Azure > Virtual Machines >

Compute Gallery RBAC Sharing

MEDIUM

Source

CloudSploit

ID

compute-gallery-rbac-sharing

management console

Ensures that the Azure Compute Gallery machine images are shared using RBAC only.

Images, definitions, and versions in Azure Compute Gallery can be shared using the built-in Azure Roles-based Access Control (RBAC) roles. Compute Galleries shared directly with subscription, tenant or community expose the resource to increased vulnerability. Directly shared galleries cannot contain encrypted image versions.

Recommended Actions

Ensure that all Azure Compute Galleries are using RBAC only.

Links

https://learn.microsoft.com/en-us/azure/virtual-machines/shared-image-galleries?tabs=azure-cli#sharing

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.

Copyright © 2024 Aqua Security Software Ltd. Privacy Policy | Terms of Use