Arcbox issue 2934 (microsoft#2937)

* Add Dependency Agent installation for Arc-enabled Windows servers via automation, disable via policy to avoid install on Linux (unsupported for Ubuntu 22.04/24.04). Signed-off-by: Jan Egil Ring <janegilring@microsoft.com> * Update Dependency Agent installation command in ArcServersLogonScript.ps1 to use correct publisher and settings Signed-off-by: Jan Egil Ring <janegilring@microsoft.com> * Add output message for installation invocation in ArcServersLogonScript.ps1 Signed-off-by: Jan Egil Ring <janegilring@microsoft.com>
likamrat · Feb 20, 2025 · 1815e05 · 1815e05
1 parent ebbf8fe
commit 1815e05
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 4 deletions.
diff --git a/azure_jumpstart_arcbox/artifacts/ArcServersLogonScript.ps1 b/azure_jumpstart_arcbox/artifacts/ArcServersLogonScript.ps1
@@ -620,6 +620,21 @@ if ($Env:flavor -ne 'DevOps') {
         $UbuntuSessions = New-PSSession -HostName $Ubuntu01VmIp, $Ubuntu02VmIp -KeyFilePath "$Env:USERPROFILE\.ssh\id_rsa" -UserName $nestedLinuxUsername
         Invoke-JSSudoCommand -Session $UbuntuSessions -Command "sh /home/$nestedLinuxUsername/installArcAgentModifiedUbuntu.sh"
 
+        Write-Header 'Installing Dependency Agent for Arc-enabled Windows servers'
+        $VMs = @("$namingPrefix-SQL", "$namingPrefix-Win2K22", "$namingPrefix-Win2K25")
+        $VMs | ForEach-Object -Parallel {
+
+            $null = Connect-AzAccount -Identity -Tenant $using:tenantId -Subscription $using:subscriptionId -Scope Process -WarningAction SilentlyContinue
+
+            $vm = $PSItem
+
+            Write-Output "Invoking installation on $vm"
+
+            # Install Dependency Agent
+            $null = New-AzConnectedMachineExtension -ResourceGroupName $using:resourceGroup -MachineName $vm -Name DependencyAgentWindows -Publisher Microsoft.Azure.Monitoring.DependencyAgent -ExtensionType DependencyAgentWindows -Location $using:azureLocation -Settings @{"enableAMA" = $true} -NoWait
+
+        }
+
         Write-Header 'Enabling SSH access and triggering update assessment for Arc-enabled servers'
         $VMs = @("$namingPrefix-SQL", "$namingPrefix-Ubuntu-01", "$namingPrefix-Ubuntu-02", "$namingPrefix-Win2K22", "$namingPrefix-Win2K25")
         $VMs | ForEach-Object -Parallel {

diff --git a/azure_jumpstart_arcbox/bicep/mgmt/policyAzureArc.bicep b/azure_jumpstart_arcbox/bicep/mgmt/policyAzureArc.bicep
@@ -4,7 +4,7 @@ param azureLocation string
 @description('Name of your log analytics workspace')
 param logAnalyticsWorkspaceId string
 
-@description('The flavor of ArcBox you want to deploy. Valid values are: \'Full\', \'ITPro\', \'DevOps\'')
+@description('The flavor of ArcBox you want to deploy. Valid values are: \'DataOps\', \'DevOps\', \'ITPro\'')
 param flavor string
 
 @description('Tags to assign for all ArcBox resources')
@@ -23,7 +23,6 @@ var policies = [
     name: '(ArcBox) Enable Azure Monitor for Hybrid VMs with AMA'
     definitionId: '/providers/Microsoft.Authorization/policySetDefinitions/59e9c3eb-d8df-473b-8059-23fd38ddd0f0'
     flavors: [
-      'Full'
       'ITPro'
     ]
     roleDefinition:  [
@@ -36,15 +35,14 @@ var policies = [
         value: logAnalyticsWorkspaceId
       }
       enableProcessesAndDependencies: {
-        value: true
+        value: false
       }
     }
   }
   {
     name: '(ArcBox) Enable Microsoft Defender on Kubernetes clusters'
     definitionId: '/providers/Microsoft.Authorization/policyDefinitions/708b60a6-d253-4fe0-9114-4be4c00f012c'
     flavors: [
-      'Full'
       'DevOps'
     ]
     roleDefinition: '/subscriptions/${subscription().subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/92aaf0da-9dab-42b6-94a3-d43ce8d16293'