Remediation
From Azure Portalβ
- Go to
Virtual machines. - For each virtual machine, go to
Settings. - Click on
Extensions + applications. - If there are unapproved extensions, uninstall them.
From Azure CLIβ
From the audit command identify the unapproved extensions, and use the below CLI command to remove an unapproved extension attached to VM:
az vm extension delete --resource-group <resourceGroupName> --vm-name <vmName> --name <extensionName>
From PowerShellβ
For each VM and each insecure extension from the Audit Procedure run the following command:
Remove-AzVMExtension -ResourceGroupName <ResourceGroupName> -Name <ExtensionName> -VMName <VirtualMachineName>