last sync: 2025-Jul-25 17:39:48 UTC

[Deprecated]: Configure Azure Arc-enabled Windows machines with Log Analytics agents connected to default Log Analytics workspace

Azure BuiltIn Policy definition

Source Azure Portal
Display name [Deprecated]: Configure Azure Arc-enabled Windows machines with Log Analytics agents connected to default Log Analytics workspace
Id 594c1276-f44f-482d-9910-71fac2ce5ae0
Version 1.2.0-deprecated
Details on versioning
Versioning Versions supported for Versioning: 2
1.2.0 (1.2.0-deprecated)
1.1.0-preview
Built-in Versioning [Preview]
Category Monitoring
Microsoft Learn
Description Protect your Azure Arc-enabled Windows machines with Microsoft Defender for Cloud capabilities, by installing Log Analytics agents that send data to a default Log Analytics workspace created by Microsoft Defender for Cloud.
Cloud environments AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown
Available in AzUSGov Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Mode Indexed
Type BuiltIn
Preview False
Deprecated True
Effect Default
Disabled
Allowed
DeployIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c
Rule aliases IF (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.HybridCompute/machines/osName Microsoft.HybridCompute machines properties.osName True False
THEN-ExistenceCondition (3)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.HybridCompute/machines/extensions/provisioningState Microsoft.HybridCompute machines/extensions properties.provisioningState True False
Microsoft.HybridCompute/machines/extensions/publisher Microsoft.HybridCompute machines/extensions properties.publisher True False
Microsoft.HybridCompute/machines/extensions/type Microsoft.HybridCompute machines/extensions properties.type True False
Rule resource types IF (1)
THEN-Deployment (5)
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2025-01-30 19:26:44 change Minor, suffix changed: new suffix: deprecated; old suffix: preview (1.1.0-preview > 1.2.0-deprecated)
2022-01-28 17:51:01 change Minor, suffix remains equal (1.0.0-preview > 1.1.0-preview)
2022-01-07 18:14:35 add 594c1276-f44f-482d-9910-71fac2ce5ae0
JSON compare
compare mode: version left: version right:
1.1.0-preview → 1.2.0-deprecated RENAMED
@@ -1,13 +1,13 @@
1
  {
2
- "displayName": "[Preview]: Configure Azure Arc-enabled Windows machines with Log Analytics agents connected to default Log Analytics workspace",
3
  "policyType": "BuiltIn",
4
  "mode": "Indexed",
5
  "description": "Protect your Azure Arc-enabled Windows machines with Microsoft Defender for Cloud capabilities, by installing Log Analytics agents that send data to a default Log Analytics workspace created by Microsoft Defender for Cloud.",
6
  "metadata": {
7
  "category": "Monitoring",
8
- "version": "1.1.0-preview",
9
- "preview": true
10
  },
11
  "parameters": {
12
  "effect": {
13
  "type": "String",
@@ -18,9 +18,9 @@
18
  "allowedValues": [
19
  "DeployIfNotExists",
20
  "Disabled"
21
  ],
22
- "defaultValue": "DeployIfNotExists"
23
  }
24
  },
25
  "policyRule": {
26
  "if": {
 
1
  {
2
+ "displayName": "[Deprecated]: Configure Azure Arc-enabled Windows machines with Log Analytics agents connected to default Log Analytics workspace",
3
  "policyType": "BuiltIn",
4
  "mode": "Indexed",
5
  "description": "Protect your Azure Arc-enabled Windows machines with Microsoft Defender for Cloud capabilities, by installing Log Analytics agents that send data to a default Log Analytics workspace created by Microsoft Defender for Cloud.",
6
  "metadata": {
7
  "category": "Monitoring",
8
+ "version": "1.2.0-deprecated",
9
+ "deprecated": true
10
  },
11
  "parameters": {
12
  "effect": {
13
  "type": "String",
 
