diff --git a/README.md b/README.md
index 1a86026db..62cb0e785 100644
--- a/README.md
+++ b/README.md
@@ -128,6 +128,10 @@ This repository is an extension of CloudSploit's [open-source scanning engine](h
         * [S3 Bucket All Users Policy](en/aws/s3/s3-bucket-all-users-policy.md)
         * [S3 Bucket Logging](en/aws/s3/s3-bucket-logging.md)
         * [S3 Bucket Versioning](en/aws/s3/s3-bucket-versioning.md)
+        * [S3 Bucket Lifecycle Configuration](en/aws/s3/s3-bucket-lifecycle-configuration.md)
+        * [S3 DNS Compliant Bucket Names](en/aws/s3/s3-dns-compliant-bucket-names.md)
+        * [S3 Transfer Acceleration Enabled](en/aws/s3/s3-transfer-acceleration-enabled.md)
+        * [S3 Versioned Buckets Lifecycle Configuration](en/aws/s3/s3-versioned-buckets-lifecycle-configuration.md)
     * SES
         * [Email DKIM Enabled](en/aws/ses/email-dkim-enabled.md)
     * SNS
@@ -481,4 +485,4 @@ This repository is an extension of CloudSploit's [open-source scanning engine](h
 
 ## Contributing
 
-Please see the [contributor's guide](.github/CONTRIBUTING.md).
\ No newline at end of file
+Please see the [contributor's guide](.github/CONTRIBUTING.md).
diff --git a/en/.DS_Store b/en/.DS_Store
new file mode 100644
index 000000000..e1848171a
Binary files /dev/null and b/en/.DS_Store differ
diff --git a/en/aws/.DS_Store b/en/aws/.DS_Store
new file mode 100644
index 000000000..a8a799ec5
Binary files /dev/null and b/en/aws/.DS_Store differ
diff --git a/en/aws/glacier/S3-glacier-vault-public-access.md b/en/aws/glacier/S3-glacier-vault-public-access.md
new file mode 100644
index 000000000..2b83cd4e1
--- /dev/null
+++ b/en/aws/glacier/S3-glacier-vault-public-access.md
@@ -0,0 +1,25 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AWS / Glacier / S3 Glacier Vault Public Access
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | S3 Glacier Vault Public Access |
+| **Cloud** | AWS |
+| **Category** | Glacier |
+| **Description** | Ensure that S3 Glacier Vault public access block is enabled for the account. |
+| **More Info** | Blocking S3 Glacier Vault public access at the account level ensures objects are not accidentally exposed. |
+| **AWS Link** | http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html |
+| **Recommended Action** | Add access policy for the S3 Glacier Vault to block public access for the AWS account. |
+
+## Detailed Remediation Steps
+1. Log into the AWS Management Console. </br>
+2. Select the "Services" option and search for S3 Glacier. </br> <img src="/resources/aws/glacier/s3-glacier-vault-public-access/step2.png" />
+3. On the navigation pane to the left, click on vaults. </br><img src="/resources/aws/glacier/s3-glacier-vault-public-access/step3.png" />
+4. Click the vault name that you need you need to edit its policy to block public access. </br><img src="/resources/aws/glacier/s3-glacier-vault-public-access/step4.png" />
+5. Select Vault Policies tab. </br><img src="/resources/aws/glacier/s3-glacier-vault-public-access/step5.png" />
+6. Click on Edit vault access policy. </br><img src="/resources/aws/glacier/s3-glacier-vault-public-access/step6.png" />
+7. Edit the policy by removing public access (e.g. "Resource": "*" or "Principal": "*", and "Effect": "Allow") and make sure the policy grant access only to fixed values (values that don't contain a wildcard or an AWS Identity and Access Management Policy Variable). </br>
+8. See this resource to understand when a policy considered public: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-block-public-access.html#access-control-block-public-access-policy-status </br>
\ No newline at end of file
diff --git a/en/aws/kms/app-tier-kms-customer-master-key-(cmk).md b/en/aws/kms/app-tier-kms-customer-master-key-(cmk).md
new file mode 100644
index 000000000..03394cf32
--- /dev/null
+++ b/en/aws/kms/app-tier-kms-customer-master-key-(cmk).md
@@ -0,0 +1,30 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AWS / KMS / App-Tier KMS Customer Master Key (CMK)
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | App-Tier KMS Customer Master Key (CMK) |
+| **Cloud** | AWS |
+| **Category** | KMS |
+| **Description** | Ensures that there is one Amazon KMS Customer Master Key (CMK) present in the account for App-Tier resources. |
+| **More Info** | Amazon KMS should have Customer Master Key (CMK) for App-Tier to protect data in transit. |
+| **AWS Link** | https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html |
+| **Recommended Action** | Create a Customer Master Key (CMK) with App-Tier tag |
+
+## Detailed Remediation Steps
+1. Log into the AWS Management Console. </br>
+2. Select the "Services" option and search for KMS. </br>
+3. To change the AWS Region, use the Region selector in the upper-right corner of the page. </br>
+4. In the navigation pane, choose Customer managed keys. </br>
+5. Choose Create key. </br>
+4. Select the key type. If you are creating a KMS key to encrypt data you store or manage in an AWS service, create a symmetric encryption KMS key, this list of AWS services that are integrated with AWS KMS use only symmetric encryption KMS keys https://aws.amazon.com/kms/features/#AWS_Service_Integration. </br>
+5. For help deciding which type of KMS key to create see https://docs.aws.amazon.com/kms/latest/developerguide/key-types.html#symm-asymm-choose </br>
+6. On the "Add alias and description" page provide the "Alias" and "Description" for the new "KMS key" and click on the "Next" button. </br> 
+7. On the "Add tags" page provide a unique key for "Tag key","Tag value" and click on the "Next" button.</br>
+8. On the "Define key administrative permissions" page select the "IAM users" and roles who can administer the new "KMS key" through the KMS API.</br> 
+9. Click on the "Next" button at the bottom to continue the new "KMS key" process.</br> 
+10. On the "Define key usage permissions" page select the IAM users and roles that can use the CMK to encrypt and decrypt data with the "AWS KMS API" and click on the "Next" button.<br> 
