AzPolicyAdvertizer

last sync: 2020-Oct-23 19:29:54 UTC

Azure Policy

[Preview]: Audit Log Analytics Agent Deployment - VM Image (OS) unlisted

Name [Preview]: Audit Log Analytics Agent Deployment - VM Image (OS) unlisted
Id 32133ab0-ee4b-4b44-98d6-042180979d50
Version 1.0.0-preview
details on versioning
Category Monitoring
Description Reports VMs as non-compliant if the VM Image (OS) is not in the list defined and the agent is not installed. The list of OS images will be updated over time as support is updated.
Mode Indexed
Type BuiltIn
Preview True
Deprecated FALSE
Effect Fixed: auditIfNotExists
Used RBAC Role none
History none
Used in Initiatives
Initiative DisplayName Initiative Id
[Deprecated]: DOD Impact Level 4 8d792a84-723c-4d92-a3c3-e4ed16a2d133
[Preview]: Australian Government ISM PROTECTED 27272c0b-c225-4cc3-b8b0-f2534b093077
[Preview]: NIST SP 800-171 R2 03055927-78bd-4236-86c0-f36125a10dc9
Canada Federal PBMM 4c4a5f27-de81-430b-b4e5-9cbd50595a87
Enable Azure Monitor for VMs 55f3eceb-5573-4f18-9695-226972c6d74a
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f
FedRAMP Moderate e95f5a9f-57ad-4d03-bb0b-b1d16db93693
IRS1075 September 2016 105e0327-6175-4eb2-9af4-1fba43bdb39d
ISO 27001:2013 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2
NIST SP 800-53 R4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f
Json 
{
  "properties": {
  "displayName": "[Preview]: Audit Log Analytics Agent Deployment - VM Image (OS) unlisted",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "Reports VMs as non-compliant if the VM Image (OS) is not in the list defined and the agent is not installed. The list of OS images will be updated over time as support is updated.",
    "metadata": {
      "version": "1.0.0-preview",
      "category": "Monitoring",
      "preview": true
    },
    "parameters": {
      "listOfImageIdToInclude_windows": {
        "type": "Array",
        "metadata": {
        "displayName": "[Preview]: Optional: List of VM images that have supported Windows OS to add to scope",
          "description": "Example value: '/subscriptions//resourceGroups/YourResourceGroup/providers/Microsoft.Compute/images/ContosoStdImage'"
        },
        "defaultValue": [
          
        ]
      },
      "listOfImageIdToInclude_linux": {
        "type": "Array",
        "metadata": {
        "displayName": "[Preview]: Optional: List of VM images that have supported Linux OS to add to scope",
          "description": "Example value: '/subscriptions//resourceGroups/YourResourceGroup/providers/Microsoft.Compute/images/ContosoStdImage'"
        },
        "defaultValue": [
          
