Forum Discussion
Virtual Machine Vulnerability Assessment (powered by Qualys) extension installation via Terraform
Hello All,
I'm trying to install Virtual Machine Vulnerability Assessment (powered by Qualys) extension via Terraform. I imported the existing VM extension configuration then I saw LicenseCode, CustomerID, and Resource ID were written in the tfsate file. How do I get this information (LicenseCode, CustomerID, and Resource ID) for writing in my .tf files? Could Microsoft or Qualys provide this info?
- cityofshipsCopper Contributor
These values are landing in /var/lib/waagent/Qualys.LinuxAgent.AzureSecurityCenter-1.0.0.13/config/0.settings file in case of Linux VM. I believe you can obtain LicenseCode from it and apply to the others, for the other values I'm not sure yet - trying to figure this out for myself as well.
EDIT:
LicenseCode parameter has in fact next 4 values encoded: customer ID, activation ID, activation URL and port. This particular customer ID used for activation is different than what's found under 'GrayLabel' settings.
- ssherifCopper Contributor
hi cityofships
I saw that the license code and customerid don't change for my Subscription VMs in the imported VM extension terraform state file but resourceid changes for each VMs. I should find source of resourceid, how is it generated, or got.
- cityofshipsCopper Contributor
ssherifit's done inside the portal and can be triggered using REST API. Looks like normally these values are not returned anywhere to the user which makes sense, you can't start generating license keys for the VMs outside of Azure. Have a look here: https://techcommunity.microsoft.com/t5/azure-security-center/built-in-vulnerability-assessment-for-vms-in-azure-security/ba-p/1577947
So looks like the only escape here is local-exec provisioner. ARM template is an alternative.
- chwmmh610Copper ContributorHey wanted to send a helpful update to everyone who looks at this. You can now dow this via https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/azurerm_security_center_server_vulnerability_assessment