-
Notifications
You must be signed in to change notification settings - Fork 329
/
Copy pathazure_arc_checklist.zh-Hant.json
530 lines (530 loc) · 25.9 KB
/
azure_arc_checklist.zh-Hant.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
{
"categories": [
{
"name": "基礎"
},
{
"name": "身份"
},
{
"name": "聯網"
},
{
"name": "安全性、治理和合規性"
},
{
"name": "管理和監控"
}
],
"items": [
{
"category": "基礎",
"description": "定義用於放置已啟用 Azure Arc 的伺服器資源的資源組結構",
"guid": "585e1112-9bd7-4ba0-82f7-b94ef6e043d2",
"severity": "高",
"subcategory": "容量規劃",
"text": "將伺服器載入 Azure 需要一個或多個資源組",
"waf": "操作"
},
{
"category": "基礎",
"guid": "aa359271-8e6e-4205-8725-769e46691e88",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/prerequisites#azure-subscription-and-service-limits",
"severity": "中等",
"subcategory": "容量規劃",
"text": "考慮 Azure Active Directory 物件限制",
"waf": "性能"
},
{
"category": "基礎",
"description": "需要註冊以下資源提供程式:Microsoft.HybridCompute、Microsoft.GuestConfiguration、Microsoft.HybridConnectivity",
"guid": "deace4bb-1deb-44c6-9fc3-fc14eeaa3692",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/prerequisites#azure-resource-providers",
"severity": "高",
"subcategory": "常規",
"text": "是否已在所有訂閱中註冊所需的資源提供程式",
"waf": "操作"
},
{
"category": "基礎",
"description": "建議與現有 Azure 標記策略保持一致或創建 Azure 標記策略。資源標籤允許您快速找到它,自動執行操作任務等。",
"guid": "c6d37331-65c7-4acb-b44b-be609d79f2e8",
"link": "https://learn.microsoft.com/azure/cloud-adoption-framework/decision-guides/resource-tagging/",
"severity": "低",
"subcategory": "常規",
"text": "是否為已啟用 Azure Arc 的伺服器定義了標記策略",
"waf": "成本"
},
{
"category": "基礎",
"description": "大多數較新的 Windows 和 Linux 作業系統都支援安裝連接的電腦代理,請查看連結以獲取最新清單",
"guid": "7778424c-5167-475c-9fa9-5b96ad88408e",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/prerequisites#supported-operating-systems",
"severity": "高",
"subcategory": "常規",
"text": "哪些操作系統需要啟用 Azure Arc",
"waf": "操作"
},
{
"category": "基礎",
"description": "代理安裝有軟體要求。有些產品在安裝後可能需要重新啟動系統,請查看連結",
"guid": "372734b8-76ba-428f-8145-901365d38e53",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/prerequisites#software-requirements",
"severity": "高",
"subcategory": "常規",
"text": "需要在 Windows 和 Linux 伺服器上安裝軟體以支援安裝",
"waf": "操作"
},
{
"category": "基礎",
"guid": "d44c7c89-19ca-41f6-b521-5ae514ba34d4",
"link": "https://azure.microsoft.com/explore/global-infrastructure/products-by-region/?products=azure-arc®ions=all",
"severity": "高",
"subcategory": "常規",
"text": "請確保使用受支援的 Azure 區域",
"waf": "可靠性"
},
{
"category": "基礎",
"description": "範圍包括組織到管理組、訂閱和資源組中。",
"guid": "f9ccbd86-8266-4abc-a264-f9a19bf39d95",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/organize-inventory-servers#organize-resources-with-built-in-azure-hierarchies",
"severity": "低",
"subcategory": "組織",
"text": "定義 Azure 資源管理的結構",
"waf": "性能"
},
{
"category": "身份",
"description": "根據伺服器管理的需要為伺服器/資源組定義 RBAC 規則,“Azure Connected Machine Resource Administrator”或“Hybrid Server Resource Administrator”角色足以管理 Azure 中已啟用 Azure Arc 的伺服器資源",
"guid": "9bf39d95-d44c-47c8-a19c-a1f6d5215ae5",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/security-overview#identity-and-access-control",
"severity": "中等",
"subcategory": "訪問",
"text": "將 RBAC 許可權分配給 Azure AD 使用者/組訪問許可權,以管理已啟用 Azure Arc 的伺服器",
"waf": "安全"
},
{
"category": "身份",
"guid": "14ba34d4-585e-4111-89bd-7ba012f7b94e",
