AzPolicyAdvertizer

last sync: 2024-Jul-26 18:17:39 UTC

Configure backup on virtual machines without a given tag to an existing recovery services vault in the same location

Azure BuiltIn Policy definition

Source Azure Portal
Display name Configure backup on virtual machines without a given tag to an existing recovery services vault in the same location
Id 09ce66bc-1220-4153-8104-e3f51c936913
Version 9.3.0
Details on versioning
Category Backup
Microsoft Learn
Description Enforce backup for all virtual machines by backing them up to an existing central recovery services vault in the same location and subscription as the virtual machine. Doing this is useful when there is a central team in your organization managing backups for all resources in a subscription. You can optionally exclude virtual machines containing a specified tag to control the scope of assignment. See https://aka.ms/AzureVMCentralBackupExcludeTag.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
DeployIfNotExists
Allowed
auditIfNotExists, AuditIfNotExists, deployIfNotExists, DeployIfNotExists, disabled, Disabled
RBAC role(s)
Role Name Role Id
Virtual Machine Contributor 9980e02c-c2be-4d73-94e8-173b1dc7cf3c
Backup Contributor 5e467623-bb1f-42f4-a55d-6e525e11384b
Rule aliases IF (3)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Compute/imageOffer Microsoft.Compute
Microsoft.Compute
Microsoft.Compute		 virtualMachines
virtualMachineScaleSets
disks		 properties.storageProfile.imageReference.offer
properties.virtualMachineProfile.storageProfile.imageReference.offer
properties.creationData.imageReference.id		 True
True
True

False
False
False
Microsoft.Compute/imagePublisher Microsoft.Compute
Microsoft.Compute
Microsoft.Compute		 virtualMachines
virtualMachineScaleSets
disks		 properties.storageProfile.imageReference.publisher
properties.virtualMachineProfile.storageProfile.imageReference.publisher
properties.creationData.imageReference.id		 True
True
True

False
False
False
Microsoft.Compute/imageSKU Microsoft.Compute
Microsoft.Compute
Microsoft.Compute		 virtualMachines
virtualMachineScaleSets
disks		 properties.storageProfile.imageReference.sku
properties.virtualMachineProfile.storageProfile.imageReference.sku
properties.creationData.imageReference.id		 True
True
True

False
False
False
Rule resource types IF (1)
Microsoft.Compute/virtualMachines
THEN-Deployment (3)
Microsoft.Compute/virtualMachines
Microsoft.RecoveryServices/vaults/backupFabrics/protectionContainers/protectedItems
Microsoft.Resources/deployments
Compliance
The following 4 compliance controls are associated with this Policy definition 'Configure backup on virtual machines without a given tag to an existing recovery services vault in the same location' (09ce66bc-1220-4153-8104-e3f51c936913)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
mp.info.6 Backups mp.info.6 Backups 404 not found n/a n/a 65
op.cont.4 Alternative means op.cont.4 Alternative means 404 not found n/a n/a 95
op.exp.3 Security configuration management op.exp.3 Security configuration management 404 not found n/a n/a 123
RMiT_v1.0 11.4 RMiT_v1.0_11.4 RMiT 11.4 Cyber Risk Management Cyber Risk Management - 11.4 Shared n/a A large financial institution is required to' (a) implement a centralised automated tracking system to manage its technology asset inventory; and (b) establish a dedicated in-house cyber risk management function to manage cyber risks or emerging cyber threats. The cyber risk management function shall be responsible for the following: (i) perform detailed analysis on cyber threats, provide risk assessments on potential cyber-attacks and ensure timely review and escalation of all high-risk cyber threats to senior management and the board; and (ii) proactively identify potential vulnerabilities including those arising from infrastructure hosted with third party service providers through the simulation of sophisticated 'Red Team' attacks on its current security controls. link 3
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
RMIT Malaysia 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 Regulatory Compliance GA BuiltIn
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2024-05-13 17:44:58 change Minor (9.2.0 > 9.3.0)
2024-02-20 22:44:08 change Minor (9.1.0 > 9.2.0)
2023-01-13 18:06:06 change Minor (9.0.0 > 9.1.0)
2022-06-24 19:15:47 change Major (8.0.0 > 9.0.0)
2022-04-29 18:06:01 change Major (7.1.0 > 8.0.0)
2022-04-08 16:22:13 change Major (6.1.0 > 7.1.0)
2022-04-01 20:29:14 change Minor (6.0.0 > 6.1.0)
2022-02-11 18:30:22 change Major (5.0.0 > 6.0.0)
2021-12-06 22:17:57 change Major (4.0.0 > 5.0.0)
2021-11-12 16:23:07 change Major (3.0.0 > 4.0.0)
2021-04-27 15:38:15 change Major (2.0.0 > 3.0.0)
2021-04-07 13:27:17 change Major (1.1.0 > 2.0.0)
2020-11-10 16:00:42 change Minor (1.0.0 > 1.1.0)
2019-11-19 11:26:09 change Previous DisplayName: Deploy prerequisites to backup VMs of a location to an existing central Vault in the same location
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC