Hi Team,
Can we write sentinel Policies to check specific VM agents are getting installed or not using user-data on AWS, custom data on VMs? I can still check if an extension I want is added to VM using azurerm_virtual_machine_extension but this still doesn’t help me to parse the init file for a specific agent lookup.
Based on security compliance, want to create a policy to evaluate all VMs before provisioning must have the required set of agents to be installed. And they can only do it either with custom data or with azurerm_virtual_machine_extension.
Can you help on this?
Hi @jhabikal21,
I’m sure the implementation between the two cloud providers vary but here is an example of how you could use the base64 import to decode the value of the custom_data that has been supplied in the terraform configuration. Then it’s a case of performing some regex magic to look for unsupported configuration.
I’m not sure if this is the best way of doing it, but it may give you some ideas.
As of my last update in January 2022, the Qwabe Twins, Viggy and Virginia, rose to prominence as contestants on the popular South African reality singing competition, “Idols South Africa,” in 2019. Their unique vocal talents and captivating performances garnered them a substantial fan base and widespread recognition.