+11. On the "Review and edit key policy" page review the policy and click on the "Finish" button to create a new "KMS key" which can be used to encrypt/decrypt the data.</br>
\ No newline at end of file
diff --git a/en/aws/kms/kms-duplicate-grants.md b/en/aws/kms/kms-duplicate-grants.md
new file mode 100644
index 000000000..8a5969b77
--- /dev/null
+++ b/en/aws/kms/kms-duplicate-grants.md
@@ -0,0 +1,23 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AWS / KMS / KMS Duplicate Grants
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | KMS Duplicate Grants |
+| **Cloud** | AWS |
+| **Category** | KMS |
+| **Description** | Ensure that AWS KMS keys does not have duplicate grants to adhere to AWS security best practices. |
+| **More Info** | Duplicate grants have the same key ARN, API actions, grantee principal, encryption context, and name. If you retire or revoke the original grant but leave the duplicates, the leftover duplicate grants constitute unintended escalations of privilege. |
+| **AWS Link** | http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html |
+| **Recommended Action** | Delete duplicate grants for AWS KMS keys |
+
+## Detailed Remediation Steps
+1. Log into the AWS Management Console. </br>
+2. Select the "Services" option and search for KMS. </br>
+3. To delete a grant, retire or revoke it. </br>
+4. To identify the grant to retire, use a grant token, or both the grant ID and a key identifier (key ID or key ARN) of the KMS key. </br>
+5. Follow this guide https://docs.aws.amazon.com/kms/latest/APIReference/API_RetireGrant.html to retire grant either by sending a request or using language-specific AWS SDKs. </br> 
+6. To revoke a grant follow this document https://docs.aws.amazon.com/kms/latest/APIReference/API_RevokeGrant.html </br>
\ No newline at end of file
diff --git a/en/aws/kms/kms-grant-least-privilege.md b/en/aws/kms/kms-grant-least-privilege.md
new file mode 100644
index 000000000..6c0011c25
--- /dev/null
+++ b/en/aws/kms/kms-grant-least-privilege.md
@@ -0,0 +1,15 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AWS / KMS / KMS Grant Least Privilege
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | KMS Grant Least Privilege |
+| **Cloud** | AWS |
+| **Category** | KMS |
+| **Description** | Ensure that AWS KMS key grants use the principle of least privileged access |
+| **More Info** | AWS KMS key grants should be created with minimum set of permissions required by grantee principal to adhere to AWS security best practices |
+| **AWS Link** | https://docs.aws.amazon.com/kms/latest/developerguide/grants.html |
+| **Recommended Action** | Create KMS grants with minimum permission required |
\ No newline at end of file
diff --git a/en/aws/lambda/lambda-tracing-enabled.md b/en/aws/lambda/lambda-tracing-enabled.md
new file mode 100644
index 000000000..6b5b21219
--- /dev/null
+++ b/en/aws/lambda/lambda-tracing-enabled.md
@@ -0,0 +1,26 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AWS / Lambda / Lambda Tracing Enabled
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Lambda Tracing Enabled |
+| **Cloud** | AWS |
+| **Category** | Lambda |
+| **Description** | Ensures AWS Lambda functions have active tracing for X-Ray. |
+| **More Info** | AWS Lambda functions should have active tracing in order to gain visibility into the functions execution and performance. |
+| **AWS Link** | https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html |
+| **Recommended Action** | Modify Lambda functions to activate tracing. |
+
+## Detailed Remediation Steps
+1. Log into the AWS Management Console. </br>
+2. Select the "Services" option and search for Lambda. </br> 
+3. Scroll down the left navigation panel and choose "Functions".</br> 
+4. Select the Lambda function that needs to be verify from "Functions name".</br> 
+5. On the "Lambda Functions" page scroll down and choose "Configuration".</br>
+6. Scroll down the "Configuration" tab and choose the "Monitoring and operations tools". </br>
+7. Under X-Ray, toggle on Active tracing. </br>
+8. Click on the "Save" button at the top of the dashboard.</br>
+9. Repeat steps 4 - 8 to enable active tracing for other "Lambda functions" in the selected region.</br>
\ No newline at end of file
diff --git a/en/aws/s3/s3-bucket-lifecycle-configuration.md b/en/aws/s3/s3-bucket-lifecycle-configuration.md
new file mode 100644
index 000000000..77e518dfc
--- /dev/null
+++ b/en/aws/s3/s3-bucket-lifecycle-configuration.md
@@ -0,0 +1,27 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AWS / S3 / S3 Bucket Lifecycle Configuration
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | S3 Bucket Lifecycle Configuration |
+| **Cloud** | AWS |
+| **Category** | S3 |
+| **Description** | Ensures that S3 buckets have lifecycle configuration enabled to automatically transition S3 bucket objects. |
+| **More Info** | S3 bucket should have lifecycle configuration enabled to automatically downgrade the storage class for your objects. |
+| **AWS Link** | https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-set-lifecycle-configuration-intro.html |
+| **Recommended Action** | Update S3 bucket and create lifecycle rule configuration. |
+
+## Detailed Remediation Steps
+1. Log into the AWS Management Console. </br>
+2. Select the "Services" option and search for S3. </br>
+3. Scroll down the left navigation pane and choose "Buckets".</br> 
+4. Select the "Bucket" that needs to add policy to and click on its identifier(name) from the "Bucket name" column.</br>
+5. Click on the "Management" tab on the top menu. </br>
+6. Click on Create Lifecycle rule. </br>
+7. Choose the rule scope (all bucket objects OR limit scope to specific objects using filters/ tags prefix) . </br>
+8. Check Lifecycle rule actions you need to apply. </br>
+9. Click on the "Save" button to make the necessary changes. </br>
