diff --git a/README.md b/README.md
index 5477dfa..a5342cf 100644
--- a/README.md
+++ b/README.md
@@ -28,12 +28,17 @@ A virtual machine or virtual machine scale set.
|------|---------|
| [azurerm](#provider\_azurerm) | n/a |
| [azurerm.cnp](#provider\_azurerm.cnp) | n/a |
+| [azurerm.dcr](#provider\_azurerm.dcr) | n/a |
| [azurerm.soc](#provider\_azurerm.soc) | n/a |
## Resources
| Name | Type |
|------|------|
+| [azurerm_monitor_data_collection_rule_association.linux_vm_dcra](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_data_collection_rule_association) | resource |
+| [azurerm_monitor_data_collection_rule_association.linux_vmss_dcra](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_data_collection_rule_association) | resource |
+| [azurerm_monitor_data_collection_rule_association.windows_vm_dcra](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_data_collection_rule_association) | resource |
+| [azurerm_monitor_data_collection_rule_association.windows_vmss_dcra](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_data_collection_rule_association) | resource |
| [azurerm_virtual_machine_extension.azure_monitor](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_extension) | resource |
| [azurerm_virtual_machine_extension.azure_vm_run_command](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_extension) | resource |
| [azurerm_virtual_machine_extension.custom_script](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_extension) | resource |
@@ -51,6 +56,9 @@ A virtual machine or virtual machine scale set.
| [azurerm_key_vault_secret.splunk_password](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault_secret) | data source |
| [azurerm_key_vault_secret.splunk_username](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault_secret) | data source |
| [azurerm_key_vault_secret.token](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault_secret) | data source |
+| [azurerm_monitor_data_collection_rule.linux_data_collection_rule](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/monitor_data_collection_rule) | data source |
+| [azurerm_monitor_data_collection_rule.windows_data_collection_rule](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/monitor_data_collection_rule) | data source |
+| [azurerm_resource_group.la_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source |
## Inputs
@@ -81,6 +89,7 @@ A virtual machine or virtual machine scale set.
| [endpoint\_protection\_upgrade\_minor\_version](#input\_endpoint\_protection\_upgrade\_minor\_version) | Specifies if the platform deploys the latest minor version Endpoint Protection update to the type\_handler\_version specified. | `bool` | `true` | no |
| [env](#input\_env) | Environment name. | `string` | n/a | yes |
| [install\_azure\_monitor](#input\_install\_azure\_monitor) | Install Azure Monitor Agent. | `bool` | `true` | no |
+| [install\_docker](#input\_install\_docker) | Should Docker and Docker Compose be installed -- Ubuntu only | `bool` | `false` | no |
| [install\_dynatrace\_oneagent](#input\_install\_dynatrace\_oneagent) | Install Dynatrace OneAgent. | `bool` | `true` | no |
| [install\_endpoint\_protection](#input\_install\_endpoint\_protection) | Install Endpoint Protection. | `bool` | `true` | no |
| [install\_nessus\_agent](#input\_install\_nessus\_agent) | Install Nessus Agent. | `bool` | `true` | no |
diff --git a/azure_monitor.tf b/azure_monitor.tf
index 162ff7b..49d4534 100644
--- a/azure_monitor.tf
+++ b/azure_monitor.tf
@@ -26,55 +26,56 @@ resource "azurerm_virtual_machine_extension" "azure_monitor" {
tags = var.common_tags
}
-# data "azurerm_resource_group" "la_rg" {
-# name = "oms-automation"
-# }
-
-# data "azurerm_monitor_data_collection_rule" "linux_data_collection_rule" {
-# provider = azurerm.dcr
-# name = "ama-linux-vm-logs"
-# resource_group_name = data.azurerm_resource_group.la_rg.name
-# }
-
-# data "azurerm_monitor_data_collection_rule" "windows_data_collection_rule" {
-# provider = azurerm.dcr
-# name = "ama-windows-vm-logs"
-# resource_group_name = data.azurerm_resource_group.la_rg.name
-# }
-
-
-# resource "azurerm_monitor_data_collection_rule_association" "linux_vm_dcra" {
-# count = var.install_azure_monitor == true && lower(var.os_type) == "linux" && var.virtual_machine_type == "vm" ? 1 : 0
-
-# name = "vm-${local.vm_name}-dcra"
-# target_resource_id = var.virtual_machine_id
-# data_collection_rule_id = data.azurerm_monitor_data_collection_rule.linux_data_collection_rule.id
-# description = "Association between a linux VM and the appropriate data collection rule."
-# }
-
-# resource "azurerm_monitor_data_collection_rule_association" "linux_vmss_dcra" {
-# count = var.install_azure_monitor == true && lower(var.os_type) == "linux" && var.virtual_machine_type == "vmss" ? 1 : 0
-
-# name = "vmss-${local.vmss_name}-dcra"
-# target_resource_id = var.virtual_machine_scale_set_id
-# data_collection_rule_id = data.azurerm_monitor_data_collection_rule.linux_data_collection_rule.id
-# description = "Association between a linux VMSS and the appropriate data collection rule."