18
  "allowedValues": [
19
  "DeployIfNotExists",
20
  "Disabled"
21
  ],
22
+ "defaultValue": "Disabled"
23
  }
24
  },
25
  "policyRule": {
26
  "if": {
JSON
api-version=2021-06-01
EPAC
{7 items
  • displayName: "[Deprecated]: Configure Azure Arc-enabled Windows machines with Log Analytics agents connected to default Log Analytics workspace",
  • policyType: "BuiltIn",
  • mode: "Indexed",
  • description: "Protect your Azure Arc-enabled Windows machines with Microsoft Defender for Cloud capabilities, by installing Log Analytics agents that send data to a default Log Analytics workspace created by Microsoft Defender for Cloud.",
  • metadata: {3 items
    • category: "Monitoring",
    • version: "1.2.0-deprecated",
    • deprecated: true
    },
  • parameters: {1 item},
  • policyRule: {2 items
    • if: {1 item
      • allOf: [2 items
        • {2 items
          • field: "type",
          • equals: "Microsoft.HybridCompute/machines"
          },
        • {2 items
          • field: "Microsoft.HybridCompute/machines/osName",
          • equals: "windows"
          }
        ]
      },
    • then: {2 items
      • effect: "[parameters('effect')]",
      • details: {5 items
        • deploymentScope: "subscription",
        • type: "Microsoft.HybridCompute/machines/extensions",
        • roleDefinitionIds: [1 item
          • "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" Contributor
          ],
        • existenceCondition: {1 item
          • allOf: [3 items
            • {2 items
              • field: "Microsoft.HybridCompute/machines/extensions/type",
              • equals: "MicrosoftMonitoringAgent"
              },
            • {2 items
              • field: "Microsoft.HybridCompute/machines/extensions/publisher",
              • equals: "Microsoft.EnterpriseCloud.Monitoring"
              },
            • {2 items
              • field: "Microsoft.HybridCompute/machines/extensions/provisioningState",
              • equals: "Succeeded"
              }
            ]
          },
        • deployment: {2 items
          • location: "eastus",
          • properties: {3 items
            • mode: "incremental",
            • template: {5 items
              • $schema: "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
              • contentVersion: "1.0.0.0",
              • parameters: {3 items},
              • variables: {10 items
                • locationLongNameToShortMap: {31 items
                  • australiacentral: "CAU",
                  • australiaeast: "EAU",
                  • australiasoutheast: "SEAU",
                  • brazilsouth: "CQ",
                  • canadacentral: "CCA",
                  • centralindia: "CIN",
                  • centralus: "CUS",
                  • eastasia: "EA",
                  • eastus2euap: "eus2p",
                  • eastus: "EUS",
                  • eastus2: "EUS2",
                  • francecentral: "PAR",
                  • germanywestcentral: "DEWC",
                  • japaneast: "EJP",
                  • koreacentral: "SE",
                  • northcentralus: "NCUS",
                  • northeurope: "NEU",
                  • norwayeast: "NOE",
                  • southcentralus: "SCUS",
                  • southeastasia: "SEA",
                  • switzerlandnorth: "CHN",
                  • switzerlandwest: "CHW",
                  • southafricanorth: "JNB",
                  • swedencentral: "SEC",
                  • uaenorth: "DXB",
                  • uksouth: "SUK",
                  • ukwest: "WUK",
                  • westcentralus: "WCUS",
                  • westeurope: "WEU",
                  • westus: "WUS",
                  • westus2: "WUS2"
                  },
                • selectedLocation: 🔍"[ if( variables( 'isContainLocation' ), variables( 'locationLongNameToShortMap' )[ parameters('location') ], parameters('location') ) ]",
                • locationCode: 🔍"[ if( lessOrEquals( length( variables( 'selectedLocation' ) ), 8 ), variables( 'selectedLocation' ), concat( substring( variables( 'selectedLocation' ), 0, 6 ), substring( variables( 'selectedLocation' ), sub( length( variables( 'selectedLocation' ) ), 2 ), 2 ) ) ) ]",
                • subscriptionId: "[subscription().subscriptionId]",
                • defaultRGName: 🔍"[ concat( 'DefaultResourceGroup-', variables( 'locationCode' ) ) ]",
                • defaultRGLocation: "[parameters('location')]",
                • workspaceName: 🔍"[ concat( 'DefaultWorkspace-', variables( 'subscriptionId' ), '-', variables( 'locationCode' ) ) ]",
                • deployDefaultAscResourceGroup: 🔍"[ concat( 'deployDefaultAscResourceGroup-', uniqueString( deployment().name ) ) ]",
                • deployExtension: 🔍"[ concat( 'deployExtension-', uniqueString( deployment().name ) ) ]",
                • isContainLocation: 🔍"[ contains( variables( 'locationLongNameToShortMap' ), parameters('location') ) ]"
                },
              • resources: [3 items]
              },
            • parameters: {3 items}
            }
          }
        }
      }
    }
}