Ensure backup is enabled using Azure Backup for Azure Linux Virtual Machines

LOW

Description

Azure Linux Virtual Machines do not have backups configured using Azure Backup. Disabled backups could lead to data loss in case of failure.

Remediation

In Azure Console -

Open the Azure Portal and go to Virtual Machines.
Choose the virtual machine to edit.
Under Operations, choose Backup.
Follow the prompts to configure a backup plan using Azure Backup for Azure VMs.

In Terraform -

For each azurerm_linux_virtual_machine resource, create a new azurerm_backup_protected_vm configuration.
This will require an azurerm_recovery_services_vault and azurerm_backup_policy_vm resource if they do not already exist.
For more information on creating the necessary resources, see the Terraform documentation (below).

References:
https://learn.microsoft.com/en-us/azure/virtual-machines/backup-recovery
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine

Policy Details

Rule Reference ID: AC_AZURE_0113

CSP: Azure

Remediation Available: Yes

Domain: Security Best Practices

Resource: azurerm_linux_virtual_machine

Resource Category: Compute

Resource Type: Virtual Machine

Frameworks

GDPR
HIPAA
NIST-800-171
NIST-800-53
NIST-CSF
ISO-27001