Detections
Analytics

Ensure LinuxDiagnostic is enabled for Azure Linux Virtual Machine Scale Set

MEDIUM

Description

LinuxDiagnotic is not enabled for Azure Linux Virtual Machine Scale Set, this may make audit challenging.

Remediation

The LinuxDiagnostic extension can be installed using the CLI or with Terraform. To learn more about how to install it using the CLI, see the Azure documentation (below).

In Terraform -

  1. In the azurerm_linux_virtual_machine_scale_set resource, create an extension block.
  2. In the settings field, add a json value for LinuxDiagnostic and set it to true.

References:
https://learn.microsoft.com/en-us/azure/virtual-machine-scale-sets/
https://learn.microsoft.com/en-us/azure/virtual-machines/extensions/diagnostics-linux?tabs=azcli#install-the-extension
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine_scale_set#extension

Policy Details

Rule Reference ID: AC_AZURE_0151
CSP: Azure
Remediation Available: No
Domain: Compliance Validation
Resource: azurerm_linux_virtual_machine_scale_set
Resource Category: Compute
Resource Type: Virtual Machine

Frameworks