AzPolicyAdvertizer

last sync: 2025-Apr-29 17:16:02 UTC

Create and assign a built-in user-assigned managed identity

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

Create and assign a built-in user-assigned managed identity

09963c90-6ee7-4215-8d26-1cc660a1682f

Version

1.8.0
Details on versioning

Versioning

Versions supported for Versioning: 7

1.8.0
1.7.0
1.6.0
1.5.0
1.4.0
1.3.1
1.3.0-preview

Built-in Versioning [Preview]

Category

Security Center
Microsoft Learn

Description

Create and assign a built-in user-assigned managed identity at scale to SQL virtual machines.

Cloud environments

AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown

Available in AzUSGov

The Policy is available in AzureUSGovernment cloud. Version: '1.7.0'
Repository: Azure-Policy 09963c90-6ee7-4215-8d26-1cc660a1682f

Mode

Indexed

Type

BuiltIn

Preview

False

Deprecated

False

Effect

Default
DeployIfNotExists
Allowed
AuditIfNotExists, DeployIfNotExists, Disabled

RBAC role(s)

Role Name	Role Id
Contributor	b24988ac-6180-42a0-ab88-20f7382dd24c

Rule aliases

THEN-Details (1)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.SqlVirtualMachine/SqlVirtualMachines/virtualMachineResourceId	Microsoft.SqlVirtualMachine	SqlVirtualMachines	properties.virtualMachineResourceId	True		False

THEN-ExistenceCondition (1)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType	Microsoft.Compute	virtualMachines	properties.storageProfile.osDisk.osType	True		True

Rule resource types

IF (1)

Microsoft.SqlVirtualMachine/SqlVirtualMachines

THEN-Deployment (4)

Microsoft.Compute/virtualMachines
Microsoft.ManagedIdentity/userAssignedIdentities
Microsoft.Resources/deployments
Microsoft.Resources/resourceGroups

Compliance

Not a Compliance control

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type	polSet in AzUSGov
Configure SQL VMs and Arc-enabled SQL Servers to install Microsoft Defender for SQL and AMA with a LA workspace	d7c3ea3a-edf3-4bd5-bd64-d5b635b05393	Security Center	GA	BuiltIn	true
Configure SQL VMs and Arc-enabled SQL Servers to install Microsoft Defender for SQL and AMA with a user-defined LA workspace	de01d381-bae9-4670-8870-786f89f49e26	Security Center	GA	BuiltIn	true

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2025-01-21 19:02:36	change	Minor (1.7.0 > 1.8.0)
2024-09-10 17:48:30	change	Minor (1.6.0 > 1.7.0)
2024-05-13 17:44:58	change	Minor (1.5.0 > 1.6.0)
2024-04-22 16:32:55	change	Minor (1.4.0 > 1.5.0)
2024-01-12 18:35:06	change	Minor (1.3.1 > 1.4.0)
2023-11-17 19:29:28	change	Patch, old suffix: preview (1.3.0-preview > 1.3.1)
2023-10-31 19:02:40	change	Minor, suffix remains equal (1.2.0-preview > 1.3.0-preview)
2023-09-11 17:59:12	change	Minor, suffix remains equal (1.1.0-preview > 1.2.0-preview)
2023-08-22 17:59:24	add	09963c90-6ee7-4215-8d26-1cc660a1682f

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC