AzPolicyAdvertizer

last sync: 2021-Jan-27 16:54:46 UTC

Azure Policy definition

[Preview]: Audit Log Analytics Agent Deployment - VM Image (OS) unlisted

Name [Preview]: Audit Log Analytics Agent Deployment - VM Image (OS) unlisted
Azure Portal
Id 32133ab0-ee4b-4b44-98d6-042180979d50
Version 1.0.0-preview
details on versioning
Category Monitoring
Microsoft docs
Description Reports VMs as non-compliant if the VM Image (OS) is not in the list defined and the agent is not installed. The list of OS images will be updated over time as support is updated.
Mode Indexed
Type BuiltIn
Preview True
Deprecated FALSE
Effect Fixed: auditIfNotExists
Used RBAC Role none
History none
Used in Initiatives
Initiative DisplayName Initiative Id Initiative Category State
[Deprecated]: DOD Impact Level 4 8d792a84-723c-4d92-a3c3-e4ed16a2d133 Regulatory Compliance Deprecated
[Preview]: Australian Government ISM PROTECTED 27272c0b-c225-4cc3-b8b0-f2534b093077 Regulatory Compliance Preview
[Preview]: CMMC Level 3 b5629c75-5c77-4422-87b9-2509e680f8de Regulatory Compliance Preview
[Preview]: NIST SP 800-171 R2 03055927-78bd-4236-86c0-f36125a10dc9 Regulatory Compliance Preview
Canada Federal PBMM 4c4a5f27-de81-430b-b4e5-9cbd50595a87 Regulatory Compliance GA
Enable Azure Monitor for VMs 55f3eceb-5573-4f18-9695-226972c6d74a Monitoring GA
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA
FedRAMP Moderate e95f5a9f-57ad-4d03-bb0b-b1d16db93693 Regulatory Compliance GA
IRS1075 September 2016 105e0327-6175-4eb2-9af4-1fba43bdb39d Regulatory Compliance GA
ISO 27001:2013 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 Regulatory Compliance GA
NIST SP 800-53 R4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA
Json 
{
  "properties": {
  "displayName": "[Preview]: Audit Log Analytics Agent Deployment - VM Image (OS) unlisted",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "Reports VMs as non-compliant if the VM Image (OS) is not in the list defined and the agent is not installed. The list of OS images will be updated over time as support is updated.",
    "metadata": {
      "version": "1.0.0-preview",
      "category": "Monitoring",
      "preview": true
    },
    "parameters": {
      "listOfImageIdToInclude_windows": {
        "type": "Array",
        "metadata": {
        "displayName": "[Preview]: Optional: List of VM images that have supported Windows OS to add to scope",
          "description": "Example value: '/subscriptions//resourceGroups/YourResourceGroup/providers/Microsoft.Compute/images/ContosoStdImage'"
        },
        "defaultValue": [
          
        ]
      },
      "listOfImageIdToInclude_linux": {
        "type": "Array",
        "metadata": {
        "displayName": "[Preview]: Optional: List of VM images that have supported Linux OS to add to scope",
          "description": "Example value: '/subscriptions//resourceGroups/YourResourceGroup/providers/Microsoft.Compute/images/ContosoStdImage'"
        },
        "defaultValue": [
          
