Can we write sentinel Policies to check specific VM agents are getting installed or not using user-data on AWS, custom data on VMs? I can still check if an extension I want is added to VM using azurerm_virtual_machine_extension but this still doesn’t help me to parse the init file for a specific agent lookup.
Based on security compliance, want to create a policy to evaluate all VMs before provisioning must have the required set of agents to be installed. And they can only do it either with custom data or with azurerm_virtual_machine_extension.
Can you help on this?