Server
data class ServerVulnerabilityAssessmentVirtualMachineArgs(val virtualMachineId: Output<String>? = null) : ConvertibleToJava<ServerVulnerabilityAssessmentVirtualMachineArgs>
Manages an Azure Server Vulnerability Assessment (Qualys) to a VM.
Note: Azure Defender has to be enabled on the subscription in order for this resource to work. See this documentation to get started.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
name: "example-resources",
location: "West Europe",
});
const exampleVirtualNetwork = new azure.network.VirtualNetwork("example", {
name: "example-vnet",
resourceGroupName: example.name,
addressSpaces: ["192.168.1.0/24"],
location: example.location,
});
const exampleSubnet = new azure.network.Subnet("example", {
name: "example-subnet",
resourceGroupName: example.name,
virtualNetworkName: exampleVirtualNetwork.name,
addressPrefixes: ["192.168.1.0/24"],
});
const exampleNetworkInterface = new azure.network.NetworkInterface("example", {
name: "example-nic",
location: example.location,
resourceGroupName: example.name,
ipConfigurations: [{
name: "vm-example",
subnetId: exampleSubnet.id,
privateIpAddressAllocation: "Dynamic",
}],
});
const exampleLinuxVirtualMachine = new azure.compute.LinuxVirtualMachine("example", {
name: "example-vm",
location: example.location,
resourceGroupName: example.name,
size: "Standard_B1s",
adminUsername: "testadmin",
adminPassword: "Password1234!",
disablePasswordAuthentication: false,
sourceImageReference: {
publisher: "Canonical",
offer: "0001-com-ubuntu-server-jammy",
sku: "22_04-lts",
version: "latest",
},
osDisk: {
caching: "ReadWrite",
storageAccountType: "Standard_LRS",
},
networkInterfaceIds: [exampleNetworkInterface.id],
});
const exampleServerVulnerabilityAssessmentVirtualMachine = new azure.securitycenter.ServerVulnerabilityAssessmentVirtualMachine("example", {virtualMachineId: exampleLinuxVirtualMachine.id});Content copied to clipboard
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
name="example-resources",
location="West Europe")
example_virtual_network = azure.network.VirtualNetwork("example",
name="example-vnet",
resource_group_name=example.name,
address_spaces=["192.168.1.0/24"],
location=example.location)
example_subnet = azure.network.Subnet("example",
name="example-subnet",
resource_group_name=example.name,
virtual_network_name=example_virtual_network.name,
address_prefixes=["192.168.1.0/24"])
example_network_interface = azure.network.NetworkInterface("example",
name="example-nic",
location=example.location,
resource_group_name=example.name,
ip_configurations=[{
"name": "vm-example",
"subnet_id": example_subnet.id,
"private_ip_address_allocation": "Dynamic",
}])
example_linux_virtual_machine = azure.compute.LinuxVirtualMachine("example",
name="example-vm",
location=example.location,
resource_group_name=example.name,
size="Standard_B1s",
admin_username="testadmin",
admin_password="Password1234!",
disable_password_authentication=False,
source_image_reference={
"publisher": "Canonical",
"offer": "0001-com-ubuntu-server-jammy",
"sku": "22_04-lts",
"version": "latest",
},
os_disk={
"caching": "ReadWrite",
"storage_account_type": "Standard_LRS",
},
network_interface_ids=[example_network_interface.id])
example_server_vulnerability_assessment_virtual_machine = azure.securitycenter.ServerVulnerabilityAssessmentVirtualMachine("example", virtual_machine_id=example_linux_virtual_machine.id)Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-resources",
Location = "West Europe",
});
var exampleVirtualNetwork = new Azure.Network.VirtualNetwork("example", new()
{
Name = "example-vnet",
ResourceGroupName = example.Name,
AddressSpaces = new[]
{
"192.168.1.0/24",
},
Location = example.Location,
});
var exampleSubnet = new Azure.Network.Subnet("example", new()
{
Name = "example-subnet",
ResourceGroupName = example.Name,
VirtualNetworkName = exampleVirtualNetwork.Name,
AddressPrefixes = new[]
{
"192.168.1.0/24",
},
});
var exampleNetworkInterface = new Azure.Network.NetworkInterface("example", new()
{
Name = "example-nic",
Location = example.Location,
ResourceGroupName = example.Name,
