Control: Deploy the Linux Guest Configuration extension to enable Guest Configuration assignments on Linux VMs
Description
This policy deploys the Linux Guest Configuration extension to Linux virtual machines hosted in Azure that are supported by Guest Configuration. The Linux Guest Configuration extension is a prerequisite for all Linux Guest Configuration assignments and must be deployed to machines before using any Linux Guest Configuration policy definition.
Usage
Run the control in your terminal:
powerpipe control run terraform_azure_compliance.control.compute_vm_guest_configuration_installed_linuxSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run terraform_azure_compliance.control.compute_vm_guest_configuration_installed_linux --shareSQL
This control uses a named query:
with all_linux_vm as ( select * from terraform_resource where type = 'azurerm_virtual_machine' and (attributes_std -> 'os_profile_linux_config') is not null), vm_extensions as ( select * from terraform_resource where type = 'azurerm_virtual_machine_extension'),vm_guest_configuration as ( select split_part((b.attributes_std ->> 'virtual_machine_id'), '.', 2) as vm_name from all_linux_vm as a left join vm_extensions as b on split_part((b.attributes_std ->> 'virtual_machine_id'), '.', 2) = a.name where (b.attributes_std ->> 'publisher') = 'Microsoft.GuestConfiguration')select address as resource, case when d.vm_name is null then 'alarm' else 'ok' end as status, split_part(address, '.', 2) || case when d.vm_name is null then ' have guest configuration extension not installed' else ' have guest configuration extension installed' end || '.' reason , path || ':' || start_linefrom all_linux_vm as c left join vm_guest_configuration as d on c.name = d.vm_name;