-# }
-
-# resource "azurerm_monitor_data_collection_rule_association" "windows_vm_dcra" {
-# count = var.install_azure_monitor == true && lower(var.os_type) == "windows" && var.virtual_machine_type == "vm" ? 1 : 0
-
-# name = "vm-${local.vm_name}-dcra"
-# target_resource_id = var.virtual_machine_id
-# data_collection_rule_id = data.azurerm_monitor_data_collection_rule.windows_data_collection_rule.id
-# description = "Association between a windows VM and the appropriate data collection rule."
-# }
-
-# resource "azurerm_monitor_data_collection_rule_association" "windows_vmss_dcra" {
-# count = var.install_azure_monitor == true && lower(var.os_type) == "windows" && var.virtual_machine_type == "vmss" ? 1 : 0
-
-# name = "vmss-${local.vmss_name}-dcra"
-# target_resource_id = var.virtual_machine_scale_set_id
-# data_collection_rule_id = data.azurerm_monitor_data_collection_rule.windows_data_collection_rule.id
-# description = "Association between a windows VMSS and the appropriate data collection rule."
-# }
+data "azurerm_resource_group" "la_rg" {
+ provider = azurerm.dcr
+ name = "oms-automation"
+}
+
+data "azurerm_monitor_data_collection_rule" "linux_data_collection_rule" {
+ provider = azurerm.dcr
+ name = "ama-linux-vm-logs"
+ resource_group_name = data.azurerm_resource_group.la_rg.name
+}
+
+data "azurerm_monitor_data_collection_rule" "windows_data_collection_rule" {
+ provider = azurerm.dcr
+ name = "ama-windows-vm-logs"
+ resource_group_name = data.azurerm_resource_group.la_rg.name
+}
+
+
+resource "azurerm_monitor_data_collection_rule_association" "linux_vm_dcra" {
+ count = var.install_azure_monitor == true && lower(var.os_type) == "linux" && var.virtual_machine_type == "vm" ? 1 : 0
+
+ name = "vm-${local.vm_name}-dcra"
+ target_resource_id = var.virtual_machine_id
+ data_collection_rule_id = data.azurerm_monitor_data_collection_rule.linux_data_collection_rule.id
+ description = "Association between a linux VM and the appropriate data collection rule."
+}
+
+resource "azurerm_monitor_data_collection_rule_association" "linux_vmss_dcra" {
+ count = var.install_azure_monitor == true && lower(var.os_type) == "linux" && var.virtual_machine_type == "vmss" ? 1 : 0
+
+ name = "vmss-${local.vmss_name}-dcra"
+ target_resource_id = var.virtual_machine_scale_set_id
+ data_collection_rule_id = data.azurerm_monitor_data_collection_rule.linux_data_collection_rule.id
+ description = "Association between a linux VMSS and the appropriate data collection rule."
+}
+
+resource "azurerm_monitor_data_collection_rule_association" "windows_vm_dcra" {
+ count = var.install_azure_monitor == true && lower(var.os_type) == "windows" && var.virtual_machine_type == "vm" ? 1 : 0
+
+ name = "vm-${local.vm_name}-dcra"
+ target_resource_id = var.virtual_machine_id
+ data_collection_rule_id = data.azurerm_monitor_data_collection_rule.windows_data_collection_rule.id
+ description = "Association between a windows VM and the appropriate data collection rule."
+}
+
+resource "azurerm_monitor_data_collection_rule_association" "windows_vmss_dcra" {
+ count = var.install_azure_monitor == true && lower(var.os_type) == "windows" && var.virtual_machine_type == "vmss" ? 1 : 0
+
+ name = "vmss-${local.vmss_name}-dcra"
+ target_resource_id = var.virtual_machine_scale_set_id
+ data_collection_rule_id = data.azurerm_monitor_data_collection_rule.windows_data_collection_rule.id
+ description = "Association between a windows VMSS and the appropriate data collection rule."
