Control: System updates should be installed on your machines
Description
Missing security system updates on your servers will be monitored by Azure Security Center as recommendations.
Usage
Run the control in your terminal:
powerpipe control run azure_compliance.control.compute_vm_system_updates_installedSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_compliance.control.compute_vm_system_updates_installed --shareSQL
This control uses a named query:
select vm.vm_id as resource, case when enable_automatic_updates then 'ok' else 'alarm' end as status, case when enable_automatic_updates then vm.title || ' automatic system updates enabled.' else vm.title || ' automatic system updates disabled.' end as reason , vm.resource_group as resource_group , sub.display_name as subscriptionfrom azure_compute_virtual_machine as vm, azure_subscription as subwhere sub.subscription_id = vm.subscription_id;