User Review( votes)
Azure pros share their latest insights on scanning container images, shifting VM snapshots between regions, Azure AD and Jitsi video meeting software.
Scanning container images with Azure Security Center
Richard Hooper, writing on Pixel Robots, launched the month of April by detailing how to scan Container Registry container images with Azure Security Center, which can be an important step in assessing potential vulnerabilities. After an image is pushed to the registry, a webhook can inform Security Center to launch a vulnerability scan using Qualys, which currently only applies to Linux containers. Hooper demonstrated how to navigate to Security Center in Azure portal, access Policy & Compliance and disable all plans other than Container Registry. He wrote:
As you probably know Azure Security Centre can cost a bit, but luckily you can pick and choose the bits you would like to move to the standard tier…At the moment this only works on a push of an image. I would like to see it scanning on a schedule as I am sure your aware vulnerabilities can crop up at any time. But until then this along with scanning on container image build…should help keep you secure.
Copying VM snapshots between regions with PowerShell
Thomas Thornton recently detailed how to create VM snapshots of disks to do a restore in Azure with PowerShell and expounded on the theme, looking at how to copy VM snapshots to a different region for enhanced disaster recovery. For his example, he wanted to migrate the snapshots from the North Europe region to West Europe as a VHD. He shared a sample PowerShell script that overwrites a preexisting file for improved disaster recovery. The $snapshots command helps to return snapshots created within a 12 hour period, in case there are multiple generated.
Users need to be on the lookout for the “pending” status which indicates the VHD is still being copied. Thornton created basic logic for naming Managed Disks in West Europe.