        ]
      }
    },
    "policyRule": {
      "if": {
        "allOf": [
          {
            "field": "type",
            "equals": "Microsoft.Compute/virtualMachines"
          },
          {
            "not": {
              "anyOf": [
                {
                  "anyOf": [
                    {
                      "field": "Microsoft.Compute/imageId",
                    "in": "[parameters('listOfImageIdToInclude_windows')]"
                    },
                    {
                      "field": "Microsoft.Compute/imageId",
                    "in": "[parameters('listOfImageIdToInclude_linux')]"
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftWindowsServer"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "equals": "WindowsServer"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "in": [
                            "2008-R2-SP1",
                            "2008-R2-SP1-smalldisk",
                            "2012-Datacenter",
                            "2012-Datacenter-smalldisk",
                            "2012-R2-Datacenter",
                            "2012-R2-Datacenter-smalldisk",
                            "2016-Datacenter",
                            "2016-Datacenter-Server-Core",
                            "2016-Datacenter-Server-Core-smalldisk",
                            "2016-Datacenter-smalldisk",
                            "2016-Datacenter-with-Containers",
                            "2016-Datacenter-with-RDSH",
                            "2019-Datacenter",
                            "2019-Datacenter-Core",
                            "2019-Datacenter-Core-smalldisk",
                            "2019-Datacenter-Core-with-Containers",
                            "2019-Datacenter-Core-with-Containers-smalldisk",
                            "2019-Datacenter-smalldisk",
                            "2019-Datacenter-with-Containers",
                            "2019-Datacenter-with-Containers-smalldisk",
                            "2019-Datacenter-zhcn"
                          ]
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftWindowsServer"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "equals": "WindowsServerSemiAnnual"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "in": [
                            "Datacenter-Core-1709-smalldisk",
                            "Datacenter-Core-1709-with-Containers-smalldisk",
                            "Datacenter-Core-1803-with-Containers-smalldisk"
                          ]
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftWindowsServerHPCPack"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "equals": "WindowsServerHPCPack"
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftSQLServer"
                        },
                        {
                          "anyOf": [
                            {
                              "field": "Microsoft.Compute/imageOffer",
                              "like": "*-WS2016"
                            },
                            {
                              "field": "Microsoft.Compute/imageOffer",
                              "like": "*-WS2016-BYOL"
                            },
                            {
                              "field": "Microsoft.Compute/imageOffer",
                              "like": "*-WS2012R2"
                            },
                            {
                              "field": "Microsoft.Compute/imageOffer",
                              "like": "*-WS2012R2-BYOL"
                            }
                          ]
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftRServer"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "equals": "MLServer-WS2016"
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftVisualStudio"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "in": [
                            "VisualStudio",
                            "Windows"
                          ]
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftDynamicsAX"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "equals": "Dynamics"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "equals": "Pre-Req-AX7-Onebox-U8"
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "microsoft-ads"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "equals": "windows-data-science-vm"
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftWindowsDesktop"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "equals": "Windows-10"
                        }
                      ]
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "RedHat"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "in": [
                        "RHEL",
                        "RHEL-SAP-HANA"
                      ]
                    },
                    {
                      "anyOf": [
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "6.*"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "7*"
                        }
                      ]
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "SUSE"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "in": [
                        "SLES",
                        "SLES-HPC",
                        "SLES-HPC-Priority",
                        "SLES-SAP",
                        "SLES-SAP-BYOS",
                        "SLES-Priority",
                        "SLES-BYOS",
                        "SLES-SAPCAL",
                        "SLES-Standard"
                      ]
                    },
                    {
                      "anyOf": [
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "12*"
                        }
                      ]
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "Canonical"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "equals": "UbuntuServer"
                    },
                    {
                      "anyOf": [
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "14.04*LTS"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "16.04*LTS"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "18.04*LTS"
                        }
                      ]
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "Oracle"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "equals": "Oracle-Linux"
                    },
                    {
                      "anyOf": [
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "6.*"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "7.*"
                        }
                      ]
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "OpenLogic"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "in": [
                        "CentOS",
                        "Centos-LVM",
                        "CentOS-SRIOV"
                      ]
                    },
                    {
                      "anyOf": [
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "6.*"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "7*"
                        }
                      ]
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "cloudera"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "equals": "cloudera-centos-os"
                    },
                    {
                      "field": "Microsoft.Compute/imageSKU",
                      "like": "7*"
                    }
                  ]
                }
              ]
            }
          }
        ]
      },
      "then": {
        "effect": "auditIfNotExists",
        "details": {
          "type": "Microsoft.Compute/virtualMachines/extensions",
          "existenceCondition": {
            "field": "Microsoft.Compute/virtualMachines/extensions/publisher",
            "equals": "Microsoft.EnterpriseCloud.Monitoring"
          }
        }
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/32133ab0-ee4b-4b44-98d6-042180979d50",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "32133ab0-ee4b-4b44-98d6-042180979d50"
}