last sync: 2022-Sep-23 16:35:49 UTC

Azure Policy definition

[Preview]: vTPM should be enabled on supported virtual machines

Name [Preview]: vTPM should be enabled on supported virtual machines
Azure Portal
Id 1c30f9cd-b84c-49cc-aa2c-9288447cc3b3
Version 2.0.0-preview
details on versioning
Category Security Center
Microsoft docs
Description Enable virtual TPM device on supported virtual machines to facilitate Measured Boot and other OS security features that require a TPM. Once enabled, vTPM can be used to attest boot integrity. This assessment only applies to trusted launch enabled virtual machines.
Mode Indexed
Type BuiltIn
Preview True
Deprecated FALSE
Effect Default: Audit
Allowed: (Audit, Disabled)
Used RBAC Role none
Rule Aliases IF (3)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Compute/virtualMachines/securityProfile.securityType Microsoft.Compute virtualMachines properties.securityProfile.securityType false
Microsoft.Compute/virtualMachines/securityProfile.uefiSettings Microsoft.Compute virtualMachines properties.securityProfile.uefiSettings false
Microsoft.Compute/virtualMachines/securityProfile.uefiSettings.vTpmEnabled Microsoft.Compute virtualMachines properties.securityProfile.uefiSettings.vTpmEnabled false
Rule ResourceTypes IF (1)
Date/Time (UTC ymd) (i) Change type Change detail
2021-11-12 16:23:07 change Major, suffix remains equal (1.0.0-preview > 2.0.0-preview)
2021-05-04 14:34:06 add 1c30f9cd-b84c-49cc-aa2c-9288447cc3b3
Used in Initiatives
Initiative DisplayName Initiative Id Initiative Category State Type
[Preview]: Reserve Bank of India - IT Framework for NBFC 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c Regulatory Compliance Preview BuiltIn
Azure Security Benchmark 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 Security Center GA BuiltIn
SOC 2 Type 2 4054785f-702b-4a98-9215-009cbd58b141 Regulatory Compliance GA BuiltIn
JSON Changes