What Changed
Two packaging-level fixes were applied to the Panorays solution (v3.0.0):
offerId/solutionId correction — SolutionMetadata.json had an invalid offer name that did not conform to the Microsoft Sentinel offers naming convention. This would cause Content Hub publishing failures.
dcrConfig parameter reference chain fix — The ARM template packaging script (patch-package.sh) previously removed the dcrConfig parameter entirely (the deleted Step 3b). This left the ResourcesDataConnector nested template without a valid dcrConfig default value and broke the parameter reference chain used to wire dataCollectionEndpoint and dataCollectionRuleImmutableId into the connector resource.
Security Impact (Visibility & Fidelity)
The broken dcrConfig parameter chain would cause the ARM template to fail ARM-TTK validation — confirmed by the PR review discussion where the reviewer flagged empty properties in mainTemplate.json. A deployment that proceeded despite validation errors would result in the CCF connector failing at creation, meaning zero Panorays vulnerability management data was ingested by affected deployments.
The fix restores the parameter reference chain so that dcrConfig properties are correctly propagated into the nested ResourcesDataConnector template resource. Non-blank placeholder defaults are set at the outer template level to satisfy ARM-TTK empty-property validation.
Deployments running v3.0.0 prior to this fix had a complete ingestion failure for Panorays vulnerability management data since installation.
Affected Files
Solutions/Panorays/patch-package.sh
(packaging artefacts: 3.0.0.zip, SolutionMetadata.json, mainTemplate.json)