AzPolicyAdvertizer

last sync: 2021-Oct-25 16:02:14 UTC

Azure Policy definition

Deploy - Configure Log Analytics extension to be enabled on Windows virtual machines

Name Deploy - Configure Log Analytics extension to be enabled on Windows virtual machines
Azure Portal
Id 0868462e-646c-4fe3-9ced-a733534b6a2c
Version 2.0.1
details on versioning
Category Monitoring
Microsoft docs
Description Deploy Log Analytics extension for Windows virtual machines if the virtual machine image is in the list defined and the extension is not installed.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: DeployIfNotExists
Allowed: (DeployIfNotExists, Disabled)
Used RBAC Role
Role Name Role Id
Log Analytics Contributor 92aaf0da-9dab-42b6-94a3-d43ce8d16293
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-09-27 15:52:17 change Patch (2.0.0 > 2.0.1) *changes on text case sensitivity are not tracked
2021-03-02 15:11:40 change Major (1.1.0 > 2.0.0)
2020-04-22 04:43:16 change Previous DisplayName: [Preview]: Deploy Log Analytics Agent for Windows VMs
Used in Initiatives
Initiative DisplayName Initiative Id Initiative Category State
Enable Azure Monitor for VMs 55f3eceb-5573-4f18-9695-226972c6d74a Monitoring GA
JSON Changes