+10. Repeat steps number 4 - 9 to enable lifecycle configurations in other S3 buckets.</br>
\ No newline at end of file
diff --git a/en/aws/s3/s3-dns-compliant-bucket-names.md b/en/aws/s3/s3-dns-compliant-bucket-names.md
new file mode 100644
index 000000000..3b7625fce
--- /dev/null
+++ b/en/aws/s3/s3-dns-compliant-bucket-names.md
@@ -0,0 +1,15 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AWS / S3 / S3 DNS Compliant Bucket Names
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | S3 DNS Compliant Bucket Names |
+| **Cloud** | AWS |
+| **Category** | S3 |
+| **Description** | Ensures that S3 buckets have DNS complaint bucket names. |
+| **More Info** | S3 bucket names must be DNS-compliant and not contain period "." to enable S3 Transfer Acceleration and to use buckets over SSL. |
+| **AWS Link** | https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html |
+| **Recommended Action** | Recreate S3 bucket to use "-" instead of "." in S3 bucket names. |
\ No newline at end of file
diff --git a/en/aws/s3/s3-transfer-acceleration-enabled.md b/en/aws/s3/s3-transfer-acceleration-enabled.md
new file mode 100644
index 000000000..debbde8a9
--- /dev/null
+++ b/en/aws/s3/s3-transfer-acceleration-enabled.md
@@ -0,0 +1,26 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AWS / S3 / S3 Transfer Acceleration Enabled
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | S3 Transfer Acceleration Enabled |
+| **Cloud** | AWS |
+| **Category** | S3 |
+| **Description** | Ensures that S3 buckets have transfer acceleration enabled to increase the speed of data transfers. |
+| **More Info** | S3 buckets should have transfer acceleration enabled to increase the speed of data transfers in and out of Amazon S3 using AWS edge network. |
+| **AWS Link** | https://docs.aws.amazon.com/AmazonS3/latest/userguide/transfer-acceleration-examples.html |
+| **Recommended Action** | Modify S3 bucket to enable transfer acceleration. |
+
+## Detailed Remediation Steps
+1. Log into the AWS Management Console. </br>
+2. Select the "Services" option and search for S3. </br>
+3. Scroll down the left navigation pane and Click on "Buckets".</br> 
+4. Select the "Bucket" that needs to add policy to and click on its identifier(name) from the "Bucket name" column.</br>
+5. Click on the "Properties" tab on the top menu. </br>
+6. Click Edit Transfer acceleration. </br>
+7. Select Enable. </br> 
+8. Click on the "Save" button to make the necessary changes. </br>
+9. Repeat steps 4 - 8 to enable transfer accelaration for other S3 buckets in the region. </br>
\ No newline at end of file
diff --git a/en/aws/s3/s3-versioned-buckets-lifecycle-configuration.md b/en/aws/s3/s3-versioned-buckets-lifecycle-configuration.md
new file mode 100644
index 000000000..9776cf4d2
--- /dev/null
+++ b/en/aws/s3/s3-versioned-buckets-lifecycle-configuration.md
@@ -0,0 +1,28 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AWS / S3 / S3 Versioned Buckets Lifecycle Configuration
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | S3 Versioned Buckets Lifecycle Configuration |
+| **Cloud** | AWS |
+| **Category** | S3 |
+| **Description** | Ensure that S3 buckets having versioning enabled also have lifecycle policy configured for non-current objects. |
+| **More Info** | When object versioning is enabled on a bucket, every modification/update to an object results in a new version of the object that will be stored indefinitely. Enable a lifecycle policy, so that non-current object versions are removed or transitioned in a predictable manner. |
+| **AWS Link** | https://docs.aws.amazon.com/AmazonS3/latest/userguide/how-to-set-lifecycle-configuration-intro.html |
+| **Recommended Action** | Configure lifecycle rules for buckets which have versioning enabled. |
+
+## Detailed Remediation Steps
+1. Log into the AWS Management Console. </br>
+2. Select the "Services" option and search for S3. </br>
+3. Scroll down the left navigation pane and choose "Buckets".</br> 
+4. Select the "Bucket" that needs to create lifecycle rule for by clicking on its identifier(name) from the "Bucket name" column.</br>
+5. Click on the "Management" tab on the top menu. </br>
+6. Click on Create Lifecycle rule. </br>
+7. Choose the rule scope (all bucket objects OR limit scope to specific objects using filters/ tags prefix) . </br>
+8. Check Lifecycle rule actions you need to apply. </br>
+9. Make sure to specify a rule for Move noncurrent versions of objects between storage classes. </br>
+10. Click on the "Save" button to make the necessary changes. </br>
+11. Repeat steps 4 - 10 to enable lifecycle configurations in other S3 buckets.</br>
\ No newline at end of file
diff --git a/en/azure/virtualmachines/accelerated-networking-enabled.md b/en/azure/virtualmachines/accelerated-networking-enabled.md
new file mode 100644
index 000000000..e69de29bb
diff --git a/en/azure/virtualmachines/auto-instance-repairs.md b/en/azure/virtualmachines/auto-instance-repairs.md
new file mode 100644
index 000000000..2f707defc
--- /dev/null
+++ b/en/azure/virtualmachines/auto-instance-repairs.md
@@ -0,0 +1,27 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machines / Automatic Instance Repairs Enabled
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Automatic Instance Repairs Enabled |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machines |
+| **Description** | Ensures that automatic instance repairs is enabled for Azure virtual machine scale sets. |
+| **More Info** | Enabling automatic instance repairs for Azure virtual machine scale sets helps achieve high availability for applications by maintaining a set of healthy instances. |
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-automatic-instance-repairs |
+| **Recommended Action** | Enable automatic instance repairs for Azure virtual machine scale sets. |
+
+## Detailed Remediation Steps
+
+{Listed Remediation Steps}
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for "Virtual machine scale sets".