IpConfigurations = new[]
{
new Azure.Network.Inputs.NetworkInterfaceIpConfigurationArgs
{
Name = "vm-example",
SubnetId = exampleSubnet.Id,
PrivateIpAddressAllocation = "Dynamic",
},
},
});
var exampleLinuxVirtualMachine = new Azure.Compute.LinuxVirtualMachine("example", new()
{
Name = "example-vm",
Location = example.Location,
ResourceGroupName = example.Name,
Size = "Standard_B1s",
AdminUsername = "testadmin",
AdminPassword = "Password1234!",
DisablePasswordAuthentication = false,
SourceImageReference = new Azure.Compute.Inputs.LinuxVirtualMachineSourceImageReferenceArgs
{
Publisher = "Canonical",
Offer = "0001-com-ubuntu-server-jammy",
Sku = "22_04-lts",
Version = "latest",
},
OsDisk = new Azure.Compute.Inputs.LinuxVirtualMachineOsDiskArgs
{
Caching = "ReadWrite",
StorageAccountType = "Standard_LRS",
},
NetworkInterfaceIds = new[]
{
exampleNetworkInterface.Id,
},
});
var exampleServerVulnerabilityAssessmentVirtualMachine = new Azure.SecurityCenter.ServerVulnerabilityAssessmentVirtualMachine("example", new()
{
VirtualMachineId = exampleLinuxVirtualMachine.Id,
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/compute"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/network"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/securitycenter"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-resources"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleVirtualNetwork, err := network.NewVirtualNetwork(ctx, "example", &network.VirtualNetworkArgs{
Name: pulumi.String("example-vnet"),
ResourceGroupName: example.Name,
AddressSpaces: pulumi.StringArray{
pulumi.String("192.168.1.0/24"),
},
Location: example.Location,
})
if err != nil {
return err
}
exampleSubnet, err := network.NewSubnet(ctx, "example", &network.SubnetArgs{
Name: pulumi.String("example-subnet"),
ResourceGroupName: example.Name,
VirtualNetworkName: exampleVirtualNetwork.Name,
AddressPrefixes: pulumi.StringArray{
pulumi.String("192.168.1.0/24"),
},
})
if err != nil {
return err
}
exampleNetworkInterface, err := network.NewNetworkInterface(ctx, "example", &network.NetworkInterfaceArgs{
Name: pulumi.String("example-nic"),
Location: example.Location,
ResourceGroupName: example.Name,
IpConfigurations: network.NetworkInterfaceIpConfigurationArray{
&network.NetworkInterfaceIpConfigurationArgs{
Name: pulumi.String("vm-example"),
SubnetId: exampleSubnet.ID(),
PrivateIpAddressAllocation: pulumi.String("Dynamic"),
},
},
})
if err != nil {
return err
}
exampleLinuxVirtualMachine, err := compute.NewLinuxVirtualMachine(ctx, "example", &compute.LinuxVirtualMachineArgs{
Name: pulumi.String("example-vm"),
Location: example.Location,
ResourceGroupName: example.Name,
Size: pulumi.String("Standard_B1s"),
AdminUsername: pulumi.String("testadmin"),
AdminPassword: pulumi.String("Password1234!"),
DisablePasswordAuthentication: pulumi.Bool(false),
SourceImageReference: &compute.LinuxVirtualMachineSourceImageReferenceArgs{
Publisher: pulumi.String("Canonical"),
Offer: pulumi.String("0001-com-ubuntu-server-jammy"),
Sku: pulumi.String("22_04-lts"),
Version: pulumi.String("latest"),
},
OsDisk: &compute.LinuxVirtualMachineOsDiskArgs{
Caching: pulumi.String("ReadWrite"),
StorageAccountType: pulumi.String("Standard_LRS"),
},
NetworkInterfaceIds: pulumi.StringArray{
exampleNetworkInterface.ID(),
},
})
if err != nil {
return err
}
_, err = securitycenter.NewServerVulnerabilityAssessmentVirtualMachine(ctx, "example", &securitycenter.ServerVulnerabilityAssessmentVirtualMachineArgs{
VirtualMachineId: exampleLinuxVirtualMachine.ID(),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.network.VirtualNetwork;
import com.pulumi.azure.network.VirtualNetworkArgs;
import com.pulumi.azure.network.Subnet;
import com.pulumi.azure.network.SubnetArgs;
import com.pulumi.azure.network.NetworkInterface;
import com.pulumi.azure.network.NetworkInterfaceArgs;
import com.pulumi.azure.network.inputs.NetworkInterfaceIpConfigurationArgs;
import com.pulumi.azure.compute.LinuxVirtualMachine;
import com.pulumi.azure.compute.LinuxVirtualMachineArgs;
import com.pulumi.azure.compute.inputs.LinuxVirtualMachineSourceImageReferenceArgs;
