AzPolicyAdvertizer

last sync: 2021-Oct-25 16:02:14 UTC

Azure Policy definition

Deploy - Configure Log Analytics extension to be enabled on Windows virtual machine scale sets

Name Deploy - Configure Log Analytics extension to be enabled on Windows virtual machine scale sets
Azure Portal

Id 3c1b3629-c8f8-4bf6-862c-037cb9094038

Version 2.0.1
details on versioning

Category Monitoring
Microsoft docs

Description Deploy Log Analytics extension for Windows virtual machine scale sets if the virtual machine image is in the list defined and the extension is not installed. If your scale set upgradePolicy is set to Manual, you need to apply the extension to all the virtual machine in the set by updating them.

Mode Indexed

Type BuiltIn

Preview FALSE

Deprecated FALSE

Effect Default: DeployIfNotExists
Allowed: (DeployIfNotExists, Disabled)

Used RBAC Role

Role Name	Role Id
Log Analytics Contributor	92aaf0da-9dab-42b6-94a3-d43ce8d16293
Virtual Machine Contributor	9980e02c-c2be-4d73-94e8-173b1dc7cf3c

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2021-09-27 15:52:17	change	Patch (2.0.0 > 2.0.1) *changes on text case sensitivity are not tracked
2021-03-02 15:11:40	change	Major (1.1.0 > 2.0.0)
2020-04-22 04:43:16	change	Previous DisplayName: [Preview]: Deploy Log Analytics Agent for Windows Virtual Machine Scale Sets
2020-02-29 21:43:10	change	Previous DisplayName: [Preview]: Deploy Log Analytics Agent for Windows VM Scale Sets (VMSS)

Used in Initiatives

Initiative DisplayName	Initiative Id	Initiative Category	State
Enable Azure Monitor for Virtual Machine Scale Sets	75714362-cae7-409e-9b99-a8e5075b7fad	Monitoring	GA

JSON Changes

Visual JSON JSON (Annotated)

Show unchanged values

JSON

{
  "displayName": "Deploy - Configure Log Analytics extension to be enabled on Windows virtual machine scale sets",
  "policyType": "BuiltIn",
  "mode": "Indexed",
  "description": "Deploy Log Analytics extension for Windows virtual machine scale sets if the virtual machine image is in the list defined and the extension is not installed. If your scale set upgradePolicy is set to Manual, you need to apply the extension to all the virtual machine in the set by updating them.",
  "metadata": {
    "version": "2.0.1",
    "category": "Monitoring"
  },
  "parameters": {
    "logAnalytics": {
      "type": "String",
      "metadata": {
        "displayName": "Log Analytics workspace",
        "description": "Log Analytics workspace is used to receive performance data. If this workspace is outside of the scope of the assignment you must manually grant 'Log Analytics Contributor' permissions (or similar) to the policy assignment's principal ID.",
        "strongType": "omsWorkspace",
        "assignPermissions": true
      }
    },
    "listOfImageIdToInclude": {
      "type": "Array",
      "metadata": {
        "displayName": "Optional: List of virtual machine images that have supported Windows OS to add to scope",
        "description": "Example value: '/subscriptions//resourceGroups/YourResourceGroup/providers/Microsoft.Compute/images/ContosoStdImage'"
      },
      "defaultValue": []
    },
    "effect": {
      "type": "String",
      "metadata": {
        "displayName": "Effect",
        "description": "Enable or disable the execution of the policy"
      },
      "allowedValues": [
        "DeployIfNotExists",
        "Disabled"
      ],
      "defaultValue": "DeployIfNotExists"
    }
  },
  "policyRule": {
    "if": {
      "allOf": [
        {
          "field": "type",
          "equals": "Microsoft.Compute/virtualMachineScaleSets"
        },
        {
          "anyOf": [
            {
              "field": "Microsoft.Compute/imageId",
              "in": "[parameters('listOfImageIdToInclude')]"
            },
            {
              "allOf": [
                {
                  "field": "Microsoft.Compute/imagePublisher",
                  "equals": "MicrosoftWindowsServer"
                },
                {
                  "field": "Microsoft.Compute/imageOffer",
                  "equals": "WindowsServer"
                },
                {
                  "field": "Microsoft.Compute/imageSKU",
                  "in": [
                    "2008-R2-SP1",
                    "2008-R2-SP1-smalldisk",
                    "2012-Datacenter",
                    "2012-Datacenter-smalldisk",
                    "2012-R2-Datacenter",
                    "2012-R2-Datacenter-smalldisk",
                    "2016-Datacenter",
                    "2016-Datacenter-Server-Core",
                    "2016-Datacenter-Server-Core-smalldisk",
                    "2016-Datacenter-smalldisk",
                    "2016-Datacenter-with-Containers",
                    "2016-Datacenter-with-RDSH",
                    "2019-Datacenter",
                    "2019-Datacenter-Core",
                    "2019-Datacenter-Core-smalldisk",
                    "2019-Datacenter-Core-with-Containers",
                    "2019-Datacenter-Core-with-Containers-smalldisk",
                    "2019-Datacenter-smalldisk",
                    "2019-Datacenter-with-Containers",
                    "2019-Datacenter-with-Containers-smalldisk",
                    "2019-Datacenter-zhcn"
                  ]
                }
              ]
            },
            {
              "allOf": [
                {
                  "field": "Microsoft.Compute/imagePublisher",
                  "equals": "MicrosoftWindowsServer"
                },
                {
                  "field": "Microsoft.Compute/imageOffer",
                  "equals": "WindowsServerSemiAnnual"
                },
                {
                  "field": "Microsoft.Compute/imageSKU",
                  "in": [
                    "Datacenter-Core-1709-smalldisk",
                    "Datacenter-Core-1709-with-Containers-smalldisk",
                    "Datacenter-Core-1803-with-Containers-smalldisk"
                  ]
                }
              ]
            },
            {
              "allOf": [
                {
                  "field": "Microsoft.Compute/imagePublisher",
                  "equals": "MicrosoftWindowsServerHPCPack"
                },
                {
                  "field": "Microsoft.Compute/imageOffer",
                  "equals": "WindowsServerHPCPack"
                }
              ]
            },
            {
              "allOf": [
                {
                  "field": "Microsoft.Compute/imagePublisher",
                  "equals": "MicrosoftSQLServer"
                },
                {
                  "anyOf": [
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "like": "*-WS2016"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "like": "*-WS2016-BYOL"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "like": "*-WS2012R2"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "like": "*-WS2012R2-BYOL"
                    }
                  ]
                }
              ]
            },
            {
              "allOf": [
                {
                  "field": "Microsoft.Compute/imagePublisher",
                  "equals": "MicrosoftRServer"
                },
                {
                  "field": "Microsoft.Compute/imageOffer",
                  "equals": "MLServer-WS2016"
                }
              ]
