Control: Deploy the Linux Guest Configuration extension to enable Guest Configuration assignments on Linux VMs
Description
This policy deploys the Linux Guest Configuration extension to Linux virtual machines hosted in Azure that are supported by Guest Configuration. The Linux Guest Configuration extension is a prerequisite for all Linux Guest Configuration assignments and must be deployed to machines before using any Linux Guest Configuration policy definition.
Usage
Run the control in your terminal:
powerpipe control run azure_compliance.control.compute_vm_guest_configuration_installed_linuxSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_compliance.control.compute_vm_guest_configuration_installed_linux --shareSQL
This control uses a named query:
with agent_installed_vm as ( select distinct a.vm_id from azure_compute_virtual_machine as a, jsonb_array_elements(extensions) as b where b ->> 'Publisher' = 'Microsoft.GuestConfiguration' and b ->> 'ProvisioningState' = 'Succeeded' and b ->> 'ExtensionType' = 'ConfigurationforLinux' and b ->> 'Name' like '%AzurePolicyforLinux')select a.vm_id as resource, case when a.os_type <> 'Linux' then 'skip' when b.vm_id is not null then 'ok' else 'alarm' end as status, case when a.os_type <> 'Linux' then a.title || ' is of ' || a.os_type || ' operating system.' when b.vm_id is not null then a.title || ' have guest configuration extension installed.' else a.title || ' guest configuration extension not installed.' end as reason , a.resource_group as resource_group , sub.display_name as subscriptionfrom azure_compute_virtual_machine as a left join agent_installed_vm as b on a.vm_id = b.vm_id, azure_subscription as subwhere sub.subscription_id = a.subscription_id;