AzPolicyAdvertizer

last sync: 2022-Sep-26 16:35:35 UTC

Azure Policy definition

Add system-assigned managed identity to enable Guest Configuration assignments on virtual machines with no identities

Name Add system-assigned managed identity to enable Guest Configuration assignments on virtual machines with no identities
Azure Portal
Id 3cf2ab00-13f1-4d0c-8971-2ac904541a7e
Version 4.0.0
details on versioning
Category Guest Configuration
Microsoft docs
Description This policy adds a system-assigned managed identity to virtual machines hosted in Azure that are supported by Guest Configuration but do not have any managed identities. A system-assigned managed identity is a prerequisite for all Guest Configuration assignments and must be added to machines before using any Guest Configuration policy definitions. For more information on Guest Configuration, visit https://aka.ms/gcpol.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Fixed: modify
Used RBAC Role
Role Name Role Id
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c
Rule Aliases IF (6)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Compute/imageOffer Microsoft.Compute
Microsoft.Compute
Microsoft.Compute		 virtualMachines
virtualMachineScaleSets
disks		 properties.storageProfile.imageReference.offer
properties.virtualMachineProfile.storageProfile.imageReference.offer
properties.creationData.imageReference.id		 false
false
false
Microsoft.Compute/imagePublisher Microsoft.Compute
Microsoft.Compute
Microsoft.Compute		 virtualMachines
virtualMachineScaleSets
disks		 properties.storageProfile.imageReference.publisher
properties.virtualMachineProfile.storageProfile.imageReference.publisher
properties.creationData.imageReference.id		 false
false
false
Microsoft.Compute/imageSKU Microsoft.Compute
Microsoft.Compute
Microsoft.Compute		 virtualMachines
virtualMachineScaleSets
disks		 properties.storageProfile.imageReference.sku
properties.virtualMachineProfile.storageProfile.imageReference.sku
properties.creationData.imageReference.id		 false
false
false
Microsoft.Compute/virtualMachines/osProfile.linuxConfiguration Microsoft.Compute virtualMachines properties.osProfile.linuxConfiguration true
Microsoft.Compute/virtualMachines/osProfile.windowsConfiguration Microsoft.Compute virtualMachines properties.osProfile.windowsConfiguration true
Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType Microsoft.Compute virtualMachines properties.storageProfile.osDisk.osType true
Rule ResourceTypes IF (1)
Microsoft.Compute/virtualMachines
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-03-18 17:53:47 change Major (3.0.0 > 4.0.0)
2022-02-18 17:44:00 change Major (2.0.0 > 3.0.0)
2022-01-28 17:51:01 change Major (1.1.0 > 2.0.0)
2021-12-06 22:17:57 change Minor (1.0.0 > 1.1.0)
2020-09-15 14:06:41 change Previous DisplayName: [Preview]: Add system-assigned managed identity to enable Guest Configuration assignments on virtual machines with no identities
2020-07-17 15:57:10 add 3cf2ab00-13f1-4d0c-8971-2ac904541a7e
2020-06-29 05:46:45 remove 3cf2ab00-13f1-4d0c-8971-2ac904541a7e
2020-06-23 16:03:25 add 3cf2ab00-13f1-4d0c-8971-2ac904541a7e
Used in Initiatives
Initiative DisplayName Initiative Id Initiative Category State Type
[Deprecated]: Azure Security Benchmark v1 42a694ed-f65e-42b2-aa9e-8052e9740a92 Regulatory Compliance Deprecated BuiltIn
[Deprecated]: DoD Impact Level 4 8d792a84-723c-4d92-a3c3-e4ed16a2d133 Regulatory Compliance Deprecated BuiltIn
[Preview]: Australian Government ISM PROTECTED 27272c0b-c225-4cc3-b8b0-f2534b093077 Regulatory Compliance Preview BuiltIn
[Preview]: CMMC 2.0 Level 2 4e50fd13-098b-3206-61d6-d1d78205cb45 Regulatory Compliance Preview BuiltIn
[Preview]: Motion Picture Association of America (MPAA) 92646f03-e39d-47a9-9e24-58d60ef49af8 Regulatory Compliance Preview BuiltIn
[Preview]: SWIFT CSP-CSCF v2020 3e0c67fc-8c7c-406c-89bd-6b6bdc986a22 Regulatory Compliance Preview BuiltIn
[Preview]: SWIFT CSP-CSCF v2021 abf84fac-f817-a70c-14b5-47eec767458a Regulatory Compliance Preview BuiltIn
[Preview]: SWIFT CSP-CSCF v2022 7bc7cd6c-4114-ff31-3cac-59be3157596d Regulatory Compliance Preview BuiltIn
Canada Federal PBMM 4c4a5f27-de81-430b-b4e5-9cbd50595a87 Regulatory Compliance GA BuiltIn
CMMC Level 3 b5629c75-5c77-4422-87b9-2509e680f8de Regulatory Compliance GA BuiltIn
Deploy prerequisites to enable Guest Configuration policies on virtual machines 12794019-7a00-42cf-95c2-882eed337cc8 Guest Configuration GA BuiltIn
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
FedRAMP Moderate e95f5a9f-57ad-4d03-bb0b-b1d16db93693 Regulatory Compliance GA BuiltIn
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn
IRS1075 September 2016 105e0327-6175-4eb2-9af4-1fba43bdb39d Regulatory Compliance GA BuiltIn
ISO 27001:2013 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 Regulatory Compliance GA BuiltIn
NIST SP 800-171 Rev. 2 03055927-78bd-4236-86c0-f36125a10dc9 Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn
PCI v3.2.1:2018 496eeda9-8f2f-4d5e-8dfd-204f0a92ed41 Regulatory Compliance GA BuiltIn
UK OFFICIAL and UK NHS 3937f550-eedd-4639-9c5e-294358be442e Regulatory Compliance GA BuiltIn
JSON Changes

JSON