Skip to content

Automatic OS image patching is disabled for Virtual Machine scale sets

Description

This policy enforces enabling automatic OS image patching on Virtual Machine Scale Sets to always keep Virtual Machines secure by safely applying latest security patches every month.

Fix - Buildtime

Terraform

  • Resource: azurerm_virtual_machine_scale_set
  • Argument: automatic_os_upgrade
resource "azurerm_virtual_machine_scale_set" "example" {
          ...
 +        automatic_os_upgrade = true
          ...
        }