+3. Select the scale set by clicking on the "Name" link.
+4. Select "Health and Repair" in the left hand menu under Settings.
+5. Select "Enabled" in Enable application health monitoring.
+6. Select "On" for Enable automatic repairs. Note that the "Health" extension will need to be added to the Virtual Machines associated with this scale set and the scale set may need restarted prior to the changes successfully being made.
+7. Save the changes.
+8. Repeat steps 3-7 for all other scale sets.
\ No newline at end of file
diff --git a/en/azure/virtualmachines/auto-os-upgrades-enabled.md b/en/azure/virtualmachines/auto-os-upgrades-enabled.md
new file mode 100644
index 000000000..682fa1af8
--- /dev/null
+++ b/en/azure/virtualmachines/auto-os-upgrades-enabled.md
@@ -0,0 +1,25 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machines / Automatic OS Upgrades Enabled
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Automatic OS Upgrades Enabled |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machines |
+| **Description** | Ensure that automatic operating system (OS) upgrades are enabled for Microsoft Azure virtual machine scale sets. |
+| **More Info** | Enabling automatic OS image upgrades on your scale set helps ease update management by safely and automatically upgrading the OS disk for all instances in the scale set. |
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-automatic-upgrade |
+| **Recommended Action** | Enable automatic OS upgrades under operating system settings. |
+
+## Detailed Remediation Steps
+
+{Listed Remediation Steps}
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for "Virtual machine scale sets".
+3. Select the corresponding scale set by clicking on the "name" link
+4. Once the scale set is selected, select "Upgrade policy" in the left side menu under Settings.
+5. Select "Automatic" in the drop down menu for "Upgrade Mode" and save the changes.
+6. Repeat steps 3-5 for all applicable scale set instances.
\ No newline at end of file
diff --git a/en/azure/virtualmachines/disk-volumes-byok-encryption-enabled.md b/en/azure/virtualmachines/disk-volumes-byok-encryption-enabled.md
new file mode 100644
index 000000000..cd3687733
--- /dev/null
+++ b/en/azure/virtualmachines/disk-volumes-byok-encryption-enabled.md
@@ -0,0 +1,26 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machines / Disk Volumes BYOK Encryption Enabled
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Disk Volumes BYOK Encryption Enabled |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machines |
+| **Description** | Ensures that Azure virtual machine disks have BYOK (Customer-Managed Key) encryption enabled. |
+| **More Info** | Encrypting virtual machine disk volumes helps protect and safeguard your data to meet organizational security and compliance commitments. |
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/virtual-machines/windows/disk-encryption-key-vault |
+| **Recommended Action** | Ensure that virtual machine disks are created using BYOK encryption. |
+
+## Detailed Remediation Steps
+
+{Listed Remediation Steps}
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for Virtual Machines.
+3. Select the corresponding virtual machine by clicking on the "Name" link.
+4. In the left side menu, select "Disk" and click on the corresponding disk "Name" link.
+5. In the left side menu, select "Encryption" and change the Encryption type to one of the customer-managed key options. Select the appropriate encryption sets and then click "Save" to confirm the changes.
+6. Note that if no encryption sets are available, you will need to configure both the Azure "Key Vaults" as well as the "Disk Encryption Sets" resources. Please visit https://docs.microsoft.com/en-us/azure/virtual-machines/windows/disk-encryption-key-vault for more information. 
+7. Repeat steps 3 - 6 for all other applicable virtual machines.
\ No newline at end of file
diff --git a/en/azure/virtualmachines/guest-level-diagnostics-enabled.md b/en/azure/virtualmachines/guest-level-diagnostics-enabled.md
new file mode 100644
index 000000000..35cda14c9
--- /dev/null
+++ b/en/azure/virtualmachines/guest-level-diagnostics-enabled.md
@@ -0,0 +1,26 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machines / Guest Level Diagnostics Enabled
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Guest Level Diagnostics Enabled |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machines |
+| **Description** | Ensures that the guest level diagnostics are enabled. |
+| **More Info** | Guest Level Diagnostics should be enabled to collect information about VMs processing and state of VM applications. |
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/security-center/security-center-enable-vm-agent |
+| **Recommended Action** | Enable guest level diagnostics for all virtual machines. |
+
+## Detailed Remediation Steps
+
+{Listed Remediation Steps}
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for Virtual Machines.
