Control: Azure Arc enabled Kubernetes clusters should have Microsoft Defender for Cloud extension installed
Microsoft Defender for Cloud extension for Azure Arc provides threat protection for your Arc enabled Kubernetes clusters. The extension collects data from all nodes in the cluster and sends it to the Azure Defender for Kubernetes backend in the cloud for further analysis.
Run the control in your terminal:
powerpipe control run azure_compliance.control.arc_kubernetes_cluster_azure_defender_extension_installed
Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_compliance.control.arc_kubernetes_cluster_azure_defender_extension_installed --share
This control uses a named query:
select id as resource, 'info' as status, 'Manual verification required.' as reason, display_name as subscriptionfrom azure_subscription;