+}
diff --git a/providers.tf b/providers.tf
index ad637bf..4bb08bf 100644
--- a/providers.tf
+++ b/providers.tf
@@ -2,7 +2,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
- configuration_aliases = [azurerm.cnp, azurerm.soc]
+ configuration_aliases = [azurerm.cnp, azurerm.soc, azurerm.dcr]
}
}
}
diff --git a/run_command.tf b/run_command.tf
index 45c926c..7c4784e 100644
--- a/run_command.tf
+++ b/run_command.tf
@@ -14,6 +14,7 @@ resource "azurerm_virtual_machine_scale_set_extension" "azure_vmss_run_command"
RUN_XDR_AGENT = var.run_xdr_agent ? "true" : "false"
ENV = var.xdr_env == "prod" ? var.xdr_env : "nonprod"
XDR_TAGS = lower(local.xdr_tags_list)
+ INSTALL_DOCKER = var.install_docker ? "true" : "false"
})) }) : jsonencode({ script = compact(tolist([templatefile("${path.module}/scripts/windows_run_script.ps1", {
STORAGE_ACCOUNT_KEY = var.run_command_sa_key
RUN_CIS = var.rc_script_file == "scripts/windows_cis.ps1" || var.run_cis ? "true" : "false"
@@ -44,6 +45,7 @@ resource "azurerm_virtual_machine_extension" "azure_vm_run_command" {
RUN_XDR_AGENT = var.run_xdr_agent ? "true" : "false"
ENV = var.xdr_env == "prod" ? var.xdr_env : "nonprod"
XDR_TAGS = lower(local.xdr_tags_list)
+ INSTALL_DOCKER = var.install_docker ? "true" : "false"
})) }) : jsonencode({ script = compact(tolist([templatefile("${path.module}/scripts/windows_run_script.ps1", {
STORAGE_ACCOUNT_KEY = var.run_command_sa_key
RUN_CIS = var.rc_script_file == "scripts/windows_cis.ps1" || var.run_cis ? "true" : "false"
diff --git a/scripts/linux_run_script.sh b/scripts/linux_run_script.sh
index f457da2..bebfedf 100755
--- a/scripts/linux_run_script.sh
+++ b/scripts/linux_run_script.sh
@@ -1,243 +1,272 @@
#!/bin/bash
- set -ex
+set -ex
# Get OS type/version/name
check_os_version() {
- if [ -f /etc/os-release ]; then
- . /etc/os-release
- OS=$ID
- OS_TYPE=$NAME
- VERSION=$VERSION_ID
- elif type lsb_release >/dev/null 2>&1; then
- OS=$(lsb_release -si)
- OS_TYPE=$(lsb_release -sd | sed 's/"//g')
- VERSION=$(lsb_release -sr)
- elif [ -f /etc/redhat-release ]; then
- OS=$(awk '{print $1$2$3$5}' /etc/redhat-release)
- OS_TYPE=$(awk '{print $1, $2, $3, $4, $5}' /etc/redhat-release)
- VERSION=$(cat /etc/redhat-release | sed 's/[^0-9.]*//g')
- else
- echo "Cannot determine the operating system."
- fi
-
- echo "Operating System: $OS"
- echo "Version: $VERSION"
+ if [ -f /etc/os-release ]; then
+ . /etc/os-release
+ OS=$ID
+ OS_TYPE=$NAME
+ VERSION=$VERSION_ID
+ elif type lsb_release >/dev/null 2>&1; then
+ OS=$(lsb_release -si)
+ OS_TYPE=$(lsb_release -sd | sed 's/"//g')
+ VERSION=$(lsb_release -sr)
+ elif [ -f /etc/redhat-release ]; then
+ OS=$(awk '{print $1$2$3$5}' /etc/redhat-release)
+ OS_TYPE=$(awk '{print $1, $2, $3, $4, $5}' /etc/redhat-release)
+ VERSION=$(cat /etc/redhat-release | sed 's/[^0-9.]*//g')
+ else
+ echo "Cannot determine the operating system."
+ fi
+
+ echo "Operating System: $OS"
+ echo "Version: $VERSION"
}
check_os_version
# Run the command only if the OS is not Ubuntu
if [ "$OS" != "ubuntu" ]; then
- echo "Running command on $OS"
- sudo yum install redhat-lsb-core -y
+ echo "Running command on $OS"
+ sudo yum install redhat-lsb-core -y
else
- echo "Skipping command on Ubuntu"
+ echo "Skipping command on Ubuntu"
fi
STORAGE_ACCOUNT_NAME="cftptlintsvc"
CONTAINER_NAME="xdr-collectors"
-
install_azcopy() {
- # Install Azure CLI (if not already installed)
-
- if ! command -v azcopy &> /dev/null
- then
- if [[ "$OS_TYPE" == *"Red Hat Enterprise"* && "$VERSION" == *"6."* ]]; then
- echo "Downloading AzCopy"
- sudo wget https://aka.ms/downloadazcopy-v10-linux
- sudo tar -xvf downloadazcopy-v10-linux
-
- echo "Adding AzCopy to path"
- sudo rm -f /usr/bin/azcopy
- sudo cp ./azcopy_linux_amd64_*/azcopy /usr/bin/
- sudo chmod 755 /usr/bin/azcopy
-
- echo "Completing cleanup"
- sudo rm -f downloadazcopy-v10-linux
- sudo rm -rf ./azcopy_linux_amd64_*/
- fi
- else
- echo "AzCopy is already installed."
