How do I enable "Log Analytics agent/Azure Monitor agent" in Microsoft Defender for Cloud using Terraform?
I have the below Terraform code however it does not enable this settings.
resource "azurerm_security_center_subscription_pricing" "mdc_vm" {
count = var.enable_defender_plan_for_virtualmachines ? 1 : 0
tier = "Standard"
resource_type = "VirtualMachines"
}
resource "null_resource" "reset_vm" {
count = var.enable_defender_plan_for_virtualmachines ? 1 : 0
triggers = {
ad_info = local.az_info
}
provisioner "local-exec" {
when = destroy
command = <<-EOD
az login --service-principal -u ${element(split(",", self.triggers.ad_info), 0)} -p $ARM_CLIENT_SECRET --tenant ${element(split(",", self.triggers.ad_info), 2)}
az security pricing create -n VirtualMachines --tier 'Free' --subscription ${element(split(",", self.triggers.ad_info), 1)}
EOD
}
}
The azurerm provider has a resource for automatically provisioning theLog Analytics/Azure Monitor agents, so using a local-exec provisioner is not necessary:
resource "azurerm_security_center_auto_provisioning" "auto-provisioning" {
auto_provision = "On"
}