Open MWL88 opened 2 years ago
Thanks @MWL88 . I will plan on checking this issue and will get back.
Thanks @MWL88 . I will plan on checking this issue and will get back.
any update on this? Having the same problem here
@peeeteeer I have submitted a PR for the addition of a simple Linux VM example with the MDE extension section updated. Below are the MDE updated bits.
{ "comments": "Deploy Microsoft Defender for Linux VM", "type": "Microsoft.Compute/virtualMachines/extensions", "apiVersion": "2021-03-01", "location": "[parameters('location')]", "name": "[concat(parameters('vmName'),'/MDE.Linux')]", "dependsOn": [ "[resourceId('Microsoft.Compute/virtualMachines', parameters('vmName'))]" ], "properties": { "autoUpgradeMinorVersion": true, "publisher": "Microsoft.Azure.AzureDefenderForServers", "type": "MDE.Linux", "typeHandlerVersion": "1.0", "settings": { "azureResourceId": "[resourceId('Microsoft.Compute/virtualMachines',parameters('vmName'))]", "defenderForServersWorkspaceId": "[subscription().subscriptionId]", "forceReOnboarding": false, "vNextEnabled": "false", "provisionedBy": "Manual" }, "protectedSettings": { "defenderForEndpointOnboardingScript": "[reference(subscriptionResourceId('Microsoft.Security/mdeOnboardings', 'Linux'), '2021-10-01-preview', 'full').properties.onboardingPackageLinux]" } } }
@peeeteeer I have submitted a PR for the addition of a simple Linux VM example with the MDE extension section updated. Below are the MDE updated bits.
{ "comments": "Deploy Microsoft Defender for Linux VM", "type": "Microsoft.Compute/virtualMachines/extensions", "apiVersion": "2021-03-01", "location": "[parameters('location')]", "name": "[concat(parameters('vmName'),'/MDE.Linux')]", "dependsOn": [ "[resourceId('Microsoft.Compute/virtualMachines', parameters('vmName'))]" ], "properties": { "autoUpgradeMinorVersion": true, "publisher": "Microsoft.Azure.AzureDefenderForServers", "type": "MDE.Linux", "typeHandlerVersion": "1.0", "settings": { "azureResourceId": "[resourceId('Microsoft.Compute/virtualMachines',parameters('vmName'))]", "defenderForServersWorkspaceId": "[subscription().subscriptionId]", "forceReOnboarding": false, "vNextEnabled": "false", "provisionedBy": "Manual" }, "protectedSettings": { "defenderForEndpointOnboardingScript": "[reference(subscriptionResourceId('Microsoft.Security/mdeOnboardings', 'Linux'), '2021-10-01-preview', 'full').properties.onboardingPackageLinux]" } } }
excellent - thanks!!! Did work for me
Can we also specify somehow the proxy server to use in the settings section?
When deploying the
VirtualMachine/vm-with-mde/azuredeploy.json
ARM template, the Windows extension installation is successful but the Linux extension fails. The error message is:Based on a quick troubleshoot on the Linux VM, it appears the issue is caused by the installation process expecting the
protectedSettings
property to be populated with something.When this extension (MDE.Linux) is deployed via remediating an Advisors recommendation, the
protectedSettings
property is populated with a base64 encoded encrypted string which is read, decoded and decrypted by the extension's installation script.Please advise if this is a known issue and how the MDE.Linux extension should be deployed via an arbitrary ARM template.
Thanks