+ # Install Azure CLI (if not already installed)
+
+ if ! command -v azcopy &>/dev/null; then
+ if [[ $OS_TYPE == *"Red Hat Enterprise"* && $VERSION == *"6."* ]]; then
+ echo "Downloading AzCopy"
+ sudo wget https://aka.ms/downloadazcopy-v10-linux
+ sudo tar -xvf downloadazcopy-v10-linux
+
+ echo "Adding AzCopy to path"
+ sudo rm -f /usr/bin/azcopy
+ sudo cp ./azcopy_linux_amd64_*/azcopy /usr/bin/
+ sudo chmod 755 /usr/bin/azcopy
+
+ echo "Completing cleanup"
+ sudo rm -f downloadazcopy-v10-linux
+ sudo rm -rf ./azcopy_linux_amd64_*/
fi
+ else
+ echo "AzCopy is already installed."
+ fi
}
install_azcli() {
- # Install Azure CLI (if not already installed)
+ # Install Azure CLI (if not already installed)
- if ! command -v az &> /dev/null
- then
+ if ! command -v az &>/dev/null; then
- if [ "$OS" != "ubuntu" ]; then
- sudo rpm --import https://packages.microsoft.com/keys/microsoft.asc
- rpm -q dnf || sudo yum install dnf -y
- fi
- if [[ "$OS_TYPE" == *"Red Hat Enterprise"* && "$VERSION" == *"7."* ]]; then
- echo -e "[azure-cli]
+ if [ "$OS" != "ubuntu" ]; then
+ sudo rpm --import https://packages.microsoft.com/keys/microsoft.asc
+ rpm -q dnf || sudo yum install dnf -y
+ fi
+ if [[ $OS_TYPE == *"Red Hat Enterprise"* && $VERSION == *"7."* ]]; then
+ echo -e "[azure-cli]
name=Azure CLI
baseurl=https://packages.microsoft.com/yumrepos/azure-cli
enabled=1
gpgcheck=1
gpgkey=https://packages.microsoft.com/keys/microsoft.asc" | sudo tee /etc/yum.repos.d/azure-cli.repo
- sudo dnf clean all
- sudo dnf -v install azure-cli -y
+ sudo dnf clean all
+ sudo dnf -v install azure-cli -y
- elif [[ "$OS_TYPE" == *"Red Hat Enterprise"* && "$VERSION" == *"8."* ]]; then
- sudo dnf install -y https://packages.microsoft.com/config/rhel/8/packages-microsoft-prod.rpm
- sudo dnf install azure-cli
+ elif [[ $OS_TYPE == *"Red Hat Enterprise"* && $VERSION == *"8."* ]]; then
+ sudo dnf install -y https://packages.microsoft.com/config/rhel/8/packages-microsoft-prod.rpm
+ sudo dnf install azure-cli
- elif [[ "$OS_TYPE" == *"Red Hat Enterprise"* && "$VERSION" == *"9."* ]]; then
- sudo dnf install -y https://packages.microsoft.com/config/rhel/9.0/packages-microsoft-prod.rpm
- sudo dnf install azure-cli
+ elif [[ $OS_TYPE == *"Red Hat Enterprise"* && $VERSION == *"9."* ]]; then
+ sudo dnf install -y https://packages.microsoft.com/config/rhel/9.0/packages-microsoft-prod.rpm
+ sudo dnf install azure-cli
- else
- curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
- fi
else
- echo "Azure CLI is already installed."
+ curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
fi
+ else
+ echo "Azure CLI is already installed."
+ fi
}
install_agent() {
- echo "Info: Installing XDR Agents"
+ echo "Info: Installing XDR Agents"
- if [ "$OS" != "ubuntu" ]; then
- sudo yum install -y selinux-policy-devel
- else
- sudo apt-get update
- sudo apt-get install -y selinux-utils policycoreutils
- fi
+ if [ "$OS" != "ubuntu" ]; then
+ sudo yum install -y selinux-policy-devel
+ else
+ sudo apt-get update
+ sudo apt-get install -y selinux-utils policycoreutils
+ fi
- local SA_KEY="$1"
- local ENV="$2"
- local XDR_TAGS="$3"
+ local SA_KEY="$1"
+ local ENV="$2"
+ local XDR_TAGS="$3"
- local STRING_TO_APPEND="
+ local STRING_TO_APPEND="
--endpoint-tags ${XDR_TAGS}"
- mkdir -p XDR_DOWNLOAD
-
