Skip to content

Commit 8c18f9f

Browse files
alphadev4alphadev4
authored
Merge pull request #1953 from muzzamilinovaqo/feature/plugin-azure-vmss-win-antimalware-ext
azure vmss windows antimalware ext installed
2 parents bfee853 + f2d9291 commit 8c18f9f

File tree

3 files changed

+210
-0
lines changed

3 files changed

+210
-0
lines changed

exports.js

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1110,6 +1110,7 @@ module.exports = {
11101110
'vmssApprovedExtensions' : require(__dirname + '/plugins/azure/virtualmachinescaleset/vmssApprovedExtensions'),
11111111
'healthMonitoringExtensionHttps': require(__dirname + '/plugins/azure/virtualmachinescaleset/healthMonitoringExtensionHttps.js'),
11121112
'vmssBootDiagnosticsEnabled' : require(__dirname + '/plugins/azure/virtualmachinescaleset/vmssBootDiagnosticsEnabled'),
1113+
'vmssWindowsAntiMalwareExt' : require(__dirname + '/plugins/azure/virtualmachinescaleset/vmssWindowsAntiMalwareExt'),
11131114

11141115
'appConfigManagedIdentity' : require(__dirname + '/plugins/azure/appConfigurations/appConfigManagedIdentity.js'),
11151116
'appConfigurationDiagnosticLogs': require(__dirname + '/plugins/azure/appConfigurations/appConfigurationDiagnosticLogs.js'),

plugins/azure/virtualmachinescaleset/vmssWindowsAntiMalwareExt.js

Lines changed: 68 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,68 @@
1+
var async = require('async');
2+
3+
var helpers = require('../../../helpers/azure/');
4+
5+
module.exports = {
6+
title: 'VMSS Windows AntiMalware Extension',
7+
category: 'Virtual Machine Scale Set',
8+
domain: 'Compute',
9+
severity: 'Medium',
10+
description: 'Ensures that Virtual Machine Scale Set windows instances have IaaS AntiMalware extension installed',
11+
more_info: 'The VM Scale Set Windows AntiMalware Extension provides real-time protection against viruses, spyware, and other malicious software for virtual machine scale sets running on the Windows operating system.',
12+
recommended_action: 'Modify Virtual Machine Scale Set and install IaaS AntiMalware extension.',
13+
link: 'https://learn.microsoft.com/en-us/azure/virtual-machines/extensions/iaas-antimalware-windows',
14+
apis: ['virtualMachineScaleSets:listAll'],
15+
realtime_triggers: ['microsoftcompute:virtualmachinescalesets:write', 'microsoftcompute:virtualmachinescalesets:delete', 'microsoftcompute:virtualmachinescalesets:extensions:write', 'microsoftcompute:virtualmachinescalesets:extensions:delete'],
16+
17+
run: function(cache, settings, callback) {
18+
var results = [];
19+
var source = {};
20+
var locations = helpers.locations(settings.govcloud);
21+
22+
async.each(locations.virtualMachineScaleSets, function(location, rcb) {
23+
var virtualMachineScaleSets = helpers.addSource(cache, source,
24+
['virtualMachineScaleSets', 'listAll', location]);
25+
26+
if (!virtualMachineScaleSets) return rcb();
27+
28+
if (virtualMachineScaleSets.err || !virtualMachineScaleSets.data) {
29+
helpers.addResult(results, 3, 'Unable to query for Virtual Machine Scale Sets: ' + helpers.addError(virtualMachineScaleSets), location);
30+
return rcb();
31+
}
32+
33+
if (!virtualMachineScaleSets.data.length) {
34+
helpers.addResult(results, 0, 'No existing Virtual Machine Scale Sets found', location);
35+
return rcb();
36+
}
37+
38+
for (let scaleSet of virtualMachineScaleSets.data) {
39+
if (!scaleSet.id ||
40+
(scaleSet.virtualMachineProfile &&
41+
scaleSet.virtualMachineProfile.storageProfile &&
42+
scaleSet.virtualMachineProfile.storageProfile.osDisk &&
43+
scaleSet.virtualMachineProfile.storageProfile.osDisk.osType &&
44+
scaleSet.virtualMachineProfile.storageProfile.osDisk.osType.toLowerCase() != 'windows')) continue;
45+
46+
const scaleSetExtensions = scaleSet.virtualMachineProfile &&
47+
scaleSet.virtualMachineProfile.extensionProfile &&
48+
scaleSet.virtualMachineProfile.extensionProfile.extensions ?
49+
scaleSet.virtualMachineProfile.extensionProfile.extensions : [];
50+
51+
if (!scaleSetExtensions.length) {
52+
helpers.addResult(results, 2, 'No VMSS Extensions found', location, scaleSet.id);
53+
} else {
54+
let found = scaleSetExtensions.find(vmExt => vmExt.name && vmExt.name.toLowerCase() === 'iaasantimalware');
55+
if (found) {
56+
helpers.addResult(results, 0, 'Windows Virtual Machine Scale Set has IaaS Antimalware extension installed', location, scaleSet.id);
57+
} else {
58+
helpers.addResult(results, 2, 'Windows Virtual Machine Scale Set does not have IaaS Antimalware extension installed', location, scaleSet.id);
59+
}
60+
}
61+
}
62+
63+
rcb();
64+
}, function() {
65+
callback(null, results, source);
66+
});
67+
}
68+
};

