Detections
Analytics

Ensure ssh keys are used to auth Azure Virtual Machine

MEDIUM

Description

SSH authentication is not enabled for Azure Virtual Machine, basic authentication is easier to break, this may lead to unauthorized access.

Remediation

Once a Virtual Machine is created in the console, the authentication mode cannot be changed. To create a resource with the correct settings, follow the steps below.

In Azure Console -

  1. Open the Azure Portal and go to Virtual Machines.
  2. Create a new Virtual Machine.
  3. Under Basics, for the Administrator account Authentication type, choose SSH public key and setup the appropriate key pair.
  4. Configure as needed.

In Terraform -
Deprecated in favor of azurerm_linux_virtual_machine and azurerm_windows_virtual_machine:

  1. In the azurerm_virtual_machine resource, set boot_diagnostics.enabled to true.

References:
https://learn.microsoft.com/en-us/azure/virtual-machines
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine

Policy Details

Rule Reference ID: AC_AZURE_0363
CSP: Azure
Remediation Available: Yes
Domain: Identity and Access Management
Resource: azurerm_virtual_machine
Resource Category: Compute
Resource Type: Virtual Machine

Frameworks