+3. Select the corresponding virtual machine by clicking on the "Name" link.
+4. Ensure that the Virtual Machine is currently running.
+5. In the left menu pane, select "Diagnostic settings" under Monitoring.
+6. In the Diagnostic Settings Overview, select a storage account under "Pick a storage account" and then select "Enable guest-level monitoring".
+7. Repeat steps 3 - 6 for all other applicable Virtual Machines.
diff --git a/en/azure/virtualmachines/password-authentication-disabled.md b/en/azure/virtualmachines/password-authentication-disabled.md
new file mode 100644
index 000000000..7dff28969
--- /dev/null
+++ b/en/azure/virtualmachines/password-authentication-disabled.md
@@ -0,0 +1,20 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machines / Password Authentication Disabled
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Password Authentication Disabled |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machines |
+| **Description** | Ensures that password authentication is disabled on Azure virtual machines. |
+| **More Info** | SSH provides secure sign-ins over unsecured connections. Although SSH provides an encrypted connection, using passwords with SSH connections still leaves the VM vulnerable so it is recommended to connect to VM over SSH instead of password. |
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/virtual-machines/linux/create-ssh-keys-detailed |
+| **Recommended Action** | Disable password authentication on Azure virtual machine. |
+
+## Detailed Remediation Steps
+
+1. Option 1: Change the virtual machine's SSH configuration file to indicate "disable_password_authentication = true"
+2. Option 2: SSH Authentication can be set at build time instead of password authentication. Rebuilding or migrating machines where feasible would satisfy this requirement. 
diff --git a/en/azure/virtualmachines/premium-ssd-disabled.md b/en/azure/virtualmachines/premium-ssd-disabled.md
new file mode 100644
index 000000000..b15cd1a55
--- /dev/null
+++ b/en/azure/virtualmachines/premium-ssd-disabled.md
@@ -0,0 +1,24 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machines / Premium SSD Disabled
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Premium SSD Disabled |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machines |
+| **Description** | Ensures that the Azure virtual machines are configured to use standard SSD disk volumes instead of premium SSD disk volumes for managed disks. |
+| **More Info** | Azure standard SSD disks store data on solid state drives (SSDs), like Azure's existing premium storage disks. Standard SSD disks are a cost-effective storage option optimized for workloads that need consistent performance at lower IOPS levels. |
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/virtual-machines/disks-types |
+| **Recommended Action** | Modify virtual machines disks to use standard SSD disk volumes instead of premium SSD disk volumes. |
+
+## Detailed Remediation Steps
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for Virtual Machines.
+3. Select the Virtual Machine instance to modify by clicking on the "Name" link
+4. Select "Disks" on the left menu side menu settings and then select the appropriate disk by clicking on the "Disk name" link.
+5. Select "Side + Performanmce" on the left menu side menu settings.
+6. Select "Standard SSD (locally-redundant storage" under "Disk SKU"
+7. Select the disk size appropriate for the needs of your environment and then select "Resize" to apply the changes.
\ No newline at end of file
diff --git a/en/azure/virtualmachines/scale-sets-autoscale-notifications-enabled.md b/en/azure/virtualmachines/scale-sets-autoscale-notifications-enabled.md
new file mode 100644
index 000000000..2881731b1
--- /dev/null
+++ b/en/azure/virtualmachines/scale-sets-autoscale-notifications-enabled.md
@@ -0,0 +1,24 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machines / Scale Sets Autoscale Notifications Enabled
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Scale Sets Autoscale Notifications Enabled |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machines |
+| **Description** | Ensures that Virtual Machine scale sets have autoscale notifications enabled. |
+| **More Info** | Autoscale automatically creates new instances when certain metrics are surpassed, or can destroy instances that are being underutilized. Autoscale notifications should be enabled to know about the status of autoscale operation.|
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/azure-monitor/autoscale/autoscale-overview |
+| **Recommended Action** | Ensure that autoscale notifications are enabled for all Virtual Machine Scale Sets. |
+
+## Detailed Remediation Steps
+
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for "Virtual machine scale sets".
+3. Select the corresponding virtual machine scale set by clicking on the "Name" link. 
+4. In the left side menu, select "Scaling" from the Settings section.
+5. In the Scaling section, select the "Notify" option.
+6. In the Notify section, check the appropriate notification box for either administrators or co-administrators and save the changes.
+7. Repeat steps 3 - 6 for all other applicable virtual machine scale sets.
\ No newline at end of file
diff --git a/en/azure/virtualmachines/scale-sets-empty.md b/en/azure/virtualmachines/scale-sets-empty.md
new file mode 100644
index 000000000..fc9b6e64d
--- /dev/null
+++ b/en/azure/virtualmachines/scale-sets-empty.md
@@ -0,0 +1,24 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machines / No Empty Scale Sets
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | No Empty Scale Sets |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machines |
+| **Description** | Ensures that virtual machine scale sets have virtual machine instances attached. |
+| **More Info** | Azure virtual machine scale sets let you create and manage a group of load balanced VMs. Scale sets with no vm instances should be deleted to save cost of unused resources. |
+| **AZURE Link** | Delete virtual machine scale sets that have no virtual machine instances. |
+| **Recommended Action** | https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/overview |
+
+## Detailed Remediation Steps
+
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for "Virtual machine scale sets"
+3. Select a scale set by clicking on the "Name" link
+4. Once open, in the "Overview" section, select "Move" to link the scale set to a virtual machine. 