import com.pulumi.azure.compute.inputs.LinuxVirtualMachineOsDiskArgs;
import com.pulumi.azure.securitycenter.ServerVulnerabilityAssessmentVirtualMachine;
import com.pulumi.azure.securitycenter.ServerVulnerabilityAssessmentVirtualMachineArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-resources")
.location("West Europe")
.build());
var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder()
.name("example-vnet")
.resourceGroupName(example.name())
.addressSpaces("192.168.1.0/24")
.location(example.location())
.build());
var exampleSubnet = new Subnet("exampleSubnet", SubnetArgs.builder()
.name("example-subnet")
.resourceGroupName(example.name())
.virtualNetworkName(exampleVirtualNetwork.name())
.addressPrefixes("192.168.1.0/24")
.build());
var exampleNetworkInterface = new NetworkInterface("exampleNetworkInterface", NetworkInterfaceArgs.builder()
.name("example-nic")
.location(example.location())
.resourceGroupName(example.name())
.ipConfigurations(NetworkInterfaceIpConfigurationArgs.builder()
.name("vm-example")
.subnetId(exampleSubnet.id())
.privateIpAddressAllocation("Dynamic")
.build())
.build());
var exampleLinuxVirtualMachine = new LinuxVirtualMachine("exampleLinuxVirtualMachine", LinuxVirtualMachineArgs.builder()
.name("example-vm")
.location(example.location())
.resourceGroupName(example.name())
.size("Standard_B1s")
.adminUsername("testadmin")
.adminPassword("Password1234!")
.disablePasswordAuthentication(false)
.sourceImageReference(LinuxVirtualMachineSourceImageReferenceArgs.builder()
.publisher("Canonical")
.offer("0001-com-ubuntu-server-jammy")
.sku("22_04-lts")
.version("latest")
.build())
.osDisk(LinuxVirtualMachineOsDiskArgs.builder()
.caching("ReadWrite")
.storageAccountType("Standard_LRS")
.build())
.networkInterfaceIds(exampleNetworkInterface.id())
.build());
var exampleServerVulnerabilityAssessmentVirtualMachine = new ServerVulnerabilityAssessmentVirtualMachine("exampleServerVulnerabilityAssessmentVirtualMachine", ServerVulnerabilityAssessmentVirtualMachineArgs.builder()
.virtualMachineId(exampleLinuxVirtualMachine.id())
.build());
}
}Content copied to clipboard
resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-resources
location: West Europe
exampleVirtualNetwork:
type: azure:network:VirtualNetwork
name: example
properties:
name: example-vnet
resourceGroupName: ${example.name}
addressSpaces:
- 192.168.1.0/24
location: ${example.location}
exampleSubnet:
type: azure:network:Subnet
name: example
properties:
name: example-subnet
resourceGroupName: ${example.name}
virtualNetworkName: ${exampleVirtualNetwork.name}
addressPrefixes:
- 192.168.1.0/24
exampleNetworkInterface:
type: azure:network:NetworkInterface
name: example
properties:
name: example-nic
location: ${example.location}
resourceGroupName: ${example.name}
ipConfigurations:
- name: vm-example
subnetId: ${exampleSubnet.id}
privateIpAddressAllocation: Dynamic
exampleLinuxVirtualMachine:
type: azure:compute:LinuxVirtualMachine
name: example
properties:
name: example-vm
location: ${example.location}
resourceGroupName: ${example.name}
size: Standard_B1s
adminUsername: testadmin
adminPassword: Password1234!
disablePasswordAuthentication: false
sourceImageReference:
publisher: Canonical
offer: 0001-com-ubuntu-server-jammy
sku: 22_04-lts
version: latest
osDisk:
caching: ReadWrite
storageAccountType: Standard_LRS
networkInterfaceIds:
- ${exampleNetworkInterface.id}
exampleServerVulnerabilityAssessmentVirtualMachine:
type: azure:securitycenter:ServerVulnerabilityAssessmentVirtualMachine
name: example
properties:
virtualMachineId: ${exampleLinuxVirtualMachine.id}Content copied to clipboard
Import
Server Vulnerability Assessments can be imported using the resource id, e.g.
$ pulumi import azure:securitycenter/serverVulnerabilityAssessmentVirtualMachine:ServerVulnerabilityAssessmentVirtualMachine example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resource-group-name/providers/Microsoft.Compute/virtualMachines/vm-name/providers/Microsoft.Security/serverVulnerabilityAssessments/DefaultContent copied to clipboard