Hi, I am going to bump this because it's very relevant.

I am working on deploying AATP via DSC. I have the DSC Code written, almost.

Script DeployAATP

    {

        GetScript =

        {

            Write-Verbose 'Checking for presence of AATP Sensor service'

            try

            {

                Get-Service 'AATPSensor' -ErrorAction Stop

                return @{

                    'Result' = 'installed'

                }

            }

            catch [Microsoft.PowerShell.Commands.ServiceCommandException]

            {

                return @{

                    'Result' = 'missing'

                }

            }

        }

        TestScript =

        {

            $state = [scriptblock]::Create($GetScript).Invoke()

            if ($state['Result'] -eq 'missing')

            {

                Write-Verbose 'Azure ATP Agent is NOT installed'

                return $true

            }

            Write-Verbose 'Azure ATP Agent is installed'

            return $false

        }

        SetScript =

        {

        }

    }

I know I can run the dot command to execute the silent installer. I am trying to work out the best way to host the Zip/Exe file. I would put it on a share but we have multiple domains and not everything trusts everything. I am considering hosting the file on an Azure Storage Account, but then need to manage SAS keys and at some point the current version will no longer work so that has to be managed.

I can output the JSON file contents as part of the script, that's no problem, is there a location I can grab the EXE from? When you click the download button in the portal, I am sure it will grab the exe from somewhere, add the JSON config to the Zip file then download it. Is it possible to download just the EXE file so that I can always ensure I am grabbing the latest release without needing to manage anything?

Thanks