+5. Repeat steps 3-4 for all other scale sets.
+6. See https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/quick-create-portal if no scale sets are present.
\ No newline at end of file
diff --git a/en/azure/virtualmachines/scale-sets-health-monitoring-enabled.md b/en/azure/virtualmachines/scale-sets-health-monitoring-enabled.md
new file mode 100644
index 000000000..f85040760
--- /dev/null
+++ b/en/azure/virtualmachines/scale-sets-health-monitoring-enabled.md
@@ -0,0 +1,26 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machines / Scale Sets Health Monitoring Enabled
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Scale Sets Health Monitoring Enabled |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machines |
+| **Description** | Ensures that health monitoring is enabled for virtual machine scale sets. |
+| **More Info** | Scale set health monitoring feature reports on VM health from inside the scale set instance and can be configured to probe on an application endpoint and update the status of the application on that instance. That instance status is checked by Azure to determine whether an instance is eligible for upgrade operations. |
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-health-extension |
+| **Recommended Action** | Enable health monitoring for virtual machine scale sets. |
+
+## Detailed Remediation Steps
+
+{Listed Remediation Steps}
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for "Virtual machine scale sets"
+3. Select on the corresponding scale set by clicking on the "Name" link.
+4. In the left side pane, select "Health and repair" under Settings.
+5. Enable the application health monitoring and enable automatic repairs. Save the changes.
+6. Restart the scale set for the changes to take effect. 
+7. Repeat steps 3 - 6 for any other applicable scale sets.
\ No newline at end of file
diff --git a/en/azure/virtualmachines/vm-ad-authentication-enabled.md b/en/azure/virtualmachines/vm-ad-authentication-enabled.md
new file mode 100644
index 000000000..f15a0791a
--- /dev/null
+++ b/en/azure/virtualmachines/vm-ad-authentication-enabled.md
@@ -0,0 +1,23 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machines / VM Active Directory (AD) Authentication Enabled
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | VM Active Directory (AD) Authentication Enabled |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machines |
+| **Description** | Ensures that Azure Active Directory (AD) authentication is enabled for virtual machines. |
+| **More Info** | Organizations can now improve the security of virtual machines (VMs) in Azure by integrating with Azure Active Directory (AD) authentication. Enabling Azure Active Directory (AD) authentication for Azure virtual machines (VMs) ensures access to VMs from one central point and simplifies access permission management. |
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-windows |
+| **Recommended Action** | Enable Azure Active Directory (AD) authentication for Azure virtual machines. |
+
+## Detailed Remediation Steps
+
+1. Note that this service is only available in specific Azure Regions and for specific Windows Distributions. For an up to date list, please visit https://docs.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-windows
+2. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for Virtual Machines.
+3. There are two ways to enable Azure AD login for a Windows VM in Azure. The first is through the Azure portal when creating a Windows VM, the second is through the use of Azure Cloud Shell when creating a Windows VM or for an existing Windows VM. 
+4. Please visit https://docs.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-windows for step by step instructions on how to make the applicable changes based on your environment configuration.
\ No newline at end of file
diff --git a/en/azure/virtualmachines/vm-backups-enabled.md b/en/azure/virtualmachines/vm-backups-enabled.md
new file mode 100644
index 000000000..e6ce8736f
--- /dev/null
+++ b/en/azure/virtualmachines/vm-backups-enabled.md
@@ -0,0 +1,25 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machines / VM Backups Enabled
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | VM Backups Enabled |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machines |
+| **Description** | Ensures that Azure virtual machine backups are enabled. |
+| **More Info** | Azure Backup provides independent and isolated backups to guard against unintended destruction of the data on your VMs. |
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/backup/backup-azure-vms-introduction |
+| **Recommended Action** | Enable Azure virtual machine backups. |
+
+## Detailed Remediation Steps
+
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for "Backup Center".
+3. Select the "Backup Instances" option under "Manage" on the left side menu.
+4. Select the "+ Backup" button to initiate the "Start: Configure Backup" form.
+5. Select the appropriate "Vault" for use and select "Continue".
+6. Adjust the Configure Backup settings based on the needs of your environment.
+6. Under "Virtual Machines" add the appropriate virtual machines for backup and select "Enable Backup".
\ No newline at end of file
diff --git a/en/azure/virtualmachines/vm-boot-diagnostics-enabled.md b/en/azure/virtualmachines/vm-boot-diagnostics-enabled.md
new file mode 100644
index 000000000..63d1bb727
--- /dev/null
+++ b/en/azure/virtualmachines/vm-boot-diagnostics-enabled.md
@@ -0,0 +1,25 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machines / Virtual Machine Boot Diagnostics Enabled
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Virtual Machine Boot Diagnostics Enabled |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machines |
+| **Description** | Ensures that the VM boot diagnostics is enabled for virtual machines. |
+| **More Info** | Boot diagnostics is a debugging feature for Azure virtual machines (VM) that allows diagnosis of VM boot failures. Boot diagnostics enables a user to observe the state of their VM as it is booting up by collecting serial log information and screenshots. |
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/virtual-machines/boot-diagnostics |
+| **Recommended Action** | Enable boot diagnostics for all virtual machines. |
+
+## Detailed Remediation Steps
+
+{Listed Remediation Steps}
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for "Virtual Machines".
+3. Select the corresponding virtual machine by clicking on the "Name" link.
