last sync: 2024-Mar-27 18:49:11 UTC

Dependency agent should be enabled for listed virtual machine images

Azure BuiltIn Policy definition

Source Azure Portal
Display name Dependency agent should be enabled for listed virtual machine images
Id 11ac78e3-31bc-4f0c-8434-37ab963cea07
Version 2.0.0
Details on versioning
Category Monitoring
Microsoft Learn
Description Reports virtual machines as non-compliant if the virtual machine image is not in the list defined and the agent is not installed. The list of OS images is updated over time as support is updated.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases IF (4)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Compute/imageId Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.id
properties.virtualMachineProfile.storageProfile.imageReference.id
properties.creationData.imageReference.id
false
false
false
Microsoft.Compute/imageOffer Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.offer
properties.virtualMachineProfile.storageProfile.imageReference.offer
properties.creationData.imageReference.id
false
false
false
Microsoft.Compute/imagePublisher Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.publisher
properties.virtualMachineProfile.storageProfile.imageReference.publisher
properties.creationData.imageReference.id
false
false
false
Microsoft.Compute/imageSKU Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.sku
properties.virtualMachineProfile.storageProfile.imageReference.sku
properties.creationData.imageReference.id
false
false
false
THEN-ExistenceCondition (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Compute/virtualMachines/extensions/publisher Microsoft.Compute virtualMachines/extensions properties.publisher false
Rule resource types IF (1)
Microsoft.Compute/virtualMachines
Compliance
The following 5 compliance controls are associated with this Policy definition 'Dependency agent should be enabled for listed virtual machine images' (11ac78e3-31bc-4f0c-8434-37ab963cea07)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
ISO27001-2013 A.12.4.1 ISO27001-2013_A.12.4.1 ISO 27001:2013 A.12.4.1 Operations Security Event Logging Shared n/a Event logs recording user activities, exceptions, faults and information security events shall be produced, kept and regularly reviewed. link 53
ISO27001-2013 A.12.4.3 ISO27001-2013_A.12.4.3 ISO 27001:2013 A.12.4.3 Operations Security Administrator and operator logs Shared n/a System administrator and system operator activities shall be logged and the logs protected and regularly reviewed. link 29
ISO27001-2013 A.12.4.4 ISO27001-2013_A.12.4.4 ISO 27001:2013 A.12.4.4 Operations Security Clock Synchronization Shared n/a The clocks of all relevant information processing systems within an organization or security domain shall be synchronized to a single reference time source. link 8
U.15.1 - Events logged U.15.1 - Events logged 404 not found n/a n/a 43
U.15.3 - Events logged U.15.3 - Events logged 404 not found n/a n/a 6
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
ISO 27001:2013 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 Regulatory Compliance GA BuiltIn
Legacy - Enable Azure Monitor for VMs 55f3eceb-5573-4f18-9695-226972c6d74a Monitoring GA BuiltIn
NL BIO Cloud Theme 6ce73208-883e-490f-a2ac-44aac3b3687f Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-03-02 15:11:40 change Major (1.0.1 > 2.0.0)
2020-04-22 04:43:16 change Previous DisplayName: [Preview]: Audit Dependency Agent Deployment - VM Image (OS) unlisted
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC