AzPolicyAdvertizer

last sync: 2020-Jul-10 14:05:01 UTC

Azure Policy

Audit Log Analytics agent deployment in virtual machine scale sets - VM Image (OS) unlisted

Policy DisplayName Audit Log Analytics agent deployment in virtual machine scale sets - VM Image (OS) unlisted
Policy Id 5c3bc7b8-a64c-4e08-a9cd-7ff0f31e1138
Policy Category Monitoring
Policy Description Reports virtual machine scale sets as non-compliant if the VM Image (OS) is not in the list defined and the agent is not installed. The list of OS images will be updated over time as support is updated.
Policy Mode Indexed
Policy Type BuiltIn
Policy in Preview FALSE
Policy Deprecated FALSE
Policy Effect Fixed: auditIfNotExists
Roles used none
Policy Changes
Date/Time (UTC ymd) (i) Change Change detail
2020-04-22 04:43:16 change: DisplayName previous DisplayName: [Preview]: Audit Log Analytics Agent Deployment in Virtual Machine Scale Sets - VM Image (OS) unlisted
2020-02-29 21:43:10 change: DisplayName previous DisplayName: [Preview]: Audit Log Analytics Agent Deployment in VMSS - VM Image (OS) unlisted
Used in Policy Initiative(s)
Initiative DisplayName Initiative Id
[Preview]: NIST SP 800-171 R2 03055927-78bd-4236-86c0-f36125a10dc9
IRS1075 September 2016 105e0327-6175-4eb2-9af4-1fba43bdb39d
[Preview]: Australian Government ISM PROTECTED 27272c0b-c225-4cc3-b8b0-f2534b093077
Canada Federal PBMM 4c4a5f27-de81-430b-b4e5-9cbd50595a87
Enable Azure Monitor for Virtual Machine Scale Sets 75714362-cae7-409e-9b99-a8e5075b7fad
ISO 27001:2013 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2
[Deprecated]: DOD Impact Level 4 8d792a84-723c-4d92-a3c3-e4ed16a2d133
NIST SP 800-53 R4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f
FedRAMP Moderate e95f5a9f-57ad-4d03-bb0b-b1d16db93693
Policy Rule 
{
  "properties": {
    "displayName": "Audit Log Analytics agent deployment in virtual machine scale sets - VM Image (OS) unlisted",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "Reports virtual machine scale sets as non-compliant if the VM Image (OS) is not in the list defined and the agent is not installed. The list of OS images will be updated over time as support is updated.",
    "metadata": {
      "version": "1.0.1",
      "category": "Monitoring"
    },
    "parameters": {
      "listOfImageIdToInclude_windows": {
        "type": "Array",
        "metadata": {
          "displayName": "Optional: List of VM images that have supported Windows OS to add to scope",
          "description": "Example value: '/subscriptions//resourceGroups/YourResourceGroup/providers/Microsoft.Compute/images/ContosoStdImage'"
        },
        "defaultValue": [
          
        ]
      },
      "listOfImageIdToInclude_linux": {
        "type": "Array",
        "metadata": {
          "displayName": "Optional: List of VM images that have supported Linux OS to add to scope",
          "description": "Example value: '/subscriptions//resourceGroups/YourResourceGroup/providers/Microsoft.Compute/images/ContosoStdImage'"
        },
        "defaultValue": [
          
