Source
Azure Portal
Display name
[Preview]: Deploy Microsoft Defender for Endpoint agent on Windows Azure Arc machines
Id
37c043a6-6d64-656d-6465-b362dfeb354a Copy Id Copy resourceId
Version
2.0.1-preview Details on versioning
Versioning
Versions supported for Versioning: 1 2.0.1-preview Built-in Versioning [Preview]
Category
Security Center Microsoft Learn
Description
Deploys Microsoft Defender for Endpoint on Windows Azure Arc machines.
Cloud environments
AzureCloud = true AzureUSGovernment = unknown AzureChinaCloud = unknown
Available in AzUSGov
Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Mode
Indexed
Type
BuiltIn
Preview
True
Deprecated
False
Effect
Default DeployIfNotExists
Allowed DeployIfNotExists, AuditIfNotExists, Disabled
RBAC role(s)
Rule aliases
IF (2)
THEN-ExistenceCondition (3)
Rule resource types
IF (1)
THEN-Deployment (2)
Compliance
Not a Compliance control
Initiatives usage
Records: 10 25 100 200 Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
< ,
<= ,
> ,
>= ,
= ,
* ,
! ,
{ ,
} ,
|| ,
&& ,
[empty] ,
[nonempty] ,
rgx: Learn more ? Page 1 of 1
Clear Security Center Clear Preview Clear BuiltIn
Initiative DisplayName
Initiative Id
Initiative Category
State
Type
polSet in AzUSGov
[Preview]: Deploy Microsoft Defender for Endpoint agent
e20d08c5-6d64-656d-6465-ce9e37fd0ebc
Security Center
Preview BuiltIn
unknown
No results
History
Date/Time (UTC ymd) (i)
Change type
Change detail
2022-06-07 16:30:19
change
Patch, suffix remains equal (2.0.0-preview > 2.0.1-preview)
2022-04-15 17:17:14
change
Major, suffix remains equal (1.0.0-preview > 2.0.0-preview)
2022-02-18 17:44:00
add
37c043a6-6d64-656d-6465-b362dfeb354a
JSON compareHide
compare mode:
side-by-side
line-by-line
version left: 2.0.0-preview 1.0.0-preview
version right: 2.0.1-preview 2.0.0-preview 1.0.0-preview
@@ -4,9 +4,9 @@
4
"mode": "Indexed",
5
"description": "Deploys Microsoft Defender for Endpoint on Windows Azure Arc machines.",
6
"metadata": {
7
"category": "Security Center",
8
-
"version": "2.0.0-preview",
9
"preview": true
10
},
11
"parameters": {
12
"effect": {
@@ -71,9 +71,9 @@
71
"then": {
72
"effect": "[parameters('effect')]",
73
"details": {
74
"roleDefinitionIds": [
75
-
"/providers/microsoft.authorization/roleDefinitions/fb1c8493-542b-48eb-b624-b4c8fea62acd"
76
],
77
"type": "Microsoft.HybridCompute/machines/extensions",
78
"name": "MDE.Windows",
79
"existenceCondition": {
@@ -132,9 +132,10 @@
132
"type": "MDE.Windows",
133
"typeHandlerVersion": "1.0",
134
"settings": {
135
"azureResourceId": "[parameters('azureResourceId')]",
136
-
"vNextEnabled": "true"
137
},
138
"protectedSettings": {
139
"defenderForEndpointOnboardingScript": "[reference(subscriptionResourceId('Microsoft.Security/mdeOnboardings', 'Windows'), '2021-10-01-preview', 'full').properties.onboardingPackageWindows]"
140
}
4
"mode": "Indexed",
5
"description": "Deploys Microsoft Defender for Endpoint on Windows Azure Arc machines.",
6
"metadata": {
7
"category": "Security Center",
8
+
"version": "2.0.1 -preview",
9
"preview": true
10
},
11
"parameters": {
12
"effect": {
71
"then": {
72
"effect": "[parameters('effect')]",
73
"details": {
74
"roleDefinitionIds": [
75
+
"/providers/microsoft.authorization/roleDefinitions/b24988ac -6180 -42a0 -ab88 -20f7382dd24c "
76
],
77
"type": "Microsoft.HybridCompute/machines/extensions",
78
"name": "MDE.Windows",
