Query: Ensure Trusted Launch is enabled on Virtual Machines

Description

When Secure Boot and vTPM are enabled together, they provide a strong foundation for protecting your VM from boot attacks. For example, if an attacker attempts to replace the bootloader with a malicious version, Secure Boot will prevent the VM from booting.

Query

Tables used in this query:

• azure_compute_virtual_machine
• azure_subscription

Controls using this query:

• 7.9 Ensure Trusted Launch is enabled on Virtual Machines
• 8.11 Ensure Trusted Launch is enabled on Virtual Machines
• Ensure Trusted Launch is enabled on Virtual Machines

SQL