- if [[ "$OS_TYPE" == *"Red Hat Enterprise Linux"* ]]; then
- # Download conf file
- local BLOB_NAME="${ENV}/${ENV}_agent-HMCTS_Linux_rpm_8.5.0.125392/cortex.conf"
- local LOCAL_FILE_PATH="XDR_DOWNLOAD/cortex.conf"
- download_blob "$STORAGE_ACCOUNT_NAME" "$SA_KEY" "$CONTAINER_NAME" "$BLOB_NAME" "$LOCAL_FILE_PATH"
- sudo echo "$STRING_TO_APPEND" >> $LOCAL_FILE_PATH
- sudo mkdir -p /etc/panw
- sudo cp $LOCAL_FILE_PATH /etc/panw/
-
- # Install agent
- local BLOB_NAME="${ENV}/${ENV}_agent-HMCTS_Linux_rpm_8.5.0.125392/cortex-8.5.0.125392.rpm"
- local LOCAL_FILE_PATH="XDR_DOWNLOAD/cortexagent.rpm"
- download_blob "$STORAGE_ACCOUNT_NAME" "$SA_KEY" "$CONTAINER_NAME" "$BLOB_NAME" "$LOCAL_FILE_PATH"
- rpm -qa | grep -i cortex-agent || sudo rpm -Uh $LOCAL_FILE_PATH
- rm -rf $LOCAL_FILE_PATH
- echo "Installation of Agents on RedHat VM completed"
- else
-
- # Download conf file
- local BLOB_NAME="${ENV}/${ENV}_agent-HMCTS_Linux_deb_8.5.0.125392/cortex.conf"
- local LOCAL_FILE_PATH="XDR_DOWNLOAD/cortex.conf"
- download_blob "$STORAGE_ACCOUNT_NAME" "$SA_KEY" "$CONTAINER_NAME" "$BLOB_NAME" "$LOCAL_FILE_PATH"
- sudo echo "$STRING_TO_APPEND" >> $LOCAL_FILE_PATH
- sudo mkdir -p /etc/panw
- sudo cp $LOCAL_FILE_PATH /etc/panw/
-
- # Install agent
- local BLOB_NAME="${ENV}/${ENV}_agent-HMCTS_Linux_deb_8.5.0.125392/cortex-8.5.0.125392.deb"
- local LOCAL_FILE_PATH="XDR_DOWNLOAD/cortexagent.deb"
- download_blob "$STORAGE_ACCOUNT_NAME" "$SA_KEY" "$CONTAINER_NAME" "$BLOB_NAME" "$LOCAL_FILE_PATH"
- dpkg -l | grep -i cortex-agent || dpkg -i $LOCAL_FILE_PATH
- rm -rf $LOCAL_FILE_PATH
-
- echo "Installation of Agents on Ubuntu VM completed"
- fi
+ mkdir -p XDR_DOWNLOAD
+
+ if [[ $OS_TYPE == *"Red Hat Enterprise Linux"* ]]; then
+ # Download conf file
+ local BLOB_NAME="${ENV}/${ENV}_agent-HMCTS_Linux_rpm_8.5.0.125392/cortex.conf"
+ local LOCAL_FILE_PATH="XDR_DOWNLOAD/cortex.conf"
+ download_blob "$STORAGE_ACCOUNT_NAME" "$SA_KEY" "$CONTAINER_NAME" "$BLOB_NAME" "$LOCAL_FILE_PATH"
+ sudo echo "$STRING_TO_APPEND" >>$LOCAL_FILE_PATH
+ sudo mkdir -p /etc/panw
+ sudo cp $LOCAL_FILE_PATH /etc/panw/
+
+ # Install agent
+ local BLOB_NAME="${ENV}/${ENV}_agent-HMCTS_Linux_rpm_8.5.0.125392/cortex-8.5.0.125392.rpm"
+ local LOCAL_FILE_PATH="XDR_DOWNLOAD/cortexagent.rpm"
+ download_blob "$STORAGE_ACCOUNT_NAME" "$SA_KEY" "$CONTAINER_NAME" "$BLOB_NAME" "$LOCAL_FILE_PATH"
+ rpm -qa | grep -i cortex-agent || sudo rpm -Uh $LOCAL_FILE_PATH
+ rm -rf $LOCAL_FILE_PATH
+ echo "Installation of Agents on RedHat VM completed"
+ else
+
+ # Download conf file
+ local BLOB_NAME="${ENV}/${ENV}_agent-HMCTS_Linux_deb_8.5.0.125392/cortex.conf"
+ local LOCAL_FILE_PATH="XDR_DOWNLOAD/cortex.conf"
+ download_blob "$STORAGE_ACCOUNT_NAME" "$SA_KEY" "$CONTAINER_NAME" "$BLOB_NAME" "$LOCAL_FILE_PATH"
+ sudo echo "$STRING_TO_APPEND" >>$LOCAL_FILE_PATH
+ sudo mkdir -p /etc/panw
+ sudo cp $LOCAL_FILE_PATH /etc/panw/
+
+ # Install agent
+ local BLOB_NAME="${ENV}/${ENV}_agent-HMCTS_Linux_deb_8.5.0.125392/cortex-8.5.0.125392.deb"
+ local LOCAL_FILE_PATH="XDR_DOWNLOAD/cortexagent.deb"
+ download_blob "$STORAGE_ACCOUNT_NAME" "$SA_KEY" "$CONTAINER_NAME" "$BLOB_NAME" "$LOCAL_FILE_PATH"
+ dpkg -l | grep -i cortex-agent || dpkg -i $LOCAL_FILE_PATH
+ rm -rf $LOCAL_FILE_PATH
+
+ echo "Installation of Agents on Ubuntu VM completed"
