Ensure Azure Virtual machine does not enable password authentication
Error: Azure Virtual machine enables password authentication
Bridgecrew Policy ID: BC_AZR_GENERAL_84
Checkov Check ID: CKV_AZURE_149
Severity: LOW
Azure Virtual machine enables password authentication
Description
Disabling password authentication for your Azure virtual machine (VM) can help improve the security of your VM. Password authentication allows users to access the VM using a password, rather than an Azure Active Directory (Azure AD) account or other form of authentication.
By disabling password authentication, you can help prevent unauthorized access to your VM and protect it from potential security threats such as data breaches or unauthorized access. Instead, you should use more secure forms of authentication such as Azure AD, SSH keys, or multi-factor authentication.
Fix - Runtime
Fix - Buildtime
Terraform
- Resource: azurerm_linux_virtual_machine_scale_set
- Argument: disable_password_authenticatio
resource "azurerm_linux_virtual_machine_scale_set" "pass" {
name = var.scaleset_name
resource_group_name = var.resource_group.name
location = var.resource_group.location
sku = var.sku
instances = var.instance_count
admin_username = var.admin_username
disable_password_authentication = true
tags = { test = "Fail" }
}
Updated 9 months ago