適用於 Azure VM 的 REST API
使用此 REST API,您可以輕鬆地大規模地將訂用帳戶從任何弱點評量解決方案移轉至 Defender 弱點管理解決方案。
PUT https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Security/serverVulnerabilityAssessmentsSettings/AzureServersSetting?api-version=2022-01-01-preview
{
"kind": "AzureServersSetting",
"properties": {
"selectedProvider": "MdeTvm"
}
}
Once you complete the transition to the Defender Vulnerability Management solution, you need to remove the old vulnerability assessment solution.
REST API for multicloud VMs
Using this REST API, you can easily migrate your subscription, at scale, from any vulnerability assessment solution to the Defender Vulnerability Management solution.
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/securityconnectors/{connectorName}?api-version=2022-08-01-preview
{
"properties": {
"hierarchyIdentifier": "{GcpProjectNumber}",
"environmentName": "GCP",
"offerings": [
{
"offeringType": "CspmMonitorGcp",
"nativeCloudConnection": {
"workloadIdentityProviderId": "{cspm}",
"serviceAccountEmailAddress": "{emailAddressRemainsAsIs}"
}
},
{
"offeringType": "DefenderCspmGcp"
},
{
"offeringType": "DefenderForServersGcp",
"defenderForServers": {
"workloadIdentityProviderId": "{defender-for-servers}",
"serviceAccountEmailAddress": "{emailAddressRemainsAsIs}"
},
"arcAutoProvisioning": {
"enabled": true,
"configuration": {}
},
"mdeAutoProvisioning": {
"enabled": true,
"configuration": {}
},
"vaAutoProvisioning": {
"enabled": true,
"configuration": {
"type": "TVM"
}
},
"subPlan": "{P1/P2}"
}
],
"environmentData": {
"environmentType": "GcpProject",
"projectDetails": {
"projectId": "{GcpProjectId}",
"projectNumber": "{GcpProjectNumber}",
"workloadIdentityPoolId": "{identityPoolIdRemainsTheSame}"
}
}
},
"location": "{connectorRegion}"
}
Remove the old vulnerability assessment solution
After migrating to the built-in Defender Vulnerability Management solution in Defender for Cloud, offboard each VM from their old vulnerability assessment solution. To delete the VM, you can use the Remove-AzVMExtension PowerShell cmdlet or a REST API Delete request.