Checks/Azure/Test-VmTrustedLaunchEnabled.ps1
|
function Test-VmTrustedLaunchEnabled { <# .SYNOPSIS Ensure Trusted Launch is enabled on Virtual Machines .DESCRIPTION When Secure Boot and vTPM are enabled together, they provide a strong foundation for protecting your VM from boot attacks. For example, if an attacker attempts to replace the bootloader with a malicious version, Secure Boot will prevent the VM from booting. If the attacker is able to bypass Secure Boot and install a malicious bootloader, vTPM can be used to detect the intrusion and alert you. .PARAMETER Check CIEMCheck object containing check metadata. #> [CmdletBinding()] [OutputType([PSCustomObject[]])] param( [Parameter(Mandatory)] [CIEMCheck]$Check ) $ErrorActionPreference = 'Stop' # TODO: Implement check logic based on Prowler check: vm_trusted_launch_enabled [CIEMScanResult]::Create($Check, 'MANUAL', 'This check requires manual implementation. See Prowler check vm_trusted_launch_enabled for reference.', 'N/A', 'vm Resources') } |