Loading controls...
Benchmark: Compute
Description
This benchmark provides a set of controls that detect Terraform Azure Compute resources deviating from security best practices.
Usage
Browse dashboards and select Compute:
steampipe dashboardOr run the benchmarks in your terminal:
steampipe check terraform_azure_compliance.benchmark.computeSnapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share terraform_azure_compliance.benchmark.computeControls
- Virtual machines and virtual machine scale sets should have encryption at host enabled
- Azure Defender for servers should be enabled
- Deploy the Linux Guest Configuration extension to enable Guest Configuration assignments on Linux VMs
- Deploy the Windows Guest Configuration extension to enable Guest Configuration assignments on Windows VMs
- Guest Configuration extension should be installed on your machines
- Deploy default Microsoft IaaSAntimalware extension for Windows Server
- System updates should be installed on your machines
- Virtual machines should be migrated to new Azure Resource Manager resources
- IP Forwarding on your virtual machine should be disabled