← Back to VMware vRealize Automation 7.x vAMI Security Technical Implementation Guide

V-240946

CAT II (Medium)

The vAMI installation procedures must be part of a complete vRealize Automation deployment.

Rule ID

SV-240946r879640_rule

STIG

VMware vRealize Automation 7.x vAMI Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-001190

Discussion

Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of a failure of the information system or a component of the system. When an application is deployed to the vAMI, if the deployment process does not complete properly and without errors, there is the potential that some application files may not be deployed or may be corrupted and an application error may occur during runtime. The vAMI must be able to perform complete application deployments. A partial deployment can leave the server in an inconsistent state. Application servers may provide a transaction rollback function to address this issue.

Check Content

Interview the ISSO and/or the SA.
 
Determine if the vAMI was installed separately from a full installation of vRealize Automation.
 
If the vAMI was installed independently of a full vRA installation, this is a finding.

Fix Text

Reinstall the vRealize Automation instance as a complete package.