Ensure that unhealthy virtual machine instances are automatically deleted from the scale sets and new ones are created, using the latest instance model settings. Automatic Instance Repairs feature relies on health checks performed for individual instances running in a scale set. These virtual machine instances can be configured to emit an application health status using the Azure Application Health extension or a load balancer health probe. If a VM instance is found to be unhealthy, as reported by the Application Health extension or by the associated load balancer health probe, then the scale set performs the repair action by deleting the unhealthy instance and creating a new one to replace it.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
Enabling automatic instance repairs for Microsoft Azure virtual machine scale sets helps achieve high availability for your cloud applications by maintaining the scale set instances healthy.
Audit
To determine if automatic repairs policy is enabled for the instances within your Azure virtual machine scale sets, perform the following actions:
Remediation / Resolution
To enable the Automatic Instance Repair feature for your Microsoft Azure virtual machine scale sets, perform the following actions:
Note: Before enabling automatic repairs policy within an existing scale set, ensure that all the requirements for opting in to this feature are met. The application endpoint should be correctly configured for scale set instances to avoid triggering unintended repairs while the endpoint is getting configured.References
- Azure Official Documentation
- What are virtual machine scale sets?
- Automatic instance repairs for Azure virtual machine scale sets
- Azure Command Line Interface (CLI) Documentation
- az account list
- az vmss list
- az vmss show
- az vmss update