Azure Security Center Server Vulnerability Assessment
This page shows how to write Terraform for Security Center Server Vulnerability Assessment and write them securely.
azurerm_security_center_server_vulnerability_assessment (Terraform)
The Server Vulnerability Assessment in Security Center can be configured in Terraform with the resource name azurerm_security_center_server_vulnerability_assessment
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
An example could not be found in GitHub.
Parameters
-
hybrid_machine_id
optional - string -
id
optional computed - string -
virtual_machine_id
optional - string -
timeouts
single block
Explanation in Terraform Registry
Manages an Azure Server Vulnerability Assessment (Qualys) to a VM. -> NOTE Azure Defender has to be enabled on the subscription in order for this resource to work. See this documentation to get started.
Tips: Best Practices for The Other Azure Security Center Resources
In addition to the azurerm_security_center_contact, Azure Security Center has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.
azurerm_security_center_contact
Ensure to enable alert notifications
It is better to configure at least one valid contact for the security center. Microsoft will inform you directly in the event of a security incident using emails.
azurerm_security_center_subscription_pricing
Ensure to enable alert notifications
It is better to enable Azure Defender, which is a cloud workload protection service for App Services. In addition, It is also able to analyze non-Azure resources, utilizing Azure Arc, including those on-premises and in both AWS and GCP.
Azure Resource Manager Example
Azure Resource Manager code does not have the related resource.