I am trying to add an MS defender extension to a Linux VM (rockylinux 8.x) in Azure. Here is my terraform code:
resource "azurerm_virtual_machine_extension" "linux_defender" {
name = "linux_defender"
virtual_machine_id = azurerm_virtual_machine.linuxvm[0].id
auto_upgrade_minor_version = "true"
publisher = "Microsoft.Azure.AzureDefenderForServers"
type = "MDE.Linux"
type_handler_version = "1.0"
}
When I execute it, I am getting the following error:
Error: Code="VMExtensionHandlerNonTransientError" Message="The handler for VM extension type 'Microsoft.Azure.AzureDefenderForServers.MDE.Linux' has reported terminal failure for VM extension 'linux_defender' with error message: '[ExtensionOperationError] Non-zero exit code: 53, /var/lib/waagent/Microsoft.Azure.AzureDefenderForServers.MDE.Linux-1.0.3.7/PythonRunner.sh src/MdeExtensionHandler.py enable\n[stdout]\nPython 3.6.8\n\n\n[stderr]\n2023-05-18 16:20:02,212, INFO - Start executing handler action: enable\n2023-05-18 16:20:02,213, ERROR - Failed to retrieve configuration. Expecting value: line 1 column 1 (char 0)\n'.\r\n \r\n'Enable handler for the extension failed. More information on troubleshooting is available at https://aka.ms/vmextensionlinuxtroubleshoot'"
│
│ with module.virtual_machines["d-rhub-vm0"].azurerm_virtual_machine_extension.linux_defender[0],
Has anyone been successful to add defender extensions for servers in Azure?
I was not sure whether Defender gets preloaded in Linux from Azure marketplace image?