REST API для виртуальных машин Azure
С помощью этого REST API вы можете легко перенести подписку в большом масштабе из любого решения оценки уязвимостей в решение "Управление уязвимостями Защитника".
PUT https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Security/serverVulnerabilityAssessmentsSettings/AzureServersSetting?api-version=2022-01-01-preview
{
"kind": "AzureServersSetting",
"properties": {
"selectedProvider": "MdeTvm"
}
}
Once you complete the transition to the Defender Vulnerability Management solution, you need to remove the old vulnerability assessment solution.
REST API for multicloud VMs
Using this REST API, you can easily migrate your subscription, at scale, from any vulnerability assessment solution to the Defender Vulnerability Management solution.
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/securityconnectors/{connectorName}?api-version=2022-08-01-preview
{
"properties": {
"hierarchyIdentifier": "{GcpProjectNumber}",
"environmentName": "GCP",
"offerings": [
{
"offeringType": "CspmMonitorGcp",
"nativeCloudConnection": {
"workloadIdentityProviderId": "{cspm}",
"serviceAccountEmailAddress": "{emailAddressRemainsAsIs}"
}
},
{
"offeringType": "DefenderCspmGcp"
},
{
"offeringType": "DefenderForServersGcp",
"defenderForServers": {
"workloadIdentityProviderId": "{defender-for-servers}",
"serviceAccountEmailAddress": "{emailAddressRemainsAsIs}"
},
"arcAutoProvisioning": {
"enabled": true,
"configuration": {}
},
"mdeAutoProvisioning": {
"enabled": true,
"configuration": {}
},
"vaAutoProvisioning": {
"enabled": true,
"configuration": {
"type": "TVM"
}
},
"subPlan": "{P1/P2}"
}
],
"environmentData": {
"environmentType": "GcpProject",
"projectDetails": {
"projectId": "{GcpProjectId}",
"projectNumber": "{GcpProjectNumber}",
"workloadIdentityPoolId": "{identityPoolIdRemainsTheSame}"
}
}
},
"location": "{connectorRegion}"
}
Remove the old vulnerability assessment solution
After migrating to the built-in Defender Vulnerability Management solution in Defender for Cloud, offboard each VM from their old vulnerability assessment solution. To delete the VM extension, you can use the Remove-AzVMExtension PowerShell cmdlet or a REST API Delete request.