last sync: 2022-May-24 16:30:29 UTC

Azure Policy definition

[Preview]: vTPM should be enabled on supported virtual machines

Name [Preview]: vTPM should be enabled on supported virtual machines
Azure Portal
Id 1c30f9cd-b84c-49cc-aa2c-9288447cc3b3
Version 2.0.0-preview
details on versioning
Category Security Center
Microsoft docs
Description Enable virtual TPM device on supported virtual machines to facilitate Measured Boot and other OS security features that require a TPM. Once enabled, vTPM can be used to attest boot integrity. This assessment only applies to trusted launch enabled virtual machines.
Mode Indexed
Type BuiltIn
Preview True
Deprecated FALSE
Effect Default: Audit
Allowed: (Audit, Disabled)
Used RBAC Role none
Rule Aliases IF (3)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Compute/virtualMachines/securityProfile.securityType Microsoft.Compute virtualMachines properties.securityProfile.securityType false
Microsoft.Compute/virtualMachines/securityProfile.uefiSettings Microsoft.Compute virtualMachines properties.securityProfile.uefiSettings false
Microsoft.Compute/virtualMachines/securityProfile.uefiSettings.vTpmEnabled Microsoft.Compute virtualMachines properties.securityProfile.uefiSettings.vTpmEnabled false
Rule ResourceTypes IF (1)
Date/Time (UTC ymd) (i) Change type Change detail
2021-11-12 16:23:07 change Major, suffix remains equal (1.0.0-preview > 2.0.0-preview)
2021-05-04 14:34:06 add 1c30f9cd-b84c-49cc-aa2c-9288447cc3b3
Used in Initiatives
Initiative DisplayName Initiative Id Initiative Category State Type
Azure Security Benchmark 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 Security Center GA BuiltIn
JSON Changes