+ fi
}
install_collector() {
- echo "Info: Installing XDR Collectors"
+ echo "Info: Installing XDR Collectors"
+
+ if [ "$OS" != "ubuntu" ]; then
+ sudo yum install -y selinux-policy-devel
+ else
+ sudo apt-get update
+ sudo apt-get install -y selinux-utils policycoreutils
+ fi
+
+ local SA_KEY="$1"
+ local ENV="$2"
+
+ mkdir -p XDR_DOWNLOAD
+
+ if [[ $OS_TYPE == *"Red Hat Enterprise Linux"* ]]; then
+
+ # Download collector file
+ local BLOB_NAME="${ENV}/collector-1.4.1.1089.rpm/collector.conf"
+ local LOCAL_FILE_PATH="XDR_DOWNLOAD/collector.conf"
+ download_blob "$STORAGE_ACCOUNT_NAME" "$SA_KEY" "$CONTAINER_NAME" "$BLOB_NAME" "$LOCAL_FILE_PATH"
+ sudo mkdir -p /etc/panw
+ sudo cp $LOCAL_FILE_PATH /etc/panw/
+
+ # Install collector
+ local BLOB_NAME="${ENV}/collector-1.4.1.1089.rpm/collector-1.4.1.1089.rpm"
+ local LOCAL_FILE_PATH="XDR_DOWNLOAD/collector.rpm"
+ download_blob "$STORAGE_ACCOUNT_NAME" "$SA_KEY" "$CONTAINER_NAME" "$BLOB_NAME" "$LOCAL_FILE_PATH"
+ rpm -qa | grep -i xdr-collector || sudo rpm -Uh $LOCAL_FILE_PATH
+ rm -rf $LOCAL_FILE_PATH
+ echo "Installation of collectors on RedHat VM completed"
+ else
+
+ # Download collector file
+ local BLOB_NAME="${ENV}/collector-1.4.1.1089.deb/collector.conf"
+ local LOCAL_FILE_PATH="XDR_DOWNLOAD/collector.conf"
+ download_blob "$STORAGE_ACCOUNT_NAME" "$SA_KEY" "$CONTAINER_NAME" "$BLOB_NAME" "$LOCAL_FILE_PATH"
+ sudo mkdir -p /etc/panw
+ sudo cp $LOCAL_FILE_PATH /etc/panw/
+
+ # Install collector
+ local BLOB_NAME="${ENV}/collector-1.4.1.1089.deb/collector-1.4.1.1089.deb"
+ local LOCAL_FILE_PATH="XDR_DOWNLOAD/collector.deb"
+ download_blob "$STORAGE_ACCOUNT_NAME" "$SA_KEY" "$CONTAINER_NAME" "$BLOB_NAME" "$LOCAL_FILE_PATH"
+ dpkg -l | grep -i xdr-collector || dpkg -i $LOCAL_FILE_PATH
+ rm -rf $LOCAL_FILE_PATH
+
+ echo "Installation of collectors on Ubuntu VM completed"
+ fi
+}
- if [ "$OS" != "ubuntu" ]; then
- sudo yum install -y selinux-policy-devel
- else
- sudo apt-get update
- sudo apt-get install -y selinux-utils policycoreutils
- fi
+download_blob() {
+ local STORAGE_ACCOUNT_NAME="$1"
+ local SA_KEY="$2"
+ local CONTAINER_NAME="$3"
+ local BLOB_NAME="$4"
+ local LOCAL_FILE_PATH="$5"
+
+ if [[ $OS_TYPE == *"Red Hat Enterprise"* && $VERSION == *"6."* ]]; then
+ # This command uses SA_KEY as a variable but it should be a SAS Token for RHEL 6 VMs
+ azcopy copy "https://$STORAGE_ACCOUNT_NAME.blob.core.windows.net/$CONTAINER_NAME/$BLOB_NAME?$SA_KEY" "$LOCAL_FILE_PATH"
+ else
+ az storage blob download --account-name $STORAGE_ACCOUNT_NAME --account-key $SA_KEY --container-name $CONTAINER_NAME --name $BLOB_NAME --file $LOCAL_FILE_PATH
+ fi
+}
- local SA_KEY="$1"
- local ENV="$2"
+install_docker() {
- mkdir -p XDR_DOWNLOAD
+ echo "Info: Installing Docker and Docker Compose"
- if [[ "$OS_TYPE" == *"Red Hat Enterprise Linux"* ]]; then
+ if [ "$OS" == "ubuntu" ]; then
- # Download collector file
- local BLOB_NAME="${ENV}/collector-1.4.1.1089.rpm/collector.conf"
- local LOCAL_FILE_PATH="XDR_DOWNLOAD/collector.conf"
- download_blob "$STORAGE_ACCOUNT_NAME" "$SA_KEY" "$CONTAINER_NAME" "$BLOB_NAME" "$LOCAL_FILE_PATH"
- sudo mkdir -p /etc/panw
- sudo cp $LOCAL_FILE_PATH /etc/panw/
+ if ! command -v docker &>/dev/null; then
+ apt update
+ apt install -y apt-transport-https ca-certificates curl software-properties-common