JSON 
{
  "displayName": "Deploy - Configure Log Analytics extension to be enabled on Windows virtual machines",
  "policyType": "BuiltIn",
  "mode": "Indexed",
  "description": "Deploy Log Analytics extension for Windows virtual machines if the virtual machine image is in the list defined and the extension is not installed.",
  "metadata": {
    "version": "2.0.1",
    "category": "Monitoring"
  },
  "parameters": {
    "logAnalytics": {
      "type": "String",
      "metadata": {
        "displayName": "Log Analytics workspace",
        "description": "Log Analytics workspace is used to receive performance data. If this workspace is outside of the scope of the assignment you must manually grant 'Log Analytics Contributor' permissions (or similar) to the policy assignment's principal ID.",
        "strongType": "omsWorkspace",
        "assignPermissions": true
      }
    },
    "listOfImageIdToInclude": {
      "type": "Array",
      "metadata": {
        "displayName": "Optional: List of virtual machine images that have supported Windows OS to add to scope",
        "description": "Example values: '/subscriptions//resourceGroups/YourResourceGroup/providers/Microsoft.Compute/images/ContosoStdImage'"
      },
      "defaultValue": []
    },
    "effect": {
      "type": "String",
      "metadata": {
        "displayName": "Effect",
        "description": "Enable or disable the execution of the policy"
      },
      "allowedValues": [
        "DeployIfNotExists",
        "Disabled"
      ],
      "defaultValue": "DeployIfNotExists"
    }
  },
  "policyRule": {
    "if": {
      "allOf": [
        {
          "field": "type",
          "equals": "Microsoft.Compute/virtualMachines"
        },
        {
          "anyOf": [
            {
              "field": "Microsoft.Compute/imageId",
              "in": "[parameters('listOfImageIdToInclude')]"
            },
            {
              "allOf": [
                {
                  "field": "Microsoft.Compute/imagePublisher",
                  "equals": "MicrosoftWindowsServer"
                },
                {
                  "field": "Microsoft.Compute/imageOffer",
                  "equals": "WindowsServer"
                },
                {
                  "field": "Microsoft.Compute/imageSKU",
                  "in": [
                    "2008-R2-SP1",
                    "2008-R2-SP1-smalldisk",
                    "2012-Datacenter",
                    "2012-Datacenter-smalldisk",
                    "2012-R2-Datacenter",
                    "2012-R2-Datacenter-smalldisk",
                    "2016-Datacenter",
                    "2016-Datacenter-Server-Core",
                    "2016-Datacenter-Server-Core-smalldisk",
                    "2016-Datacenter-smalldisk",
                    "2016-Datacenter-with-Containers",
                    "2016-Datacenter-with-RDSH",
                    "2019-Datacenter",
                    "2019-Datacenter-Core",
                    "2019-Datacenter-Core-smalldisk",
                    "2019-Datacenter-Core-with-Containers",
                    "2019-Datacenter-Core-with-Containers-smalldisk",
                    "2019-Datacenter-smalldisk",
                    "2019-Datacenter-with-Containers",
                    "2019-Datacenter-with-Containers-smalldisk",
                    "2019-Datacenter-zhcn"
                  ]
                }
              ]
            },
            {
              "allOf": [
                {
                  "field": "Microsoft.Compute/imagePublisher",
                  "equals": "MicrosoftWindowsServer"
                },
                {
                  "field": "Microsoft.Compute/imageOffer",
                  "equals": "WindowsServerSemiAnnual"
                },
                {
                  "field": "Microsoft.Compute/imageSKU",
                  "in": [
                    "Datacenter-Core-1709-smalldisk",
                    "Datacenter-Core-1709-with-Containers-smalldisk",
                    "Datacenter-Core-1803-with-Containers-smalldisk"
                  ]
                }
              ]
            },
            {
              "allOf": [
                {
                  "field": "Microsoft.Compute/imagePublisher",
                  "equals": "MicrosoftWindowsServerHPCPack"
                },
                {
                  "field": "Microsoft.Compute/imageOffer",
                  "equals": "WindowsServerHPCPack"
                }
              ]
            },
            {
              "allOf": [
                {
                  "field": "Microsoft.Compute/imagePublisher",
                  "equals": "MicrosoftSQLServer"
                },
                {
                  "anyOf": [
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "like": "*-WS2016"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "like": "*-WS2016-BYOL"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "like": "*-WS2012R2"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "like": "*-WS2012R2-BYOL"
                    }
                  ]
                }
              ]
            },
            {
              "allOf": [
                {
                  "field": "Microsoft.Compute/imagePublisher",
                  "equals": "MicrosoftRServer"
                },
                {
                  "field": "Microsoft.Compute/imageOffer",
                  "equals": "MLServer-WS2016"
                }
              ]
            },
            {
              "allOf": [
                {
                  "field": "Microsoft.Compute/imagePublisher",
                  "equals": "MicrosoftVisualStudio"
                },
                {
                  "field": "Microsoft.Compute/imageOffer",
                  "in": [
                    "VisualStudio",
                    "Windows"
                  ]
                }
              ]
            },
            {
              "allOf": [
                {
                  "field": "Microsoft.Compute/imagePublisher",
                  "equals": "MicrosoftDynamicsAX"
                },
                {
                  "field": "Microsoft.Compute/imageOffer",
                  "equals": "Dynamics"
                },
                {
                  "field": "Microsoft.Compute/imageSKU",
                  "equals": "Pre-Req-AX7-Onebox-U8"
                }
              ]
            },
            {
              "allOf": [
                {
                  "field": "Microsoft.Compute/imagePublisher",
                  "equals": "MicrosoftDynamicsAX"
                },
                {
                  "field": "Microsoft.Compute/imageOffer",
                  "equals": "Dynamics"
                },
                {
                  "field": "Microsoft.Compute/imageSKU",
                  "equals": "Pre-Req-AX7-Onebox-V4"
                }
              ]
            },
            {
              "allOf": [
                {
                  "field": "Microsoft.Compute/imagePublisher",
                  "equals": "microsoft-ads"
                },
                {
                  "field": "Microsoft.Compute/imageOffer",
                  "equals": "windows-data-science-vm"
                }
              ]
            },
            {
              "allOf": [
                {
                  "field": "Microsoft.Compute/imagePublisher",
                  "equals": "MicrosoftWindowsDesktop"
                },
                {
                  "field": "Microsoft.Compute/imageOffer",
                  "equals": "Windows-10"
                }
              ]
            }
          ]
        }
      ]
    },
    "then": {
      "effect": "[parameters('effect')]",
      "details": {
        "type": "Microsoft.Compute/virtualMachines/extensions",
        "roleDefinitionIds": [
          "/providers/microsoft.authorization/roleDefinitions/92aaf0da-9dab-42b6-94a3-d43ce8d16293"
        ],
        "existenceCondition": {
          "allOf": [
            {
              "field": "Microsoft.Compute/virtualMachines/extensions/type",
              "equals": "MicrosoftMonitoringAgent"
            },
            {
              "field": "Microsoft.Compute/virtualMachines/extensions/publisher",
              "equals": "Microsoft.EnterpriseCloud.Monitoring"
            },
            {
              "field": "Microsoft.Compute/virtualMachines/extensions/provisioningState",
              "equals": "Succeeded"
            }
          ]
        },
        "deployment": {
          "properties": {
            "mode": "incremental",
            "template": {
              "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
              "contentVersion": "1.0.0.0",
              "parameters": {
                "vmName": {
                  "type": "string"
                },
                "location": {
                  "type": "string"
                },
                "logAnalytics": {
                  "type": "string"
                }
              },
              "variables": {
                "vmExtensionName": "MicrosoftMonitoringAgent",
                "vmExtensionPublisher": "Microsoft.EnterpriseCloud.Monitoring",
                "vmExtensionType": "MicrosoftMonitoringAgent",
                "vmExtensionTypeHandlerVersion": "1.0"
              },
              "resources": [
                {
                  "name": "[concat(parameters('vmName'), '/', variables('vmExtensionName'))]",
                  "type": "Microsoft.Compute/virtualMachines/extensions",
                  "location": "[parameters('location')]",
                  "apiVersion": "2018-06-01",
                  "properties": {
                    "publisher": "[variables('vmExtensionPublisher')]",
                    "type": "[variables('vmExtensionType')]",
                    "typeHandlerVersion": "[variables('vmExtensionTypeHandlerVersion')]",
                    "autoUpgradeMinorVersion": true,
                    "settings": {
                      "workspaceId": "[reference(parameters('logAnalytics'), '2015-03-20').customerId]",
                      "stopOnMultipleConnections": "true"
                    },
                    "protectedSettings": {
                      "workspaceKey": "[listKeys(parameters('logAnalytics'), '2015-03-20').primarySharedKey]"
                    }
                  }
                }
              ],
              "outputs": {
                "policy": {
                  "type": "string",
                  "value": "[concat('Enabled extension for VM', ': ', parameters('vmName'))]"
                }
              }
            },
            "parameters": {
              "vmName": {
                "value": "[field('name')]"
              },
              "location": {
                "value": "[field('location')]"
              },
              "logAnalytics": {
                "value": "[parameters('logAnalytics')]"
              }
            }
          }
        }
      }
    }
  }
}