PowerSTIG Module Import in Azure Automation
The PowerSTIG module is unable to be imported using the Azure Automation blade inside the Azure Portal. I would like to have the ability to import the PowerSTIG module and all required dependencies via the Azure Portal. Currently, to get this to work all required dependencies have to be imported using PowerShell.
Really good feedback, I passed this on to the Automation team to review and consider for future iterations to the service. Please stay tuned.
Chad Berg commented
Having an automated option to harden platforms is a must. We are a Software Company and build these applications,.. we (including the product group) should be leading the effort on providing options to harden these items,. and driving the guidance. Not setting back while 3rd party contractors and contract companies direct us (Via DISA STIGs) on how to hardened these platforms to comply with Government Security Hardening policies.
This should be one of many options a customer can employ/enable to secure their platforms. Still scratching my head on why FIPS is a setting on a Windows platform when it does more to break our other application software instead of protecting it properly. We have multiple MSFT groups (outside) the product group who struggle with these items constantly. It creates business but, at the cost of forward movement into more impactful areas. PowerSTIG should be as straight forward and granular option to integrate in any platform. We can come up with wonky-shiny-flashy features but,. the solid delivery options items like this must be done as an aftermarket add-on item instead of integrated into the OEM version of the product.