How to get all relevant assessment names for a single resource in Azure

2023-01-19T13:03:13.8633333+00:00

Hi

I am working with the Azure Rest API to get information about how well the resources follow the Microsoft Defender for Cloud Recommendations.

I have a list of resources in azure on our end we want to check if follow the microsoft defender for cloud recommendations. The resources are in several different subscriptions and resource groups, so I can not use the endpoint to get all these recommendations from a single subscription:
Assessments - List - REST API (Azure Defender for Cloud) | Microsoft Learn

What I thought would be the best way to solve this, is to invoke a API-call to each one of these resources individually, to see all the defender for cloud recommendations for that resource and whether or not the resource follows these recommendations.

I see there is a endpoint to get an assessment for a single resource, but you have to specify a single assessment name in the call:
Assessments - Get - REST API (Azure Defender for Cloud) | Microsoft Learn

There are approximately 750 different assessment names, so to check all the recommendations for a single resource, I have to run the API-call 750 times, which is a little excessive.

Is there a better way to check a single resource in azure for all the relevant recommendations from defender for cloud? Or is there a way to get a list of all relevant assessment names for resource type, so I don't have to go through all 750?

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,484 questions
0 comments No comments
{count} votes

Accepted answer
  1. Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,491 Reputation points
    2023-01-23T15:52:35.2633333+00:00

    Hello, you can get Microsoft Defender for Cloud security assessments on all your scanned resources inside a subscription or management group using the Azure REST Assessments - List operation. Further filtering of results must be done in memory with the obtained result set.

    Let us know if you need additional assistance. If the answer was helpful, please accept it so that others can find a solution.

    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.