plugins/azure/virtualmachinescaleset/vmssWindowsAntiMalwareExt.spec.js

Lines changed: 141 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,141 @@
1+
var expect = require('chai').expect;
2+
var vmssWindowsAntiMalwareExt = require('./vmssWindowsAntiMalwareExt');
3+
4+
const virtualMachineScaleSets = [
5+
{
6+
'name': 'test-vmss',
7+
'id': '/subscriptions/123/resourceGroups/test-rg/providers/Microsoft.Compute/virtualMachineScaleSets/test-vmss',
8+
'type': 'Microsoft.Compute/virtualMachineScaleSets',
9+
'virtualMachineProfile': {
10+
"storageProfile": {
11+
"osDisk": {
12+
"osType": "windows",
13+
},
14+
},
15+
'extensionProfile': {
16+
'extensions': [
17+
{
18+
'name': 'iaasantimalware',
19+
'properties': {
20+
'autoUpgradeMinorVersion': false,
21+
'publisher': 'Microsoft.ManagedServices',
22+
'type': 'AADSSHLoginForLinux',
23+
'typeHandlerVersion': '1.0',
24+
}
25+
}
26+
]
27+
}
28+
}
29+
},
30+
{
31+
'name': 'test-vmss',
32+
'id': '/subscriptions/123/resourceGroups/test-rg/providers/Microsoft.Compute/virtualMachineScaleSets/test-vmss',
33+
'type': 'Microsoft.Compute/virtualMachineScaleSets',
34+
'virtualMachineProfile': {
35+
"storageProfile": {
36+
"osDisk": {
37+
"osType": "windows",
38+
},
39+
},
40+
'extensionProfile': {
41+
'extensions': [
42+
{
43+
'name': 'AADLoginForWindows',
44+
'properties': {
45+
'autoUpgradeMinorVersion': false,
46+
'publisher': 'Microsoft.ManagedServices',
47+
'type': 'AADLoginForWindows',
48+
'typeHandlerVersion': '1.0',
49+
}
50+
}
51+
]
52+
}
53+
}
54+
},
55+
{
56+
'name': 'test-vmss',
57+
'id': '/subscriptions/123/resourceGroups/test-rg/providers/Microsoft.Compute/virtualMachineScaleSets/test-vmss',
58+
'type': 'Microsoft.Compute/virtualMachineScaleSets',
59+
'virtualMachineProfile': {
60+
"storageProfile": {
61+
"osDisk": {
62+
"osType": "windows",
63+
},
64+
},
65+
'extensionProfile': {
66+
'extensions': []
67+
}
68+
}
69+
}
70+
];
71+
72+
const createCache = (virtualMachineScaleSets) => {
73+
let machine = {};
74+
if (virtualMachineScaleSets) {
75+
machine['data'] = virtualMachineScaleSets;
76+
}
77+
return {
78+
virtualMachineScaleSets: {
79+
listAll: {
80+
'eastus': machine
81+
}
82+
}
83+
};
84+
};
85+
86+
describe('vmssWindowsAntiMalwareExt', function() {
87+
describe('run', function() {
88+
it('should give passing result if no virtual machine scale sets', function(done) {
89+
const cache = createCache([]);
90+
vmssWindowsAntiMalwareExt.run(cache, {}, (err, results) => {
91+
expect(results.length).to.equal(1);
92+
expect(results[0].status).to.equal(0);
93+
expect(results[0].message).to.include('No existing Virtual Machine Scale Sets found');
94+
expect(results[0].region).to.equal('eastus');
95+
done();
96+
});
97+
});
98+
99+
it('should give unknown result if unable to query for virtual machine scale sets', function(done) {
100+
const cache = createCache();
101+
vmssWindowsAntiMalwareExt.run(cache, {}, (err, results) => {
102+
expect(results.length).to.equal(1);
103+
expect(results[0].status).to.equal(3);
104+
expect(results[0].message).to.include('Unable to query for Virtual Machine Scale Sets');
105+
expect(results[0].region).to.equal('eastus');
106+
done();
107+
});
108+
});
109+
110+
it('should give passing result if windows Virtual Machine Scale Set has anti malware extension installed', function(done) {
111+
const cache = createCache([virtualMachineScaleSets[0]]);
112+
vmssWindowsAntiMalwareExt.run(cache, {}, (err, results) => {
113+
expect(results.length).to.equal(1);
114+
expect(results[0].status).to.equal(0);
115+
expect(results[0].message).to.include('Windows Virtual Machine Scale Set has IaaS Antimalware extension installed');
116+
expect(results[0].region).to.equal('eastus');
117+
done();
118+
});
119+
});
120+
it('should give failing result if Virtual Machine Scale Set does not have anti malware extension installed', function(done) {
121+
const cache = createCache([virtualMachineScaleSets[1]]);
122+
vmssWindowsAntiMalwareExt.run(cache, {}, (err, results) => {
123+
expect(results.length).to.equal(1);
124+
expect(results[0].status).to.equal(2);
125+
expect(results[0].message).to.include('Windows Virtual Machine Scale Set does not have IaaS Antimalware extension installed');
126+
expect(results[0].region).to.equal('eastus');
127+
done();
128+
});
129+
});
130+
it('should give failing result if no extensions installed', function(done) {
131+
const cache = createCache([virtualMachineScaleSets[2]]);
132+
vmssWindowsAntiMalwareExt.run(cache, {}, (err, results) => {
133+
expect(results.length).to.equal(1);
134+
expect(results[0].status).to.equal(2);
135+
expect(results[0].message).to.include('No VMSS Extensions found');
136+
expect(results[0].region).to.equal('eastus');
137+
done();
138+
});
139+
});
140+
});
141+
});

0 commit comments

Comments
 (0)