具有CIS和PCI DSS标准的Azure自定义映像CentOS [英] Azure custom image CentOS with CIS and PCI DSS standards
问题描述
我正在尝试使用CIS和PCI-DSS强化针对centos 7+的自定义Centos映像,我们在Azure平台上是否有简单的解决方案?
I am trying to build custom Centos image with CIS and PCI-DSS hardening for centos 7+, Do we have easy solutions on Azure platform?
我正在使用最新的CIS ansible手册,但没有看到有关Azure的用例说明如何使用强化标准来构建自定义映像,将映像通用化为Linux OS(centos)
I am using latest CIS ansible playbook, but dont see a use case explained for Azure on how to build a custom image with hardening standards, generalize the image for Linux OS ( centos )
如果遇到用例,您可以分享吗?
Could you share if you have come across the use case??
第二,我也希望在Hyper-V上构建图像并将其用于 对于Linux,任何用例都相同.在这种方法中,还必须实现CIS和PCI-DSS加固
Second, I am looking to build the image on Hyper-V as well and use that in for Linux, any use cases for the same. In this method also achieving CIS and PCI-DSS hardening is mandate
推荐答案
该过程应该与在Azure中创建任何其他映像没有什么不同.
The process should should be no different than creating any other image in Azure.
从市场创建VM.根据您的情况,选择一个CentOS 7+版本.
Create an VM from the Marketplace. In your case, pick a CentOS 7+ version.
我们实际上已经有一些强化图像了
We actually have a few hardened images already
在操作系统中进行正确的配置后,您可以捕获用于创建其他VM的VM映像
Once you have the correct configurations in the OS you can capture an image of the VM to be used to create additional VMs
Then you have two options to run this in Hyper-V.
1)从Azure下载VHD,并在Hyper-V环境中启动它
1) Download the VHD from Azure and spin it up in a Hyper-V enviorment
2)您可以在hyper-v中构建VM,然后将VHD上载到Azure以供使用,而不是在Azure中启动
2) Rather than start in Azure, you can build a VM in hyper-v and then upload the VHD to Azure to use
https://docs.microsoft.com/zh-CN /azure/virtual-machines/linux/create-upload-centos
https://docs.microsoft.com/zh-CN /azure/virtual-machines/linux/create-upload-generic
这篇关于具有CIS和PCI DSS标准的Azure自定义映像CentOS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!