            },
            {
              "allOf": [
                {
                  "field": "Microsoft.Compute/imagePublisher",
                  "equals": "MicrosoftVisualStudio"
                },
                {
                  "field": "Microsoft.Compute/imageOffer",
                  "in": [
                    "VisualStudio",
                    "Windows"
                  ]
                }
              ]
            },
            {
              "allOf": [
                {
                  "field": "Microsoft.Compute/imagePublisher",
                  "equals": "MicrosoftDynamicsAX"
                },
                {
                  "field": "Microsoft.Compute/imageOffer",
                  "equals": "Dynamics"
                },
                {
                  "field": "Microsoft.Compute/imageSKU",
                  "equals": "Pre-Req-AX7-Onebox-U8"
                }
              ]
            },
            {
              "allOf": [
                {
                  "field": "Microsoft.Compute/imagePublisher",
                  "equals": "MicrosoftDynamicsAX"
                },
                {
                  "field": "Microsoft.Compute/imageOffer",
                  "equals": "Dynamics"
                },
                {
                  "field": "Microsoft.Compute/imageSKU",
                  "equals": "Pre-Req-AX7-Onebox-V4"
                }
              ]
            },
            {
              "allOf": [
                {
                  "field": "Microsoft.Compute/imagePublisher",
                  "equals": "microsoft-ads"
                },
                {
                  "field": "Microsoft.Compute/imageOffer",
                  "equals": "windows-data-science-vm"
                }
              ]
            },
            {
              "allOf": [
                {
                  "field": "Microsoft.Compute/imagePublisher",
                  "equals": "MicrosoftWindowsDesktop"
                },
                {
                  "field": "Microsoft.Compute/imageOffer",
                  "equals": "Windows-10"
                }
              ]
            }
          ]
        }
      ]
    },
    "then": {
      "effect": "[parameters('effect')]",
      "details": {
        "type": "Microsoft.Compute/virtualMachineScaleSets/extensions",
        "roleDefinitionIds": [
          "/providers/microsoft.authorization/roleDefinitions/92aaf0da-9dab-42b6-94a3-d43ce8d16293",
          "/providers/microsoft.authorization/roleDefinitions/9980e02c-c2be-4d73-94e8-173b1dc7cf3c"
        ],
        "existenceCondition": {
          "allOf": [
            {
              "field": "Microsoft.Compute/virtualMachineScaleSets/extensions/type",
              "equals": "MicrosoftMonitoringAgent"
            },
            {
              "field": "Microsoft.Compute/virtualMachineScaleSets/extensions/publisher",
              "equals": "Microsoft.EnterpriseCloud.Monitoring"
            }
          ]
        },
        "deployment": {
          "properties": {
            "mode": "incremental",
            "template": {
              "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
              "contentVersion": "1.0.0.0",
              "parameters": {
                "vmName": {
                  "type": "string"
                },
                "location": {
                  "type": "string"
                },
                "logAnalytics": {
                  "type": "string"
                }
              },
              "variables": {
                "vmExtensionName": "MicrosoftMonitoringAgent",
                "vmExtensionPublisher": "Microsoft.EnterpriseCloud.Monitoring",
                "vmExtensionType": "MicrosoftMonitoringAgent",
                "vmExtensionTypeHandlerVersion": "1.0"
              },
              "resources": [
                {
                  "name": "[concat(parameters('vmName'), '/', variables('vmExtensionName'))]",
                  "type": "Microsoft.Compute/virtualMachineScaleSets/extensions",
                  "location": "[parameters('location')]",
                  "apiVersion": "2018-06-01",
                  "properties": {
                    "publisher": "[variables('vmExtensionPublisher')]",
                    "type": "[variables('vmExtensionType')]",
                    "typeHandlerVersion": "[variables('vmExtensionTypeHandlerVersion')]",
                    "autoUpgradeMinorVersion": true,
                    "settings": {
                      "workspaceId": "[reference(parameters('logAnalytics'), '2015-03-20').customerId]",
                      "stopOnMultipleConnections": "true"
                    },
                    "protectedSettings": {
                      "workspaceKey": "[listKeys(parameters('logAnalytics'), '2015-03-20').primarySharedKey]"
                    }
                  }
                }
              ],
              "outputs": {
                "policy": {
                  "type": "string",
                  "value": "[concat('Enabled extension for: ', parameters('vmName'))]"
                }
              }
            },
            "parameters": {
              "vmName": {
                "value": "[field('name')]"
              },
              "location": {
                "value": "[field('location')]"
              },
              "logAnalytics": {
                "value": "[parameters('logAnalytics')]"
              }
            }
          }
        }
      }
    }
  }
}

AzPolicyAdvertizer

Azure Policy definition

Deploy - Configure Log Analytics extension to be enabled on Windows virtual machine scale sets

JSON Left

JSON Right