Ensure Virtual Machine extensions are not installed
Error: Virtual Machine extensions are installed
Bridgecrew Policy ID: BC_AZR_GENERAL_14
Checkov Check ID: CKV_AZURE_50
Severity: MEDIUM
Virtual Machine extensions are installed
Description
Ensure that your Microsoft Azure virtual machines (VMs) does not have extensions installed in order to follow your organization's security and compliance requirements. Azure virtual machine extensions are small cloud applications that provide post-deployment configuration and automation tasks for virtual machines. These extensions run with administrative privileges and could potentially access any configuration file or piece of data on a virtual machine.
Fix - Buildtime
Terraform
- Resource: azurerm_virtual_machine, azurerm_linux_virtual_machine
- Argument: allow_extension_operations
resource "azurerm_linux_virtual_machine" "example" {
...
~ allow_extension_operations=false
}
Updated 6 months ago