Ensure Azure Windows VM enables encryption
Error: Azure Windows VM does not enable encryption
Bridgecrew Policy ID: BC_AZR_GENERAL_89
Checkov Check ID: CKV_AZURE_151
Severity: LOW
Azure Windows VM does not enable encryption
Description
Enabling encryption for your Azure Windows virtual machine (VM) can help improve the security of your VM and its data. Encryption helps protect data by encoding it in such a way that it can only be accessed by authorized users.
Fix - Runtime
Fix - Buildtime
Terraform
- Resource: azurerm_windows_virtual_machine
- Argument: encryption_at_host_enabled
resource "azurerm_windows_virtual_machine" "pass" {
name = "example-machine"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
size = "Standard_F2"
admin_username = "adminuser"
admin_password = "P@$$w0rd1234!"
network_interface_ids = [
azurerm_network_interface.example.id,
]
os_disk {
caching = "ReadWrite"
storage_account_type = "Standard_LRS"
}
source_image_reference {
publisher = "MicrosoftWindowsServer"
offer = "WindowsServer"
sku = "2016-Datacenter"
version = "latest"
}
encryption_at_host_enabled=true
}
Updated 9 months ago