Merge pull request #184 from rtkwlf/defenderForCloud

added VMSS folder with guides

en/azure/virtualmachines/automatic-instance-repairs-enabled.md → en/azure/virtualmachinescaleset/automatic-instance-repairs-enabled.md

@@ -1,14 +1,14 @@
 [![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
 
-# AZURE / Virtual Machines / Automatic Instance Repairs Enabled
+# AZURE / Virtual Machine Scale Set / Automatic Instance Repairs Enabled
 
 ## Quick Info
 
 | | |
 |-|-|
 | **Plugin Title** | Automatic Instance Repairs Enabled |
 | **Cloud** | AZURE |
-| **Category** | Virtual Machines |
+| **Category** | Virtual Machine Scale Set |
 | **Description** | Ensures that automatic instance repairs is enabled for Azure virtual machine scale sets. |
 | **More Info** | Enabling automatic instance repairs for Azure virtual machine scale sets helps achieve high availability for applications by maintaining a set of healthy instances. |
 | **AZURE Link** | https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-automatic-instance-repairs |

en/azure/virtualmachines/automatic-os-upgrades-enabled.md → en/azure/virtualmachinescaleset/automatic-os-upgrades-enabled.md

@@ -1,14 +1,14 @@
 [![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
 
-# AZURE / Virtual Machines / Automatic OS Upgrades Enabled
+# AZURE / Virtual Machine Scale Set / Automatic OS Upgrades Enabled
 
 ## Quick Info
 
 | | |
 |-|-|
 | **Plugin Title** | Automatic OS Upgrades Enabled |
 | **Cloud** | AZURE |
-| **Category** | Virtual Machines |
+| **Category** | Virtual Machine Scale Set |
 | **Description** | Ensure that automatic operating system (OS) upgrades are enabled for Microsoft Azure virtual machine scale sets. |
 | **More Info** | Enabling automatic OS image upgrades on your scale set helps ease update management by safely and automatically upgrading the OS disk for all instances in the scale set. |
 | **AZURE Link** | https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-automatic-upgrade |

en/azure/virtualmachinescaleset/health-monitoring-extension-https.md

@@ -0,0 +1,24 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machine Scale Set / Health Monitoring Extension HTTPS Enabled
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Health Monitoring Extension HTTPS Enabled |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machine Scale Set |
+| **Description** | Ensures that Virtual Machine Scale Set has HTTPS enabled for health monitoring. |
+| **More Info** | Enabling Application Health Extension in Virtual Machine Scale Set instance reports on application health from inside based on HTTPS responses received from the application. This allows to initiate repairs on unhealthy instances and to determine if an instance is eligible for upgrade operations. |
+| **AZURE Link** | https://learn.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-health-extension |
+| **Recommended Action** | Modify virtual machine scale set extensions and enable HTTPS for health monitoring.|
+
+## Detailed Remediation Steps
+
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for "Virtual machine scale sets".
+3. Select the corresponding scale set by clicking on the "name" link
+4. Once the scale set is selected, select "Extensions + Applications".
+5. Look for an extension named ApplicationHealthWindows (for Windows) or ApplicationHealthLinux (for Linux) and choose the appropriate extension.
+6. Repeat steps 3-5 for all applicable scale set instances.

en/azure/virtualmachines/no-empty-scale-sets.md → en/azure/virtualmachinescaleset/no-empty-scale-sets.md

@@ -1,14 +1,14 @@
 [![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
 
-# AZURE / Virtual Machines / No Empty Scale Sets
+# AZURE / Virtual Machine Scale Set / No Empty Scale Sets
 
 ## Quick Info
 
 | | |
 |-|-|
 | **Plugin Title** | No Empty Scale Sets |
 | **Cloud** | AZURE |
-| **Category** | Virtual Machines |
+| **Category** | Virtual Machine Scale Set |
 | **Description** | Ensures that virtual machine scale sets have virtual machine instances attached. |
 | **More Info** | Azure virtual machine scale sets let you create and manage a group of load balanced VMs. Scale sets with no vm instances should be deleted to save cost of unused resources. |
 | **AZURE Link** | Delete virtual machine scale sets that have no virtual machine instances. |

