AzPolicyAdvertizer

last sync: 2023-Jun-09 17:46:13 UTC

Azure Policy definition

Deploy default Microsoft IaaSAntimalware extension for Windows Server

Name

Deploy default Microsoft IaaSAntimalware extension for Windows Server
Azure Portal

2835b622-407b-4114-9198-6f7064cbe0dc

Version

1.1.0
details on versioning

Category

Compute
Microsoft docs

Description

This policy deploys a Microsoft IaaSAntimalware extension with a default configuration when a VM is not configured with the antimalware extension.

Mode

Indexed

Type

BuiltIn

Preview

FALSE

Deprecated

FALSE

Effect

Fixed
deployIfNotExists

RBAC
Role(s)

Role Name	Role Id
Virtual Machine Contributor	9980e02c-c2be-4d73-94e8-173b1dc7cf3c

Rule
Aliases

IF (3)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.Compute/imageOffer	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.offer properties.virtualMachineProfile.storageProfile.imageReference.offer properties.creationData.imageReference.id	false false false
Microsoft.Compute/imagePublisher	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.publisher properties.virtualMachineProfile.storageProfile.imageReference.publisher properties.creationData.imageReference.id	false false false
Microsoft.Compute/imageSKU	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.sku properties.virtualMachineProfile.storageProfile.imageReference.sku properties.creationData.imageReference.id	false false false

THEN-ExistenceCondition (2)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.Compute/virtualMachines/extensions/publisher	Microsoft.Compute	virtualMachines/extensions	properties.publisher	false
Microsoft.Compute/virtualMachines/extensions/type	Microsoft.Compute	virtualMachines/extensions	properties.type	false

Rule
ResourceTypes

IF (1)
Microsoft.Compute/virtualMachines
THEN-Deployment (1)
Microsoft.Compute/virtualMachines/extensions

Compliance

The following 1 compliance controls are associated with this Policy definition 'Deploy default Microsoft IaaSAntimalware extension for Windows Server' (2835b622-407b-4114-9198-6f7064cbe0dc)

Control Domain	Control	Name	MetadataId	Category	Title	Owner	Requirements	Description	Info	Policy#
hipaa	0201.09j1Organizational.124-09.j	hipaa-0201.09j1Organizational.124-09.j	0201.09j1Organizational.124-09.j	02 Endpoint Protection	0201.09j1Organizational.124-09.j 09.04 Protection Against Malicious and Mobile Code	Shared	n/a	Anti-virus and anti-spyware are installed, operating and updated on all end-user devices to conduct periodic scans of the systems to identify and remove unauthorized software. Server environments for which the server software developer specifically recommends not installing host-based anti-virus and anti-spyware software are addressed via a network-based malware detection (NBMD) solution.		18

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2022-05-27 20:20:35	change	Minor (1.0.0 > 1.1.0)

Initiatives
usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type
[Preview]: Motion Picture Association of America (MPAA)	92646f03-e39d-47a9-9e24-58d60ef49af8	Regulatory Compliance	Preview	BuiltIn
HITRUST/HIPAA	a169a624-5599-4385-a696-c8d643089fab	Regulatory Compliance	GA	BuiltIn

JSON