+4. In the left side menu, select "Boot diagnostics" from the Support + troubleshooting options.
+5. Select the "Settings" option within the Boot diagnostics section
+6. Select "Enable" for the appropriate storage account option based on specific need and save the changes.
+7. Repeat steps 3 - 6 for other applicable Virtual machines.
\ No newline at end of file
diff --git a/en/azure/virtualmachines/vm-daily-backup-retention.md b/en/azure/virtualmachines/vm-daily-backup-retention.md
new file mode 100644
index 000000000..f48d5557e
--- /dev/null
+++ b/en/azure/virtualmachines/vm-daily-backup-retention.md
@@ -0,0 +1,24 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machines / VM Daily Backup Retention
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | VM Daily Backup Retention Period |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machines |
+| **Description** | Ensures that VM daily backup retention policy is configured to retain backups for the desired number of days. |
+| **More Info** | Azure Backup provides independent and isolated backups to guard against unintended destruction of the data on your VMs. These backups should be retained for a specific amount of time to recover destroyed VM.|
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/backup/backup-azure-vms-introduction |
+| **Recommended Action** | Configure virtual machine daily backup retention policy to retain backups for desired number of days. |
+
+## Detailed Remediation Steps
+
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for "Backup Center".
+3. Select the "Backup Policies" option under "Manage" by clicking on the "Name" link to access the configuration changes. 
+4. In the selected "Policy" under the "Retention Range" section, select "Retention of daily backup point" and set the time and days to the desired retention amount. Save the changes. 
+5. Note that a minimum of 5 days is suggested for audit compliance.
+6. Repeat steps number 3 - 4 to verify other "Policies" in the Backup Center.
diff --git a/en/azure/virtualmachines/vm-instant-restore-backup-retention-period.md b/en/azure/virtualmachines/vm-instant-restore-backup-retention-period.md
new file mode 100644
index 000000000..f8ab4a64d
--- /dev/null
+++ b/en/azure/virtualmachines/vm-instant-restore-backup-retention-period.md
@@ -0,0 +1,25 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machines / VM Instant Restore Backup Retention Period
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | VM Instant Restore Backup Retention Period |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machines |
+| **Description** | Ensures that VM instant restore backup retention policy is configured to retain backups for the desired number of days. |
+| **More Info** | Azure Backup provides independent and isolated backups to guard against unintended destruction of the data on your VMs. These backups should be retained for a specific amount of time to recover destroyed VM. |
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/backup/backup-instant-restore-capability |
+| **Recommended Action** | Configure virtual machine instant restore backup retention policy to retain backups for desired number of days. |
+
+## Detailed Remediation Steps
+
+{Listed Remediation Steps}
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for Backup Center.
+3. Select "Backup Policies" under the Manage section.
+4. Select the policy impacting the at risk Virtual Machine by clicking on the "Name" link.
+5. In the Modify Policy form, change the "Retain instant recovery snapshot(s) for" number of days to five(5) or greater and then click Save.
+6. Apply these changes to all applicable policies.
\ No newline at end of file
diff --git a/en/azure/virtualmachines/vm-managed-disks-enabled.md b/en/azure/virtualmachines/vm-managed-disks-enabled.md
new file mode 100644
index 000000000..e34a5da1e
--- /dev/null
+++ b/en/azure/virtualmachines/vm-managed-disks-enabled.md
@@ -0,0 +1,20 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machines / VM Managed Disks Enabled
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | VM Managed Disks Enabled |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machines |
+| **Description** | Ensures that Azure virtual machines are configured to use Azure managed disks. |
+| **More Info** | Azure managed disks are block-level storage volumes that are managed by Azure are like physical disks in an on-premises server but, virtualized. Azure managed disks provide high durability and security. |
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/virtual-machines/managed-disks-overview |
+| **Recommended Action** | Azure managed disks are block-level storage volumes that are managed by Azure and used with Azure Virtual Machines. |
+
+## Detailed Remediation Steps
+
+1. Azure managed disks are block-level storage volumes that are managed by Azure and used with Azure Virtual Machines.
+2. For instructions on how to migrate your existing VHD to Azure, please see https://docs.microsoft.com/en-us/azure/virtual-machines/managed-disks-overview#upload-your-vhd
\ No newline at end of file
diff --git a/en/azure/virtualmachines/vm-managed-image.md b/en/azure/virtualmachines/vm-managed-image.md
new file mode 100644
index 000000000..57ac5f456
--- /dev/null
+++ b/en/azure/virtualmachines/vm-managed-image.md
@@ -0,0 +1,26 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machines / Managed VM Machine Image
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Managed VM Machine Image |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machines |
+| **Description** | Ensures that VM is launched from a managed VM image. |
+| **More Info** | A managed VM image contains the information necessary to create a VM, including the OS and data disks. Virtual Machines should be launched using managed images to ensure security practices and consistency across all the instances. |
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/virtual-machines/windows/create-vm-generalized-managed |
+| **Recommended Action** | Ensure that VM is launched using managed VM image. |
+
+## Detailed Remediation Steps
+
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for Virtual Machines.
+3. Select the applicable Virtual Machine from the list of Virtual Machines by clicking on the "name" link.
+4. In the left side menu for the Virtual Machine, select "Disks" under Settings.
+5. At the top of the Disks section, select "Migrate to managed disks".
+6. If your VM is in an availability set, there will be a warning on the Migrate to managed disks blade that you need to convert the availability set first. The warning should have a link you can click to convert the availability set. Once the availability set is converted or if your VM is not in an availability set, click Migrate to start the process of migrating your disks to managed disks.