"link": "https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-nonaad",
"severity": "低",
"subcategory": "訪問",
"text": "考慮使用託管標識讓應用程式訪問 Azure 資源,例如連結中的 Key Vault 示例",
"waf": "安全"
},
{
"category": "身份",
"description": "Azure 訂閱必須以同一 Azure AD 租戶為父級",
"guid": "35ac9322-23e1-4380-8523-081a94174158",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/prerequisites#azure-subscription-and-service-limits",
"severity": "高",
"subcategory": "要求",
"text": "Azure Active Directory 租戶必須至少有一個訂閱可用",
"waf": "操作"
},
{
"category": "身份",
"description": "使用者(或SP)需要「Azure Connected Machine Onboarding」或「Contributor」角色才能載入伺服器",
"guid": "33ee7ad6-c6d3-4733-865c-7acbe44bbe60",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/prerequisites#required-permissions",
"severity": "中等",
"subcategory": "要求",
"text": "定義哪些使用者 (AAD 使用者/組) 有權訪問已啟用 Azure Arc 的載入伺服器",
"waf": "安全"
},
{
"category": "身份",
"description": "確保僅向執行其角色所需的使用者或組添加許可權",
"guid": "9d79f2e8-7778-4424-a516-775c6fa95b96",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/onboard-service-principal#create-a-service-principal-for-onboarding-at-scale",
"severity": "中等",
"subcategory": "安全",
"text": "使用最低許可權原則",
"waf": "安全"
},
{
"category": "身份",
"description": "大規模載入伺服器需要具有“Azure Connected Machine Onboarding”角色的服務原則,如果載入由不同的團隊/分散式管理完成,請考慮更多 SP",
"guid": "ad88408e-3727-434b-a76b-a28f21459013",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/onboard-service-principal#create-a-service-principal-for-onboarding-at-scale",
"severity": "中等",
"subcategory": "安全",
"text": "將已啟用 Arc 的伺服器載入 Azure 需要多少個服務主體",
"waf": "安全"
},
{
"category": "身份",
"description": "請考慮在資源組級別分配「Azure Connected Machine Onboarding」角色的許可權,以控制資源創建",
"guid": "65d38e53-f9cc-4bd8-9826-6abca264f9a1",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/prerequisites#required-permissions",
"severity": "中等",
"subcategory": "安全",
"text": "將已啟用 Azure Arc 的伺服器加入所需資源組的許可權",
"waf": "安全"
},
{
"category": "管理和監控",
"description": "大規模規劃代理部署",
"guid": "6ee79d6b-5c2a-4364-a4b6-9bad38aad53c",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/plan-at-scale-deployment",
"severity": "中等",
"subcategory": "管理",
"text": "定義代理預置策略",
"waf": "操作"
},
{
"category": "管理和監控",
"description": "使用 Microsoft Update 確保連接的電腦代理始終是最新的",
"guid": "c78e1d76-6673-457c-9496-74c5ed85b859",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/manage-agent#upgrade-the-agent",
"severity": "高",
"subcategory": "管理",
"text": "定義代理更新策略",
"waf": "操作"
},
{
"category": "管理和監控",
"description": "建議使用 Azure Policy 或其他自動化工具(如 Azure DevOps)- 重要的是避免配置偏差。",
"guid": "c7733be2-a1a2-47b7-95a9-1be1f388ff39",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/manage-vm-extensions",
"severity": "中等",
"subcategory": "管理",
"text": "定義擴展安裝策略",
"waf": "操作"
},
{
"category": "管理和監控",
"description": "使用自動升級(如果可用),併為不支援自動升級的所有擴展定義更新策略。",
"graph": "resources | where type =~ 'microsoft.hybridcompute/machines/extensions'| extend compliant = (properties.enableAutomaticUpgrade == 'true') | distinct id, compliant",
"guid": "4c2bd463-cbbb-4c86-a195-abb91a4ed90d",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/manage-automatic-vm-extension-upgrade?tabs=azure-portal",
"severity": "高",
"subcategory": "管理",
"text": "定義擴展更新策略",
"waf": "操作"
},
{
"category": "管理和監控",
"description": "Azure 計算機配置,説明在 Azure 中實施 Microsoft 伺服器管理的最佳實踐",
"guid": "7a927c39-74d1-4102-aac6-aae01e6a84de",
"link": "https://learn.microsoft.com/azure/governance/machine-configuration/overview",
"severity": "中等",
"subcategory": "管理",
"text": "請考慮使用 Azure 電腦配置來控制設置並避免伺服器上的配置偏移",
"waf": "操作"
},
{
"category": "管理和監控",
"guid": "37b6b780-cbaf-4e6c-9658-9d457a927c39",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/plan-at-scale-deployment#phase-3-manage-and-operate",
"severity": "高",
"subcategory": "監測",
"text": "監視無回應的代理",
"waf": "操作"
},
{
"category": "管理和監控",
"graph": "resources | where type =~ 'microsoft.hybridcompute/machines' | project id, arcMachineName = name | join kind=leftouter (resources | where type == 'microsoft.hybridcompute/machines/extensions' | where name contains 'azuremonitor' | extend baseIdParts = split(id, '/extensions/') | extend extensionMachineId = tostring(baseIdParts[0]) | project extensionMachineId, extensionId = id) on $left.id == $right.extensionMachineId | extend compliant = isnotempty(extensionMachineId) | project id, compliant",
"guid": "74d1102c-ac6a-4ae0-8e6a-84de5df47d2d",
"link": "https://learn.microsoft.com/azure/azure-monitor/agents/log-analytics-agent#data-collected",
"severity": "中等",
"subcategory": "監測",
"text": "設計監視策略以將指標和日誌發送到Log Analytics工作區",
"waf": "操作"
},
{
"category": "管理和監控",
"guid": "92881b1c-d5d1-4e54-a296-59e3958fd782",
"link": "https://learn.microsoft.com/azure/service-health/resource-health-alert-monitor-guide",
"severity": "中等",
"subcategory": "監測",
"text": "使用活動日誌中的通知接收有關資源意外更改的通知",
"waf": "操作"
},
{
"category": "管理和監控",
"guid": "89c93555-6d02-4bfe-9564-b0d834a34872",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/learn/tutorial-enable-vm-insights",
"severity": "中等",
"subcategory": "監測",
"text": "使用 Azure Monitor 進行合規性和操作監視",
"waf": "操作"
},
{
"category": "管理和監控",
"guid": "5df47d2d-9288-41b1-ad5d-1e54a29659e3",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/plan-at-scale-deployment#phase-3-manage-and-operate",
"severity": "中等",
"subcategory": "監測",
"text": "創建警報以識別未使用最新版本的 Azure Connected Machine Agent 的已啟用 Azure Arc 的伺服器",
"waf": "操作"
},
{
"category": "管理和監控",
"description": "使用 Azure Update Manager 跨已啟用 Azure Arc 的伺服器大規模管理和計劃更新",
"graph": "resources | where type =~ 'microsoft.hybridcompute/machines' | project id = tolower(id), arcMachineName = name | join kind=leftouter (maintenanceresources | extend baseIdParts = split(tolower(id), '/providers/microsoft.maintenance/') | extend maintenanceMachineId = tostring(baseIdParts[0]) | project maintenanceMachineId, maintenanceId = id) on $left.id == $right.maintenanceMachineId | extend compliant = iif(maintenanceMachineId == '', 'No', 'Yes') | project id, compliant",
"guid": "ae2cc84c-37b6-4b78-8cba-fe6c46589d45",
"link": "https://learn.microsoft.com/azure/update-manager/scheduled-patching?tabs=schedule-updates-single-machine%2Cschedule-updates-scale-overview%2Cwindows-maintenance",
"severity": "低",
"subcategory": "安全",
"text": "使用已啟用 Azure Arc 的伺服器控制軟體更新部署到伺服器",
"waf": "操作"
},
{
"category": "聯網",
"description": "默認情況下,Connected Machine Agent 將使用 HTTPS(TCP 連接埠 443)通過公共 Internet 連接與 Azure 服務通信",
"guid": "f6e043d2-aa35-4927-88e6-e2050725769e",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/network-requirements?tabs=azure-cloud#details",