79
"existenceCondition": {
132
"type": "MDE.Windows",
133
"typeHandlerVersion": "1.0",
134
"settings": {
135
"azureResourceId": "[parameters('azureResourceId')]",
136
+
"vNextEnabled": "true",
137
+
"installedBy": "Policy"
138
},
139
"protectedSettings": {
140
"defenderForEndpointOnboardingScript": "[reference(subscriptionResourceId('Microsoft.Security/mdeOnboardings', 'Windows'), '2021-10-01-preview', 'full').properties.onboardingPackageWindows]"
141
}
JSON
api-version=2021-06-01
Copy definition Copy definition 4 EPAC EPAC
{ 7 items displayName: "[Preview]: Deploy Microsoft Defender for Endpoint agent on Windows Azure Arc machines" , policyType: "BuiltIn" , mode: "Indexed" , description: "Deploys Microsoft Defender for Endpoint on Windows Azure Arc machines." , metadata: { 3 items category: "Security Center" , version: "2.0.1-preview" , preview: true } , parameters: { 1 item } , policyRule: { 2 items if: { 1 item allOf: [ 4 items { 2 items field: "type" , equals: "Microsoft.HybridCompute/machines" } , { 2 items field: "Microsoft.HybridCompute/machines/osName" , like: "windows*" } , { 2 items field: "tags['MDFCSecurityConnector']" , notEquals: "true" } , { 1 item anyOf: [ 6 items { 2 items field: "Microsoft.HybridCompute/machines/osSku" , contains: "2012" } , { 2 items field: "Microsoft.HybridCompute/machines/osSku" , contains: "2016" } , { 2 items field: "Microsoft.HybridCompute/machines/osSku" , contains: "2019" } , { 2 items field: "Microsoft.HybridCompute/machines/osSku" , contains: "2022" } , { 2 items field: "Microsoft.HybridCompute/machines/osSku" , equals: "Windows 10 Enterprise multi-session" } , { 2 items field: "Microsoft.HybridCompute/machines/osSku" , equals: "Windows 10 Enterprise for Virtual Desktops" } ] } ] } , then: { 2 items effect: "[parameters('effect')]" , details: { 5 items roleDefinitionIds: [ 1 item "/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" Contributor ] , type: "Microsoft.HybridCompute/machines/extensions" , name: "MDE.Windows" , existenceCondition: { 1 item allOf: [ 3 items { 2 items field: "Microsoft.HybridCompute/machines/extensions/publisher" , equals: "Microsoft.Azure.AzureDefenderForServers" } , { 2 items field: "Microsoft.HybridCompute/machines/extensions/type" , equals: "MDE.Windows" } , { 2 items field: "Microsoft.HybridCompute/machines/extensions/provisioningState" , equals: "Succeeded" } ] } , deployment: { 1 item properties: { 3 items mode: "incremental" , parameters: { 3 items } , template: { 4 items $schema: "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" , contentVersion: "1.0.0.0" , parameters: { 3 items } , resources: [ 1 item { 5 items apiVersion: "2019-12-12" , name: 🔍 "[
concat(
parameters('vmName'),
'/MDE.Windows'
)
]", type: "Microsoft.HybridCompute/machines/extensions" , location: "[parameters('location')]" , properties: { 6 items autoUpgradeMinorVersion: true , publisher: "Microsoft.Azure.AzureDefenderForServers" , type: "MDE.Windows" , typeHandlerVersion: "1.0" , settings: { 3 items azureResourceId: "[parameters('azureResourceId')]" , vNextEnabled: "true" , installedBy: "Policy" } , protectedSettings: { 1 item defenderForEndpointOnboardingScript: 🔍 "[
reference(
subscriptionResourceId(
'Microsoft.Security/mdeOnboardings',
'Windows'
),
'2021-10-01-preview',
'full'
).properties.onboardingPackageWindows
]" } } } ] } } } } } } }