AzPolicyAdvertizer

last sync: 2021-Jul-23 16:37:57 UTC

Azure Policy definition

Cloud Services (extended support) role instances should have an endpoint protection solution installed

Name Cloud Services (extended support) role instances should have an endpoint protection solution installed
Azure Portal
Id 1e378679-f122-4a96-a739-a7729c46e1aa
Version 1.0.0
details on versioning
Category Security Center
Microsoft docs
Description Protect your Cloud Services (extended support) role instances from threats and vulnerabilities by ensuring an endpoint protection solution is installed on them.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
Used RBAC Role none
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-04-27 15:38:15 add 1e378679-f122-4a96-a739-a7729c46e1aa
Used in Initiatives none
JSON 
{
  "properties": {
    "displayName": "Cloud Services (extended support) role instances should have an endpoint protection solution installed",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "Protect your Cloud Services (extended support) role instances from threats and vulnerabilities by ensuring an endpoint protection solution is installed on them.",
    "metadata": {
      "version": "1.0.0",
      "category": "Security Center"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "AuditIfNotExists",
          "Disabled"
        ],
        "defaultValue": "AuditIfNotExists"
      }
    },
    "policyRule": {
      "if": {
        "field": "type",
        "equals": "Microsoft.Compute/cloudServices"
      },
      "then": {
      "effect": "[parameters('effect')]",
        "details": {
          "type": "Microsoft.Security/assessments",
          "name": "e71020c2-860c-3235-cd39-04f3f8c936d2",
          "existenceCondition": {
            "field": "Microsoft.Security/assessments/status.code",
            "in": [
              "NotApplicable",
              "Healthy"
            ]
          }
        }
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/1e378679-f122-4a96-a739-a7729c46e1aa",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "1e378679-f122-4a96-a739-a7729c46e1aa"
}