Manages an Azure Server Vulnerability Assessment (Qualys) to a VM.
resource "azurerm_resource_group" "example" {
name = "example-resources"
location = "West Europe"
}
resource "azurerm_virtual_network" "example" {
name = "example-vnet"
resource_group_name = azurerm_resource_group.example.name
address_space = ["192.168.1.0/24"]
location = azurerm_resource_group.example.location
}
resource "azurerm_subnet" "example" {
name = "example-subnet"
resource_group_name = azurerm_resource_group.example.name
virtual_network_name = azurerm_virtual_network.example.name
address_prefixes = ["192.168.1.0/24"]
}
resource "azurerm_network_interface" "example" {
name = "example-nic"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
ip_configuration {
name = "vm-example"
subnet_id = azurerm_subnet.example.id
private_ip_address_allocation = "Dynamic"
}
}
resource "azurerm_linux_virtual_machine" "example" {
name = "example-vm"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
size = "Standard_B1s"
admin_username = "testadmin"
admin_password = "Password1234!"
disable_password_authentication = false
source_image_reference {
publisher = "Canonical"
offer = "0001-com-ubuntu-server-jammy"
sku = "22_04-lts"
version = "latest"
}
os_disk {
caching = "ReadWrite"
storage_account_type = "Standard_LRS"
}
network_interface_ids = [azurerm_network_interface.example.id]
}
resource "azurerm_security_center_server_vulnerability_assessment_virtual_machine" "example" {
virtual_machine_id = azurerm_linux_virtual_machine.example.id
}
The following arguments are supported:
virtual_machine_id
- (Required) The ID of the virtual machine to be monitored by vulnerability assessment. Changing this forces a new resource to be created.In addition to the Arguments listed above - the following Attributes are exported:
id
- The ID of the Vulnerability Assessment resource.The timeouts
block allows you to specify timeouts for certain actions:
create
- (Defaults to 5 minutes) Used when creating the Advanced Threat Protection.read
- (Defaults to 5 minutes) Used when retrieving the Advanced Threat Protection.delete
- (Defaults to 10 minutes) Used when deleting the Advanced Threat Protection.Server Vulnerability Assessments can be imported using the resource id
, e.g.
terraform import azurerm_security_center_server_vulnerability_assessment_virtual_machine.example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resource-group-name/providers/Microsoft.Compute/virtualMachines/vm-name/providers/Microsoft.Security/serverVulnerabilityAssessments/Default