"severity": "高",
"subcategory": "聯網",
"text": "定義從伺服器到 Azure 的連接方法",
"waf": "操作"
},
{
"category": "聯網",
"description": "Connected Machine Agent 可以配置為使用代理伺服器,建議在本地系統上使用“azcmagent config set proxy.url”命令定義代理伺服器位址。",
"guid": "46691e88-35ac-4932-823e-13800523081a",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/manage-agent#update-or-remove-proxy-settings",
"severity": "中等",
"subcategory": "聯網",
"text": "代理伺服器是否需要通過公共 Internet 進行通信",
"waf": "操作"
},
{
"category": "聯網",
"description": "Connected Machine Agent 可以使用專用鏈接通過現有 ExpressRoute 或 VPN 連接與 Azure 服務進行通信",
"guid": "94174158-33ee-47ad-9c6d-3733165c7acb",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/private-link-security",
"severity": "中等",
"subcategory": "聯網",
"text": "是否需要專用(非公共 Internet)連接?",
"waf": "操作"
},
{
"category": "聯網",
"description": "代理可能需要防火牆配置才能與 Azure 通信,請使用連結查看所需的 ServiceTags 和/或 URL",
"guid": "e44bbe60-9d79-4f2e-a777-8424c516775c",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/network-requirements?tabs=azure-cloud#service-tags",
"severity": "高",
"subcategory": "聯網",
"text": "是否需要配置防火牆才能確保與 Azure 服務的通信?",
"waf": "安全"
},
{
"category": "聯網",
"description": "使用相關系統的可用自動化工具定期更新 Azure 終結點",
"guid": "6fa95b96-ad88-4408-b372-734b876ba28f",
"link": "https://www.microsoft.com/download/details.aspx?id=56519",
"severity": "低",
"subcategory": "聯網",
"text": "如果服務標記或IP位址發生更改,是否可以自動更新防火牆或代理規則",
"waf": "安全"
},
{
"category": "聯網",
"description": "將 伺服器配置為使用傳輸層安全性 (TLS) 版本 1.2",
"guid": "21459013-65d3-48e5-9f9c-cbd868266abc",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/network-requirements?tabs=azure-cloud#transport-layer-security-12-protocol",
"severity": "高",
"subcategory": "聯網",
"text": "盡可能使用 Azure 的安全通信",
"waf": "安全"
},
{
"category": "聯網",
"description": "所有擴展(如 Log Analytics 等)都有單獨的網路要求,請務必在網路設計中包含所有擴展。",
"guid": "a264f9a1-9bf3-49d9-9d44-c7c8919ca1f6",
"link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/hybrid/arc-enabled-servers/eslz-arc-servers-connectivity#define-extensions-connectivity-method",
"severity": "低",
"subcategory": "聯網",
"text": "在設計中包括已啟用 Azure Arc 的伺服器擴展的通訊(防火牆/代理/專用連結)",
"waf": "安全"
},
{
"category": "安全性、治理和合規性",
"guid": "ac6aae01-e6a8-44de-9df4-7d2d92881b1c",
"link": "https://learn.microsoft.com/azure/governance/policy/",
"severity": "中等",
"subcategory": "管理",
"text": "使用 Azure Policy 為混合連接的伺服器實現治理模型",
"waf": "安全"
},
{
"category": "安全性、治理和合規性",
"guid": "5c2a3649-4b69-4bad-98aa-d53cc78e1d76",
"link": "https://learn.microsoft.com/azure/governance/machine-configuration/overview",
"severity": "中等",
"subcategory": "管理",
"text": "考慮在來賓操作系統配置中使用Machine configurations",
"waf": "操作"
},
{
"category": "安全性、治理和合規性",
"guid": "667357c4-4967-44c5-bd85-b859c7733be2",
"link": "https://learn.microsoft.com/azure/governance/machine-configuration/machine-configuration-create",
"severity": "中等",
"subcategory": "管理",
"text": "評估對自定義 Guest Configuration 策略的需求",
"waf": "操作"
},
{
"category": "安全性、治理和合規性",
"guid": "49674c5e-d85b-4859-a773-3be2a1a27b77",
"link": "https://learn.microsoft.com/azure/automation/change-tracking/overview",
"severity": "中等",
"subcategory": "監測",
"text": "考慮使用更改跟蹤來跟蹤伺服器上所做的更改",
"waf": "操作"
},
{
"category": "安全性、治理和合規性",
"guid": "d5d1e54a-2965-49e3-a58f-d78289c93555",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/data-residency",
