AzPolicyAdvertizer

last sync: 2025-May-06 19:40:34 UTC

Deny SSH Auth on New VMs

Community Policy definition

Source Repository Community-Policy GitHub
JSON Community-Policy GitHub
Deploy policy 1a5db520-c50b-49b7-b2e1-ccdec804b2af (1.0.0) to Azure
Display name Deny SSH Auth on New VMs
Id 1a5db520-c50b-49b7-b2e1-ccdec804b2af
Version 1.0.0
Details on versioning
Category Compute
Microsoft Learn
Description This policy denies a deployment when any Linux VMs use password-only authentication for SSH.
Mode all
Type Custom Community
Effect Default
Audit
Allowed
Deny, Audit, Disabled
RBAC role(s) none
Rule aliases IF (3)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Compute/imageOffer Microsoft.Compute
Microsoft.Compute
Microsoft.Compute		 virtualMachines
virtualMachineScaleSets
disks		 properties.storageProfile.imageReference.offer
properties.virtualMachineProfile.storageProfile.imageReference.offer
properties.creationData.imageReference.id		 True
True
True

False
False
False
Microsoft.Compute/imagePublisher Microsoft.Compute
Microsoft.Compute
Microsoft.Compute		 virtualMachines
virtualMachineScaleSets
disks		 properties.storageProfile.imageReference.publisher
properties.virtualMachineProfile.storageProfile.imageReference.publisher
properties.creationData.imageReference.id		 True
True
True

False
False
False
Microsoft.Compute/virtualMachines/osProfile.linuxConfiguration.disablePasswordAuthentication Microsoft.Compute virtualMachines properties.osProfile.linuxConfiguration.disablePasswordAuthentication True True
Rule resource types IF (1)
Microsoft.Compute/virtualMachines
JSON
EPAC
Deploy policy 1a5db520-c50b-49b7-b2e1-ccdec804b2af (1.0.0) to Azure