Ensure that all your Microsoft Azure virtual machine scale sets are using zone-redundant availability configurations instead of single-zone (zonal) configurations, to deploy and load balance virtual machines (VMs) across multiple Availability Zones (AZs) in order to protect your Azure scale sets from datacenter-level failures.
This rule resolution is part of the Cloud Conformity Security & Compliance tool for Azure
When you deploy a virtual machine scale set, you can choose to use a single Availability Zone or multiple Availability Zones (AZs). A zone-redundant virtual machine scale set represents a single scale set that spans multiple AZs. As virtual machine instances are created within the scale set, they are evenly balanced across AZs. This availability configuration helps to protect your applications and data from a zone failure or loss of an entire AZ. With zone-redundancy, one or more Availability Zones can fail and the data path survives as long as one AZ in the region remains healthy.
To determine the availability configuration of your Microsoft Azure VM scale sets, perform the following actions:
Remediation / Resolution
To enable zone redundancy for your Microsoft Azure virtual machine scale sets you have to re-create the scale sets with a zone-redundant availability configuration by perform the following actions:
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Check for Zone-Redundant Virtual Machine Scale Sets
Risk level: High