosoftAs soon as MDC discovers a new running VM it starts the onboarding process (deploys the LA agent if auto provisioning is enabled, onboards to MDE if the integration is enabled, etc.). There is no way to delay or control this process other than disable auto provisioning that was created to streamline the onboarding process.
Issue with this is that even if the auto-provisioning of LA agent is disabled - MDC is still initiating the onboarding process. This is true even for VMs that are not connected to any Log Analytics Workspaces (aka - VMs with no MMA agent) - I've tested this and that is indeed the case.
In our case this is problematic for Linux VMs in two ways:
1. Since there is no information on how exactly mdatp agent is being provisioned to the VM, installation could interfere with Ansible configuration tasks after the automatic deployment of the VM.
2. We want to control the configuration state of the built machine, which is going to change after the automatic provisioning of the mdatp agent.
Is there any way to Onboard the agent manually to the VM in order to skip the automatic installation by MDC? This would a sufficient workaround for us and eliminate the need to stop or delay the automatic onboarding of Linux VMs in the Subscription.
In our case this is problematic for Linux VMs in two ways:
1. Since there is no information on how exactly mdatp agent is being provisioned to the VM, installation could interfere with Ansible configuration tasks after the automatic deployment of the VM.
2. We want to control the configuration state of the built machine, which is going to change after the automatic provisioning of the mdatp agent.
Is there any way to Onboard the agent manually to the VM in order to skip the automatic installation by MDC? This would a sufficient workaround for us and eliminate the need to stop or delay the automatic onboarding of Linux VMs in the Subscription.