        ]
      }
    },
    "policyRule": {
      "if": {
        "allOf": [
          {
            "field": "type",
            "equals": "Microsoft.Compute/virtualMachineScaleSets"
          },
          {
            "not": {
              "anyOf": [
                {
                  "field": "Microsoft.Compute/imageId",
                "in": "[parameters('listOfImageIdToInclude_windows')]"
                },
                {
                  "field": "Microsoft.Compute/imageId",
                "in": "[parameters('listOfImageIdToInclude_linux')]"
                },
                {
                  "anyOf": [
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftWindowsServer"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "equals": "WindowsServer"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "in": [
                            "2008-R2-SP1",
                            "2008-R2-SP1-smalldisk",
                            "2012-Datacenter",
                            "2012-Datacenter-smalldisk",
                            "2012-R2-Datacenter",
                            "2012-R2-Datacenter-smalldisk",
                            "2016-Datacenter",
                            "2016-Datacenter-Server-Core",
                            "2016-Datacenter-Server-Core-smalldisk",
                            "2016-Datacenter-smalldisk",
                            "2016-Datacenter-with-Containers",
                            "2016-Datacenter-with-RDSH",
                            "2019-Datacenter",
                            "2019-Datacenter-Core",
                            "2019-Datacenter-Core-smalldisk",
                            "2019-Datacenter-Core-with-Containers",
                            "2019-Datacenter-Core-with-Containers-smalldisk",
                            "2019-Datacenter-smalldisk",
                            "2019-Datacenter-with-Containers",
                            "2019-Datacenter-with-Containers-smalldisk",
                            "2019-Datacenter-zhcn"
                          ]
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftWindowsServer"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "equals": "WindowsServerSemiAnnual"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "in": [
                            "Datacenter-Core-1709-smalldisk",
                            "Datacenter-Core-1709-with-Containers-smalldisk",
                            "Datacenter-Core-1803-with-Containers-smalldisk"
                          ]
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftWindowsServerHPCPack"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "equals": "WindowsServerHPCPack"
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftSQLServer"
                        },
                        {
                          "anyOf": [
                            {
                              "field": "Microsoft.Compute/imageOffer",
                              "like": "*-WS2016"
                            },
                            {
                              "field": "Microsoft.Compute/imageOffer",
                              "like": "*-WS2016-BYOL"
                            },
                            {
                              "field": "Microsoft.Compute/imageOffer",
                              "like": "*-WS2012R2"
                            },
                            {
                              "field": "Microsoft.Compute/imageOffer",
                              "like": "*-WS2012R2-BYOL"
                            }
                          ]
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftRServer"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "equals": "MLServer-WS2016"
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftVisualStudio"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "in": [
                            "VisualStudio",
                            "Windows"
                          ]
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftDynamicsAX"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "equals": "Dynamics"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "equals": "Pre-Req-AX7-Onebox-U8"
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "microsoft-ads"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "equals": "windows-data-science-vm"
                        }
                      ]
                    },
                    {
                      "allOf": [
                        {
                          "field": "Microsoft.Compute/imagePublisher",
                          "equals": "MicrosoftWindowsDesktop"
                        },
                        {
                          "field": "Microsoft.Compute/imageOffer",
                          "equals": "Windows-10"
                        }
                      ]
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "RedHat"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "in": [
                        "RHEL",
                        "RHEL-SAP-HANA"
                      ]
                    },
                    {
                      "anyOf": [
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "6.*"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "7*"
                        }
                      ]
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "SUSE"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "in": [
                        "SLES",
                        "SLES-HPC",
                        "SLES-HPC-Priority",
                        "SLES-SAP",
                        "SLES-SAP-BYOS",
                        "SLES-Priority",
                        "SLES-BYOS",
                        "SLES-SAPCAL",
                        "SLES-Standard"
                      ]
                    },
                    {
                      "anyOf": [
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "12*"
                        }
                      ]
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "Canonical"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "equals": "UbuntuServer"
                    },
                    {
                      "anyOf": [
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "14.04*LTS"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "16.04*LTS"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "18.04*LTS"
                        }
                      ]
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "Oracle"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "equals": "Oracle-Linux"
                    },
                    {
                      "anyOf": [
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "6.*"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "7.*"
                        }
                      ]
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "OpenLogic"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "in": [
                        "CentOS",
                        "Centos-LVM",
                        "CentOS-SRIOV"
                      ]
                    },
                    {
                      "anyOf": [
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "6.*"
                        },
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "like": "7*"
                        }
                      ]
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "cloudera"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "equals": "cloudera-centos-os"
                    },
                    {
                      "field": "Microsoft.Compute/imageSKU",
                      "like": "7*"
                    }
                  ]
                }
              ]
            }
          }
        ]
      },
      "then": {
        "effect": "auditIfNotExists",
        "details": {
          "type": "Microsoft.Compute/virtualMachineScaleSets/extensions",
          "existenceCondition": {
            "field": "Microsoft.Compute/virtualMachineScaleSets/extensions/publisher",
            "equals": "Microsoft.EnterpriseCloud.Monitoring"
          }
        }
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/5c3bc7b8-a64c-4e08-a9cd-7ff0f31e1138",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "5c3bc7b8-a64c-4e08-a9cd-7ff0f31e1138"
}