"severity": "中等",
"subcategory": "要求",
"text": "請確保使用 Azure 區域來存儲組織批准的元數據",
"waf": "安全"
},
{
"category": "安全性、治理和合規性",
"guid": "195abb91-a4ed-490d-ae2c-c84c37b6b780",
"link": "https://learn.microsoft.com/azure/key-vault/general/basic-concepts",
"severity": "中等",
"subcategory": "秘密",
"text": "使用 Azure Key Vault 在伺服器上進行證書管理",
"waf": "安全"
},
{
"category": "安全性、治理和合規性",
"description": "請考慮使用存留期較短的 Azure AD 服務主體客戶端密碼。",
"guid": "6d02bfe4-564b-40d8-94a3-48726ee79d6b",
"link": "https://learn.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal#option-2-create-a-new-application-secret",
"severity": "高",
"subcategory": "秘密",
"text": "SP 使用的金鑰的可接受生命週期是多久",
"waf": "安全"
},
{
"category": "安全性、治理和合規性",
"description": "私鑰保存到磁碟,確保使用磁碟加密對其進行保護",
"guid": "a1a27b77-5a91-4be1-b388-ff394c2bd463",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/security-overview#using-disk-encryption",
"severity": "中等",
"subcategory": "秘密",
"text": "保護已啟用 Azure Arc 的伺服器的公鑰",
"waf": "安全"
},
{
"category": "安全性、治理和合規性",
"description": "在 Windows 和 Linux 系統上安裝 Connected Machine Agent 需要本地管理員",
"guid": "29659e39-58fd-4782-a9c9-35556d02bfe4",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/onboard-portal#install-manually",
"severity": "高",
"subcategory": "安全",
"text": "確保具有執行代理安裝的本地管理員訪問許可權",
"waf": "安全"
},
{
"category": "安全性、治理和合規性",
"description": "Windows 上的本地管理員組成員和在 Linux 上具有 root 許可權的使用者有權通過命令行管理代理。",
"guid": "564b0d83-4a34-4872-9ee7-9d6b5c2a3649",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/security-overview#agent-security-and-permissions",
"severity": "中等",
"subcategory": "安全",
"text": "限制對伺服器具有本地管理員許可權的用戶數量",
"waf": "安全"
},
{
"category": "安全性、治理和合規性",
"guid": "4b69bad3-8aad-453c-a78e-1d76667357c4",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/managed-identity-authentication",
"severity": "中等",
"subcategory": "安全",
"text": "考慮使用和限制對應用程式的託管身份的訪問。",
"waf": "安全"
},
{
"category": "安全性、治理和合規性",
"description": "使用 Defender for Endpoint 或其他 AV 和 EDR 解決方案保護終結點",
"guid": "5a91be1f-388f-4f39-9c2b-d463cbbbc868",
"link": "https://learn.microsoft.com/azure/security-center/security-center-get-started",
"severity": "中等",
"subcategory": "安全",
"text": "為所有伺服器啟用 Defender for Servers,以保護混合工作負載免受威脅",
"waf": "安全"
},
{
"category": "安全性、治理和合規性",
"guid": "cbafe6c4-6589-4d45-9a92-7c3974d1102c",
"severity": "中等",
"subcategory": "安全",
"text": "定義控制措施以檢測安全錯誤配置並跟蹤合規性",
"waf": "安全"
},
{
"category": "安全性、治理和合規性",
"guid": "cbbbc868-195a-4bb9-8a4e-d90dae2cc84c",
"link": "https://learn.microsoft.com/azure/azure-arc/servers/security-overview#extension-allowlists-and-blocklists",
"severity": "中等",
"subcategory": "安全",
"text": "使用允許清單或阻止清單來控制可以在已啟用 Azure Arc 的伺服器上安裝哪些擴展",
"waf": "安全"
}
],
"metadata": {
"name": "Azure Arc Review",
"state": "Preview",
"timestamp": "October 23, 2024"
},
"severities": [
{
"name": "高"
},
{
"name": "中等"
},
{
"name": "低"
}
],
"status": [
{
"description": "尚未查看此檢查",
"name": "未驗證"
},
{
"description": "存在與此檢查關聯的操作項",
"name": "打開"
},
{
"description": "此檢查已經過驗證,沒有與之關聯的其他操作項",
"name": "實現"
},
{
"description": "建議已理解,但當前要求不需要",
"name": "不需要"
},
{
"description": "不適用於當前設計",
"name": "不適用"
}
],
"waf": [
{
"name": "可靠性"
},
{
"name": "安全"
},
{
"name": "成本"
},
{
"name": "操作"
},
{
"name": "性能"
}
]
}