- # Install collector
- local BLOB_NAME="${ENV}/collector-1.4.1.1089.rpm/collector-1.4.1.1089.rpm"
- local LOCAL_FILE_PATH="XDR_DOWNLOAD/collector.rpm"
- download_blob "$STORAGE_ACCOUNT_NAME" "$SA_KEY" "$CONTAINER_NAME" "$BLOB_NAME" "$LOCAL_FILE_PATH"
- rpm -qa | grep -i xdr-collector || sudo rpm -Uh $LOCAL_FILE_PATH
- rm -rf $LOCAL_FILE_PATH
- echo "Installation of collectors on RedHat VM completed"
- else
+ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+
+ echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list >/dev/null
- # Download collector file
- local BLOB_NAME="${ENV}/collector-1.4.1.1089.deb/collector.conf"
- local LOCAL_FILE_PATH="XDR_DOWNLOAD/collector.conf"
- download_blob "$STORAGE_ACCOUNT_NAME" "$SA_KEY" "$CONTAINER_NAME" "$BLOB_NAME" "$LOCAL_FILE_PATH"
- sudo mkdir -p /etc/panw
- sudo cp $LOCAL_FILE_PATH /etc/panw/
-
- # Install collector
- local BLOB_NAME="${ENV}/collector-1.4.1.1089.deb/collector-1.4.1.1089.deb"
- local LOCAL_FILE_PATH="XDR_DOWNLOAD/collector.deb"
- download_blob "$STORAGE_ACCOUNT_NAME" "$SA_KEY" "$CONTAINER_NAME" "$BLOB_NAME" "$LOCAL_FILE_PATH"
- dpkg -l | grep -i xdr-collector || dpkg -i $LOCAL_FILE_PATH
- rm -rf $LOCAL_FILE_PATH
-
- echo "Installation of collectors on Ubuntu VM completed"
+ apt update
+ apt install -y docker-ce
fi
-}
-download_blob(){
- local STORAGE_ACCOUNT_NAME="$1"
- local SA_KEY="$2"
- local CONTAINER_NAME="$3"
- local BLOB_NAME="$4"
- local LOCAL_FILE_PATH="$5"
+ DOCKER_PLUGINS_DIR="/usr/local/lib/docker/cli-plugins"
- if [[ "$OS_TYPE" == *"Red Hat Enterprise"* && "$VERSION" == *"6."* ]]; then
- # This command uses SA_KEY as a variable but it should be a SAS Token for RHEL 6 VMs
- azcopy copy "https://$STORAGE_ACCOUNT_NAME.blob.core.windows.net/$CONTAINER_NAME/$BLOB_NAME?$SA_KEY" "$LOCAL_FILE_PATH"
- else
- az storage blob download --account-name $STORAGE_ACCOUNT_NAME --account-key $SA_KEY --container-name $CONTAINER_NAME --name $BLOB_NAME --file $LOCAL_FILE_PATH
+ if [ ! -d "$DOCKER_PLUGINS_DIR" ]; then
+ mkdir -p "$DOCKER_PLUGINS_DIR"
+ if [ ! -f "$DOCKER_PLUGINS_DIR/docker-compose" ]; then
+ curl -SL https://github.com/docker/compose/releases/download/v2.3.3/docker-compose-linux-x86_64 -o /usr/local/lib/docker/cli-plugins/docker-compose
+ chmod +x /usr/local/lib/docker/cli-plugins/docker-compose
+ fi
fi
+ fi
}
-if [ "${RUN_XDR_AGENT}" = "true" ]
-then
- if [[ "$OS_TYPE" == *"Red Hat Enterprise"* && "$VERSION" == *"6."* ]]; then
- install_azcopy
- else
- install_azcli
- fi
- install_agent "${STORAGE_ACCOUNT_KEY}" "${ENV}" "${XDR_TAGS}"
+if [ "${RUN_XDR_AGENT}" = "true" ]; then
+ if [[ $OS_TYPE == *"Red Hat Enterprise"* && $VERSION == *"6."* ]]; then
+ install_azcopy
+ else
+ install_azcli
+ fi
+ install_agent "${STORAGE_ACCOUNT_KEY}" "${ENV}" "${XDR_TAGS}"
fi
-if [ "${RUN_XDR_COLLECTOR}" = "true" ]
-then
- if [[ "$OS_TYPE" == *"Red Hat Enterprise"* && "$VERSION" == *"6."* ]]; then
- install_azcopy
- else
- install_azcli
- fi
- install_collector "${STORAGE_ACCOUNT_KEY}" "${ENV}"
+if [ "${RUN_XDR_COLLECTOR}" = "true" ]; then
+ if [[ $OS_TYPE == *"Red Hat Enterprise"* && $VERSION == *"6."* ]]; then
+ install_azcopy
+ else
+ install_azcli
+ fi
+ install_collector "${STORAGE_ACCOUNT_KEY}" "${ENV}"
+fi
+
+if [ "${INSTALL_DOCKER}" = "true" ]; then