en/azure/virtualmachinescaleset/scale-set-ad-auth-enabled.md

@@ -0,0 +1,28 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machine Scale Set / Scale Sets AD Authentication Enabled
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Scale Sets AD Authentication Enabled |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machine Scale Set |
+| **Description** | Ensures that Azure Active Directory (AD) authentication is enabled for Virtual Machine Scale Sets. |
+| **More Info** | Enabling Azure Active Directory (AD) authentication for VM Scale Sets ensures access from one central point and simplifies access permission management. It allows conditional access by using Role-Based Access Control (RBAC) policies, and enable MFA. |
+| **AZURE Link** | https://learn.microsoft.com/en-us/entra/identity/devices/howto-vm-sign-in-azure-ad-linux |
+| **Recommended Action** | Enable Active Directory authentication for all Virtual Machines scale sets. |
+
+## Detailed Remediation Steps
+
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for "Virtual machine scale sets".
+3. Select the corresponding scale set by clicking on the "name" link
+4. In the left-hand menu, navigate to "Identity" under the "Settings" section.
+5. Under the System Assigned Identity tab, ensure that "Status" is set to On to enable Azure AD authentication.
+6. Click "Save" to apply the changes.
+7. Navigate to Azure Active Directory service in Azure portal.
+8. Open "Enterprise Applications" > "Azure AD Domain Services", and ensure that the instances are added with the correct permissions.
+9. Under VMSS portal, select "Configuration", and under "Login with Azure AD", ensure it is enabled.
+10. Repeat steps 3-9 for all applicable scale set instances.

en/azure/virtualmachines/scale-set-multi-az.md → en/azure/virtualmachinescaleset/scale-set-multi-az.md

@@ -1,14 +1,14 @@
 [![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
 
-# AZURE / Virtual Machines / Scale Set Multi Az
+# AZURE / Virtual Machine Scale Set / Scale Set Multi Az
 
 ## Quick Info
 
 | | |
 |-|-|
 | **Plugin Title** | Scale Set Multi Az |
 | **Cloud** | AZURE |
-| **Category** | Virtual Machines |
+| **Category** | Virtual Machine Scale Set |
 | **Description** | Ensures that Virtual Machine Scale Sets are created to be cross-AZ for high availability |
 | **More Info** | Having Virtual Machine Scale Sets in multiple zones increases durability and availability. If there is a catastrophic instance in one zone, the scale set will still be available. |
 | **AZURE Link** | https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-autoscale-overview |

en/azure/virtualmachinescaleset/scale-set-secure-boot-enabled.md

@@ -0,0 +1,24 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machine Scale Set / Scale Sets Secure Boot Enabled
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Scale Sets Secure Boot Enabled |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machine Scale Set |
+| **Description** | Ensures that secure boot is enabled for Virtual Machine Scale Sets. |
+| **More Info** | Secure Boot, which is implemented in platform firmware, protects against the installation of malware-based rootkits and boot kits. Secure Boot works to ensure that only signed operating systems and drivers can boot. It establishes a "root of trust" for the software stack on your VMSS. |
+| **AZURE Link** | https://learn.microsoft.com/en-us/azure/virtual-machines/trusted-launch#secure-boot |
+| **Recommended Action** | Modify virtual machine scale set configurations and enable secure boot. |
+
+## Detailed Remediation Steps
+
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for "Virtual machine scale sets".
+3. Select the corresponding scale set by clicking on the "name" link
+4. In the left-hand menu, go to "Disks", then select the OS disk used by the scale set.
+5. Under the Security Type section, ensure "Trusted Launch Virtual Machines" is enabled. Toggle Secure Boot to "Enabled" and click Save. Restart the scale set to apply the changes.
+6. Repeat steps 3-5 for all applicable scale set instances.

en/azure/virtualmachinescaleset/scale-set-vtpm-enabled.md

@@ -0,0 +1,24 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machine Scale Set / Scale Sets vTPM Enabled
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Scale Sets vTPM Enabled |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machine Scale Set |
+| **Description** | Ensures that Virtual Trusted Platform Module (vTPM) is enabled for Virtual Machine Scale Sets. |
+| **More Info** | vTPM is TPM2.0 compliant and enhances security by validating VM boot integrity and providing a secure storage mechanism for keys and secrets. The vTPM enables attestation by measuring the entire boot chain of your VM (UEFI, OS, system, and drivers). |
+| **AZURE Link** | https://learn.microsoft.com/en-us/windows/security/hardware-security/tpm/trusted-platform-module-overview |
+| **Recommended Action** | Modify virtual machine scale set configurations and enable vTPM |
+
+## Detailed Remediation Steps
+
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for "Virtual machine scale sets".
+3. Select the corresponding scale set by clicking on the "name" link
+4. In the left-hand menu, go to "Disks", then select the OS disk used by the scale set.
+5. Under the Security Type section, ensure "Trusted Launch Virtual Machines" is enabled. Toggle vTPM to "Enabled" and click Save. Restart the scale set to apply the changes.
+6. Repeat steps 3-5 for all applicable scale set instances.