        ]
      }
    },
    "policyRule": {
      "if": {
        "allOf": [
          {
            "field": "type",
            "equals": "Microsoft.Compute/virtualMachines"
          },
          {
            "not": {
              "anyOf": [
                {
                  "anyOf": [
                    {
                      "field": "Microsoft.Compute/imageId",
                    "in": "[parameters('listOfImageIdToInclude_windows')]"
                    },
                    {
                      "field": "Microsoft.Compute/imageId",
                    "in": "[parameters('listOfImageIdToInclude_linux')]"
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftWindowsServer"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "equals": "WindowsServer"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "in": [
                            "2008-R2-SP1",
                            "2008-R2-SP1-smalldisk",
                            "2012-Datacenter",
                            "2012-Datacenter-smalldisk",
                            "2012-R2-Datacenter",
                            "2012-R2-Datacenter-smalldisk",
                            "2016-Datacenter",
                            "2016-Datacenter-Server-Core",
                            "2016-Datacenter-Server-Core-smalldisk",
                            "2016-Datacenter-smalldisk",
                            "2016-Datacenter-with-Containers",
                            "2016-Datacenter-with-RDSH",
                            "2019-Datacenter",
                            "2019-Datacenter-Core",
                            "2019-Datacenter-Core-smalldisk",
                            "2019-Datacenter-Core-with-Containers",
                            "2019-Datacenter-Core-with-Containers-smalldisk",
                            "2019-Datacenter-smalldisk",
                            "2019-Datacenter-with-Containers",
                            "2019-Datacenter-with-Containers-smalldisk",
                            "2019-Datacenter-zhcn"
                          ]
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftWindowsServer"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "equals": "WindowsServerSemiAnnual"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "in": [
                            "Datacenter-Core-1709-smalldisk",
                            "Datacenter-Core-1709-with-Containers-smalldisk",
                            "Datacenter-Core-1803-with-Containers-smalldisk"
                          ]
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftWindowsServerHPCPack"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "equals": "WindowsServerHPCPack"
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftSQLServer"
                        },
                        {
                          "anyOf": [
                            {
                              "field": "Microsoft.Compute/imageOffer",
                              "like": "*-WS2016"
                            },
                            {
                              "field": "Microsoft.Compute/imageOffer",
                              "like": "*-WS2016-BYOL"
                            },
                            {
                              "field": "Microsoft.Compute/imageOffer",
                              "like": "*-WS2012R2"
                            },
                            {
                              "field": "Microsoft.Compute/imageOffer",
                              "like": "*-WS2012R2-BYOL"
                            }
                          ]
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftRServer"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "equals": "MLServer-WS2016"
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftVisualStudio"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "in": [
                            "VisualStudio",
                            "Windows"
                          ]
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftDynamicsAX"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "equals": "Dynamics"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "equals": "Pre-Req-AX7-Onebox-U8"
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "microsoft-ads"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "equals": "windows-data-science-vm"
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftWindowsDesktop"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "equals": "Windows-10"
                        }
                      ]
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "RedHat"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "in": [
                        "RHEL",
                        "RHEL-SAP-HANA"
                      ]
                    },
                    {
                      "anyOf": [
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "6.*"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "7*"
                        }
                      ]
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "SUSE"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "in": [
                        "SLES",
                        "SLES-HPC",
                        "SLES-HPC-Priority",
                        "SLES-SAP",
                        "SLES-SAP-BYOS",
                        "SLES-Priority",
                        "SLES-BYOS",
                        "SLES-SAPCAL",
                        "SLES-Standard"
                      ]
                    },
                    {
                      "anyOf": [
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "12*"
                        }
                      ]
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "Canonical"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "equals": "UbuntuServer"
                    },
                    {
                      "anyOf": [
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "14.04*LTS"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "16.04*LTS"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "18.04*LTS"
                        }
                      ]
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "Oracle"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "equals": "Oracle-Linux"
                    },
                    {
                      "anyOf": [
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "6.*"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "7.*"
                        }
                      ]
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "OpenLogic"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "in": [
                        "CentOS",
                        "Centos-LVM",
                        "CentOS-SRIOV"
                      ]
                    },
                    {
                      "anyOf": [
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "6.*"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "7*"
                        }
                      ]
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "cloudera"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "equals": "cloudera-centos-os"
                    },
                    {
                      "field": "Microsoft.Compute/imageSKU",
                      "like": "7*"
                    }
                  ]
                }
              ]
            }
          }
        ]
      },
      "then": {
        "effect": "auditIfNotExists",
        "details": {
          "type": "Microsoft.Compute/virtualMachines/extensions",
          "existenceCondition": {
            "field": "Microsoft.Compute/virtualMachines/extensions/publisher",
            "equals": "Microsoft.EnterpriseCloud.Monitoring"
          }
        }
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/32133ab0-ee4b-4b44-98d6-042180979d50",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "32133ab0-ee4b-4b44-98d6-042180979d50"
}