Added programatic method for deploying VA solution

memildin · memildin · commit 62eb3939f0ba · 2020-04-27T18:59:31.000+03:00
diff --git a/articles/security-center/partner-vulnerability-assessment.md b/articles/security-center/partner-vulnerability-assessment.md
@@ -21,7 +21,7 @@ If you're on the standard tier, you're able to use Azure Security Center's built
 
 Alternatively, you might want to deploy your own privately-licensed vulnerability assessment solution from [Qualys](https://www.qualys.com/lp/azure) or [Rapid7](https://www.rapid7.com/products/insightvm/). You can install one of these partner solutions on multiple VMs that belong to the same subscription.
 
-## Configuring a partner solution
+## Configuring a partner solution (in the Azure Portal)
 
 1. On the **Security Center** dashboard, in the **Overview** section, click **Recommendations**.
 
@@ -60,6 +60,57 @@ Alternatively, you might want to deploy your own privately-licensed vulnerabilit
     
     1. Click **OK**.
 
+
+## Configuring a partner solution (using PowerShell and the REST API)
+
+To programatically deploy your own privately-licensed vulnerability assessment solution from [Qualys](https://www.qualys.com/lp/azure) or [Rapid7](https://www.rapid7.com/products/insightvm/), use the supplied script [Powershell > Vulnerability Solution](https://github.com/Azure/Azure-Security-Center/tree/master/Powershell%20scripts/Vulnerability%20Solution). 
+
+This script uses the REST API to create a new Security Solution in ASC. The solution requires a license and a key provided by the service provider: Qualys or Rapid7.
+
+> [!IMPORTANT] 
+> Only one solution can be created per license. Attempting to create another solution using the same name/license/key will fail.
+
+### Prerequisites
+
+Required PowerShell modules:
+
+- Install-module Az
+- Install-module Az.security
+
+### Usage
+
+To run the script, you'll need the relevant information for the parameters below.
+
+| **Parameter** | **Required** | **Notes** |
+|----|:----:|----|
+|SubscriptionId|✔|The subscriptionID of the Azure Subscription that contains the resources you want to analyze.|
+|ResourceGroupName|✔|Name of the resource group. Use any existing resource group including the default ("DefaultResourceGroup-xxx"). Since the solution is not an Azure resource, it won't be listed under the resource group, but still it is attached to it.|
+|vaSolutionName|✔|The name of the new solution.|
+|vaType|-|Qualys or Rapid7.|
+|autoUpdate|-|Enable (true) or disable (false) auto deploy for this VA solution. When enabled, every new VM on the subscription will automatically attempt to link to the solution.<br/>(Default: False)|
+|licenceCode|-|Vendor provided license string.|
+|publicKey|-|Vendor provided public key.|
+
+
+### Running the script
+
+Syntax:
+
+```
+.\New-ASCVASolution.ps1 -subscriptionId <Subscription Id> -resourceGroupName <RG Name>
+-vaSolutionName <New solution name> -vaType <Qualys / Rapid7> -autoUpdate <true/false>
+-licenceCode <License Code from vendor> -publicKey <Public Key recieved from vendor>
+```
+
+Full command:
+
+```
+.\New-ASCVASolution.ps1 -subscriptionId 'f4cx1b69-dtgb-4ch6-6y6f-ea2e95373d3b' -resourceGroupName 'DefaultResourceGroup-WEU' -vaSolutionName 'QualysVa001' -vaType 'Qualys' -autoUpdate 'false' `
+-licenceCode 'eyJjaWQiOiJkZDg5OTYzXe4iMTMzLWM4NTAtODM5FD2mZWM1N2Q3ZGU5MjgiLCJgbTYuOiIyMmM5NDg3MS1lNTVkLTQ1OGItYjhlMC03OTRhMmM3YWM1ZGQiLCJwd3NVcmwiOiJodHRwczovL3FhZ3B1YmxpYy1wMDEuaW50LnF1YWx5cy5jb20vQ2xvdSKJY6VudC8iLCJwd3NQb3J0IjoiNDQzIn0=' `
+-publicKey 'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCOiOLXjOywMfLZIBGPZLwSocf1Q64GASLK9OHFEmanBl1nkJhZDrZ4YD5lM98fThYbAx1Rde2iYV1ze/wDlX4cIvFAyXuN7HbdkeIlBl6vWXEBZpUU17bOdJOUGolzEzNBhtxi/elEZLghq9Chmah82me/okGMIhJJsCiTtglVQIDAQAB'
+```
+
+
 ## Review the recommendation
 After the vulnerability assessment solution is installed on the target VM, Security Center scans the VM to detect and identify system and application vulnerabilities.
 