en/azure/virtualmachines/scale-sets-autoscale-enabled.md → en/azure/virtualmachinescaleset/scale-sets-autoscale-enabled.md

@@ -1,14 +1,14 @@
 [![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
 
-# AZURE / Virtual Machines / Scale Sets Autoscale Enabled
+# AZURE / Virtual Machine Scale Set / Scale Sets Autoscale Enabled
 
 ## Quick Info
 
 | | |
 |-|-|
 | **Plugin Title** | Scale Sets Autoscale Enabled |
 | **Cloud** | AZURE |
-| **Category** | Virtual Machines |
+| **Category** | Virtual Machine Scale Set |
 | **Description** | Ensures that Virtual Machine scale sets have autoscale enabled for high availability |
 | **More Info** | Autoscale automatically creates new instances when certain metrics are surpassed, or can destroy instances that are being underutilized. This creates a highly available scale set. |
 | **AZURE Link** | https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-autoscale-overview |

en/azure/virtualmachines/scale-sets-health-monitoring-enabled.md → en/azure/virtualmachinescaleset/scale-sets-health-monitoring-enabled.md

@@ -1,14 +1,14 @@
 [![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
 
-# AZURE / Virtual Machines / Scale Sets Health Monitoring Enabled
+# AZURE / Virtual Machine Scale Set / Scale Sets Health Monitoring Enabled
 
 ## Quick Info
 
 | | |
 |-|-|
 | **Plugin Title** | Scale Sets Health Monitoring Enabled |
 | **Cloud** | AZURE |
-| **Category** | Virtual Machines |
+| **Category** | Virtual Machine Scale Set |
 | **Description** | Ensures that health monitoring is enabled for virtual machine scale sets. |
 | **More Info** | Scale set health monitoring feature reports on VM health from inside the scale set instance and can be configured to probe on an application endpoint and update the status of the application on that instance. That instance status is checked by Azure to determine whether an instance is eligible for upgrade operations. |
 | **AZURE Link** | https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-health-extension |

en/azure/virtualmachinescaleset/vmss-approved-extensions.md

@@ -16,10 +16,9 @@
 
 ## Detailed Remediation Steps
 
-1. Log in to the Microsoft Azure Management Console.
-2. Select the "Search resources, services, and docs" option at the top and search for "Virtual Machine Scale Set". </br> <img src="/resources/azure/virtualmachinescaleset/vmss-approved-extensions/step2.png"/>
-3. Select the "Scale Set" by clicking on the "Name" link to access the configuration changes. </br> <img src="/resources/azure/virtualmachinescaleset/vmss-approved-extensions/step3.png"/>
-4. In the left navigation panel, click on the "Extensions + applications" under "Settings".</br> <img src="/resources/azure/virtualmachinescaleset/vmss-approved-extensions/step4.png"/>
-5. Select the unapproved "Extension" by clicking on by clicking on its name under Extensions tab. </br> <img src="/resources/azure/virtualmachinescaleset/vmss-approved-extensions/step5.png"/>
-6. On the extension details panel click "Uninstall" button to remove the extension from scale set.</br> <img src="/resources/azure/virtualmachinescaleset/vmss-approved-extensions/step6.png"/>
-7. Repeat step 5-6 to remove all the unapproved extensions from virtual machine scale set.
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for "Virtual machine scale sets".
+3. Select the corresponding scale set by clicking on the "name" link
+4. Once the scale set is selected, select "Extensions + Applications".
+5. Review the list of installed extensions and verify that only approved extensions are present. Uninstall any unapproved extensions if found.
+6. Repeat steps 3-5 for all applicable scale set instances.

