Closed git4rk closed 1 year ago
There is a lot of 2nd order ignorance about this. Some unknowns include:
I do not advise attempting to achieve CIS benchmark compliance before MVP, but we can certainly prioritize it in the backlog.
I tried to use CIS Red Hat Enterprise Linux 8 Benchmark L1 in tWAS Base image but the CI/CD failed with this error:
The specified platform image is not supported for creating a Virtual Machine with unmanaged disks. Please refer to the disallowed VM disk types at https://docs.microsoft.com/en-us/rest/api/compute/virtualmachineimages/get#vmdisktypes.
@majguo When you get a chance, can you please let me know how to resolve this.
@majguo When you get a chance, can you please let me know how to resolve this.
@git4rk I'll investigate it in this sprint. Cc @edburns.
@git4rk Today I made progress by successfully deploying a VM using CIS Red Hat Enterprise Linux 8 Benchmark L1 with managed disks. I'll continue working on the CICD pipeline as I assume CIS Red Hat Enterprise Linux 8 Benchmark L1 is required for VM image. Let me know if anything is changed.
Cc @edburns.
https://github.com/WASdev/azure.websphere-traditional.image/issues/64 addressed this issue.
@majguo @edburns What will it take to make the image CIS benchmark compliant: https://www.cisecurity.org/cis-benchmarks/cis-benchmarks-faq/ ?