Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Failed check for "NSG must be configured for Virtual Machine" caused by "OffByPolicy" #459

Closed
humblejay opened this issue Jul 12, 2024 · 2 comments

Comments

@humblejay
Copy link

The confidential VM which triggers this failed check has NSG associated with both the NIC and the subnet, the scanning tool is showing following error.

{"Message": "Validated control status through MDC assessment", "SecurityAssessmentStatus": {"ResourceName": "vm-cvm5066", "StatusMessage": {
  "code": "NotApplicable",
  "cause": "OffByPolicy",
  "description": "The recommendation is disabled in policy"
}  } }
Disabling or exempting the policy from getting evaluated is not recommended. The Control will be marked as Failed.

Also there is no such policy assigned to the VM itself, which is odd.

@vaishnavipulluri
Copy link
Contributor

Hello @humblejay, Can you please reach out to us on azsksup@microsoft.com with resource specific details?

@vaishnavipulluri
Copy link
Contributor

@humblejay, Closing this issue as we did not hear back. Please reach out to the above mentioned email with resource specific details if you still facing the issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants