Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

guide vmss approved extensions #686

Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -295,6 +295,8 @@ This repository is an extension of CloudSploit's [open-source scanning engine](h
* [VM OS Disk Encryption](en/azure/virtualmachines/vm-os-disk-encryption.md)
* Virtual Networks
* [Multiple Subnets](en/azure/virtualnetworks/multiple-subnets.md)
* Virtual Machine Scale Set
* [VM Scale Set Approved Extensions](en/azure/virtualmachinescaleset/vmss-approved-extensions.md)
* Google
* CLB
* [CLB CDN Enabled](en/google/clb/clb-cdn-enabled.md)
Expand Down
25 changes: 25 additions & 0 deletions en/azure/virtualmachinescaleset/vmss-approved-extensions.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)

# AZURE / Virtual Machine Scale Set / VM Scale Set Approved Extensions

## Quick Info

| | |
|-|-|
| **Plugin Title** | VM Scale Set Approved Extensions |
| **Cloud** | AZURE |
| **Category** | Virtual Machine Scale Set |
| **Description** | Ensures that approved Virtual Machine Scale Set extensions are installed |
| **More Info** | Extensions are small applications that provide post-deployment configuration and automation on Azure VMs. Extensions installed should be approved by the organization to meet the organizational security requirements. |
| **AZURE Link** | https://learn.microsoft.com/en-us/azure/virtual-machines/extensions/overview |
| **Recommended Action** | Uninstall unapproved virtual machine scale set extensions. |

## Detailed Remediation Steps

1. Log in to the Microsoft Azure Management Console.
2. Select the "Search resources, services, and docs" option at the top and search for "Virtual Machine Scale Set". </br> <img src="/resources/azure/virtualmachinescaleset/vmss-approved-extensions/step2.png"/>
3. Select the "Scale Set" by clicking on the "Name" link to access the configuration changes. </br> <img src="/resources/azure/virtualmachinescaleset/vmss-approved-extensions/step3.png"/>
4. In the left navigation panel, click on the "Extensions + applications" under "Settings".</br> <img src="/resources/azure/virtualmachinescaleset/vmss-approved-extensions/step4.png"/>
5. Select the unapproved "Extension" by clicking on by clicking on its name under Extensions tab. </br> <img src="/resources/azure/virtualmachinescaleset/vmss-approved-extensions/step5.png"/>
6. On the extension details panel click "Uninstall" button to remove the extension from scale set.</br> <img src="/resources/azure/virtualmachinescaleset/vmss-approved-extensions/step6.png"/>
7. Repeat step 5-6 to remove all the unapproved extensions from virtual machine scale set.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.