+ install_docker
fi
diff --git a/tests/linux_vm_extensions.tftest.hcl b/tests/linux_vm_extensions.tftest.hcl
index fd0a46c..f5d1b82 100644
--- a/tests/linux_vm_extensions.tftest.hcl
+++ b/tests/linux_vm_extensions.tftest.hcl
@@ -17,6 +17,13 @@ provider "azurerm" {
skip_provider_registration = true
}
+provider "azurerm" {
+ alias = "dcr"
+ features {}
+ subscription_id = var.env=="prod" || var.env=="production" ? "8999dec3-0104-4a27-94ee-6588559729d1" : var.env=="sbox" || var.env=="sandbox" ? "bf308a5c-0624-4334-8ff8-8dca9fd43783" : "1c4f0704-a29e-403d-b719-b90c34ef14c9"
+ skip_provider_registration = true
+}
+
# Default variables for this test
variables {
env = "nonprod"
diff --git a/tests/linux_vmss_extensions.tftest.hcl b/tests/linux_vmss_extensions.tftest.hcl
index 876b78a..0a0012f 100644
--- a/tests/linux_vmss_extensions.tftest.hcl
+++ b/tests/linux_vmss_extensions.tftest.hcl
@@ -17,6 +17,13 @@ provider "azurerm" {
skip_provider_registration = true
}
+provider "azurerm" {
+ alias = "dcr"
+ features {}
+ subscription_id = var.env=="prod" || var.env=="production" ? "8999dec3-0104-4a27-94ee-6588559729d1" : var.env=="sbox" || var.env=="sandbox" ? "bf308a5c-0624-4334-8ff8-8dca9fd43783" : "1c4f0704-a29e-403d-b719-b90c34ef14c9"
+ skip_provider_registration = true
+}
+
# Default variables for this test
variables {
env = "nonprod"
diff --git a/tests/windows_vm_extensions.tftest.hcl b/tests/windows_vm_extensions.tftest.hcl
index db68e75..903eacd 100644
--- a/tests/windows_vm_extensions.tftest.hcl
+++ b/tests/windows_vm_extensions.tftest.hcl
@@ -17,6 +17,13 @@ provider "azurerm" {
skip_provider_registration = true
}
+provider "azurerm" {
+ alias = "dcr"
+ features {}
+ subscription_id = var.env=="prod" || var.env=="production" ? "8999dec3-0104-4a27-94ee-6588559729d1" : var.env=="sbox" || var.env=="sandbox" ? "bf308a5c-0624-4334-8ff8-8dca9fd43783" : "1c4f0704-a29e-403d-b719-b90c34ef14c9"
+ skip_provider_registration = true
+}
+
# Default variables for this test
variables {
env = "nonprod"
diff --git a/tests/windows_vmss_extensions.tftest.hcl b/tests/windows_vmss_extensions.tftest.hcl
index e1cf907..570fe31 100644
--- a/tests/windows_vmss_extensions.tftest.hcl
+++ b/tests/windows_vmss_extensions.tftest.hcl
@@ -17,6 +17,13 @@ provider "azurerm" {
skip_provider_registration = true
}
+provider "azurerm" {
+ alias = "dcr"
+ features {}
+ subscription_id = var.env=="prod" || var.env=="production" ? "8999dec3-0104-4a27-94ee-6588559729d1" : var.env=="sbox" || var.env=="sandbox" ? "bf308a5c-0624-4334-8ff8-8dca9fd43783" : "1c4f0704-a29e-403d-b719-b90c34ef14c9"
+ skip_provider_registration = true
+}
+
# Default variables for this test
variables {
env = "nonprod"
diff --git a/variables.tf b/variables.tf
index b536c8b..da0613d 100644
--- a/variables.tf
+++ b/variables.tf
@@ -341,7 +341,6 @@ variable "run_xdr_collector" {
description = "Install XDR collectors using run command script?"
}
-
variable "run_xdr_agent" {
type = bool
default = false
@@ -354,6 +353,12 @@ variable "xdr_env" {
default = "prod"
}
+variable "install_docker" {
+ description = "Should Docker and Docker Compose be installed -- Ubuntu only"
+ type = bool
+ default = false
+}
+
variable "location" {
description = "The region in Azure that the Data collection rule will be deployed to."
type = string