+7. The VM will be stopped and restarted after migration is complete.
+8. Repeat steps 3-5 for all other applicable disks.
\ No newline at end of file
diff --git a/en/azure/virtualmachines/vm-old-disk-snapshots.md b/en/azure/virtualmachines/vm-old-disk-snapshots.md
new file mode 100644
index 000000000..78ecdaa81
--- /dev/null
+++ b/en/azure/virtualmachines/vm-old-disk-snapshots.md
@@ -0,0 +1,25 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machine / Old VM Disk Snapshots
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Old VM Disk Snapshots |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machine |
+| **Description** | Ensures that virtual machines do not have older disk snapshots. |
+| **More Info** | A snapshot is a full, read-only copy of a virtual hard drive (VHD). You can take a snapshot of an OS or data disk VHD to use as a backup, or to troubleshoot virtual machine (VM) issues. VM snapshots older than a specific period of time should be deleted to save cost of unused resources. |
+| **AZURE Link** | https://docs.microsoft.com/en-us/azure/virtual-machines/windows/snapshot-copy-managed-disk |
+| **Recommended Action** | Ensure that there are no undesired old VM disk snapshots. |
+
+## Detailed Remediation Steps
+
+{Listed Remediation Steps}
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for "Snapshots".
+3. Select the applicable Snapshot by clicking on the "Name" link.
+4. In the left menu pane, select "Snapshot export" if applicable and export a version of the snapshot if required to keep.
+5. Select the "Overview" menu section and click on "Delete" to remove the snapshot from the environment. 
+6. Repeat steps 3 - 5 for any other applicable snapshots.
\ No newline at end of file
diff --git a/en/azure/virtualmachines/vm-performance-diagnostics-enabled.md b/en/azure/virtualmachines/vm-performance-diagnostics-enabled.md
new file mode 100644
index 000000000..abf6fd05b
--- /dev/null
+++ b/en/azure/virtualmachines/vm-performance-diagnostics-enabled.md
@@ -0,0 +1,24 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machines / Virtual Machine Performance Diagnostics Enabled
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Virtual Machine Performance Diagnostics Enabled |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machines |
+| **Description** | Ensures that performance diagnostics is enabled on virtual machines. |
+| **More Info** | The performance diagnostics tool helps in troubleshooting performance issues that can affect a Windows or Linux virtual machine (VM). |
+| **AZURE Link** | https://docs.microsoft.com/en-us/troubleshoot/azure/virtual-machines/performance-diagnostics |
+| **Recommended Action** | Enable performance diagnostics on Azure virtual machines. |
+
+## Detailed Remediation Steps
+
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for Virtual Machines
+3. Select the corresponding Virtual Machine by clicking on the "Name" link.
+4. In the left side menu, select "Performance diagnostics" under Support + troubleshooting.
+5. Click "Install performance diagnostics" to enable the Virtual Machine Performance Diagnostics.
+6. Repeat steps 3 - 5 for any other applicable Virtual Machines.
\ No newline at end of file
diff --git a/resources/aws/.DS_Store b/resources/aws/.DS_Store
new file mode 100644
index 000000000..f0d7c7ec7
Binary files /dev/null and b/resources/aws/.DS_Store differ
diff --git a/resources/aws/glacier/.DS_Store b/resources/aws/glacier/.DS_Store
new file mode 100644
index 000000000..1cef0cec4
Binary files /dev/null and b/resources/aws/glacier/.DS_Store differ
diff --git a/resources/aws/glacier/s3-glacier-vault-public-access/.DS_Store b/resources/aws/glacier/s3-glacier-vault-public-access/.DS_Store
new file mode 100644
index 000000000..dfc798562
Binary files /dev/null and b/resources/aws/glacier/s3-glacier-vault-public-access/.DS_Store differ
diff --git a/resources/aws/glacier/s3-glacier-vault-public-access/step2.png b/resources/aws/glacier/s3-glacier-vault-public-access/step2.png
new file mode 100644
index 000000000..ba13c82a0
Binary files /dev/null and b/resources/aws/glacier/s3-glacier-vault-public-access/step2.png differ
diff --git a/resources/aws/glacier/s3-glacier-vault-public-access/step3.png b/resources/aws/glacier/s3-glacier-vault-public-access/step3.png
new file mode 100644
index 000000000..f83300a61
Binary files /dev/null and b/resources/aws/glacier/s3-glacier-vault-public-access/step3.png differ
diff --git a/resources/aws/glacier/s3-glacier-vault-public-access/step4.png b/resources/aws/glacier/s3-glacier-vault-public-access/step4.png
new file mode 100644
index 000000000..e933870e9
Binary files /dev/null and b/resources/aws/glacier/s3-glacier-vault-public-access/step4.png differ
diff --git a/resources/aws/glacier/s3-glacier-vault-public-access/step5.png b/resources/aws/glacier/s3-glacier-vault-public-access/step5.png
new file mode 100644
index 000000000..9a2ef07c4
Binary files /dev/null and b/resources/aws/glacier/s3-glacier-vault-public-access/step5.png differ
diff --git a/resources/aws/glacier/s3-glacier-vault-public-access/step6.png b/resources/aws/glacier/s3-glacier-vault-public-access/step6.png
new file mode 100644
index 000000000..aa06d3f87
Binary files /dev/null and b/resources/aws/glacier/s3-glacier-vault-public-access/step6.png differ