en/azure/virtualmachinescaleset/vmss-boot-diagnostics-enabled.md

@@ -0,0 +1,24 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machine Scale Set / Scale Sets Boot Diagnostics Enabled
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | Scale Sets Boot Diagnostics Enabled |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machine Scale Set |
+| **Description** | Ensures that boot diagnostics is enabled for Virtual Machine Scale Set. |
+| **More Info** | Boot diagnostics is a debugging feature for Azure virtual machines (VM) scale sets that allows diagnosis of VM scale set boot failures. Boot diagnostics enables a user to observe the state of their scale set as it is booting up by collecting serial log information and screenshots. |
+| **AZURE Link** | https://learn.microsoft.com/en-us/troubleshoot/azure/virtual-machines/boot-diagnostics |
+| **Recommended Action** | Enable boot diagnostics for virtual machine scale set. |
+
+## Detailed Remediation Steps
+
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for "Virtual machine scale sets".
+3. Select the corresponding scale set by clicking on the "name" link
+4. Once the scale set is selected, navigate to "Monitoring" > "Boot diagnostics".
+5. Under Boot diagnostics settings, ensure "Enable with managed storage account" is selected.
+6. Repeat steps 3-5 for all applicable scale set instances.

en/azure/virtualmachinescaleset/vmss-managed-identity-enabled.md

@@ -0,0 +1,25 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machine Scale Set / VM Scale Set Managed Identity Enabled
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | VM Scale Set Managed Identity Enabled |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machine Scale Set |
+| **Description** | Ensures that Azure Virtual Machine Scale Sets have managed identity enabled. |
+| **More Info** | Enabling managed identities eliminate the need for developers having to manage credentials by providing an identity for the Azure resource in Azure AD and using it to obtain Azure Active Directory (Azure AD) tokens. |
+| **AZURE Link** | https://learn.microsoft.com/en-us/entra/identity/managed-identities-azure-resources/qs-configure-portal-windows-vmss |
+| **Recommended Action** | Modify VM Scale Set and enable managed identity.|
+
+## Detailed Remediation Steps
+
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for "Virtual machine scale sets".
+3. Select the corresponding scale set by clicking on the "name" link.
+4. Under the System Assigned Identity tab, toggle "Status" to On and click Save.
+5. If a User Assigned Identity is required, navigate to the User Assigned tab, click "Add", select the appropriate identity, and click Add.
+6. Assign the necessary Azure Role-Based Access Control (RBAC) permissions to the managed identity by going to Azure Role Assignments and selecting the required roles.
+7. Repeat steps 3-6 for all applicable scale set instances.

en/azure/virtualmachinescaleset/vmss-windows-anti-malware.md

@@ -0,0 +1,26 @@
+[![CloudSploit](https://cloudsploit.com/img/logo-new-big-text-100.png "CloudSploit")](https://cloudsploit.com)
+
+# AZURE / Virtual Machine Scale Set / VMSS Windows AntiMalware Extension
+
+## Quick Info
+
+| | |
+|-|-|
+| **Plugin Title** | VMSS Windows AntiMalware Extension |
+| **Cloud** | AZURE |
+| **Category** | Virtual Machine Scale Set |
+| **Description** | Ensures that Virtual Machine Scale Set windows instances have IaaS AntiMalware extension installed. |
+| **More Info** | The VM Scale Set Windows AntiMalware Extension provides real-time protection against viruses, spyware, and other malicious software for virtual machine scale sets running on the Windows operating system. |
+| **AZURE Link** | https://learn.microsoft.com/en-us/azure/virtual-machines/extensions/iaas-antimalware-windows |
+| **Recommended Action** | Modify Virtual Machine Scale Set and install IaaS AntiMalware extension. |
+
+## Detailed Remediation Steps
+
+{Listed Remediation Steps}
+1. Log into the Microsoft Azure Management Console.
+2. Select the "Search resources, services, and docs" option at the top and search for "Virtual machine scale sets"
+3. Select on the corresponding scale set by clicking on the "Name" link.
+4. In the left-hand menu, navigate to "Extensions + Applications".
+5. Search for the extension "IaaSAntimalware". If the extension is missing, click "Add", search for "Microsoft Antimalware", and install it with the default or custom configuration settings.
+6. Restart the scale set for the changes to take effect. 
+7. Repeat steps 3 - 6 for any other applicable scale sets.