last sync: 2023-Jun-09 17:46:13 UTC

Azure Policy definition

[Preview]: Configure supported Linux virtual machines to automatically install the Guest Attestation extension

Name [Preview]: Configure supported Linux virtual machines to automatically install the Guest Attestation extension
Azure Portal
Id 6074e9a3-c711-4856-976d-24d51f9e065b
Version 7.1.0-preview
details on versioning
Category Security Center
Microsoft docs
Description Configure supported Linux virtual machines to automatically install the Guest Attestation extension to allow Azure Security Center to proactively attest and monitor the boot integrity. Boot integrity is attested via Remote Attestation.
Mode Indexed
Type BuiltIn
Preview True
Deprecated FALSE
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
RBAC
Role(s)
Role Name Role Id
Virtual Machine Contributor 9980e02c-c2be-4d73-94e8-173b1dc7cf3c
Rule
Aliases
IF (8)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Compute/imageOffer Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.offer
properties.virtualMachineProfile.storageProfile.imageReference.offer
properties.creationData.imageReference.id
false
false
false
Microsoft.Compute/imagePublisher Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.publisher
properties.virtualMachineProfile.storageProfile.imageReference.publisher
properties.creationData.imageReference.id
false
false
false
Microsoft.Compute/imageSku Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.sku
properties.virtualMachineProfile.storageProfile.imageReference.sku
properties.creationData.imageReference.id
false
false
false
Microsoft.Compute/virtualMachines/securityProfile.securityType Microsoft.Compute virtualMachines properties.securityProfile.securityType false
Microsoft.Compute/virtualMachines/securityProfile.uefiSettings Microsoft.Compute virtualMachines properties.securityProfile.uefiSettings false
Microsoft.Compute/virtualMachines/securityProfile.uefiSettings.secureBootEnabled Microsoft.Compute virtualMachines properties.securityProfile.uefiSettings.secureBootEnabled false
Microsoft.Compute/virtualMachines/securityProfile.uefiSettings.vTpmEnabled Microsoft.Compute virtualMachines properties.securityProfile.uefiSettings.vTpmEnabled false
Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType Microsoft.Compute virtualMachines properties.storageProfile.osDisk.osType true
THEN-ExistenceCondition (3)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Compute/virtualMachines/extensions/provisioningState Microsoft.Compute virtualMachines/extensions properties.provisioningState false
Microsoft.Compute/virtualMachines/extensions/publisher Microsoft.Compute virtualMachines/extensions properties.publisher false
Microsoft.Compute/virtualMachines/extensions/type Microsoft.Compute virtualMachines/extensions properties.type false
Rule
ResourceTypes
IF (1)
Microsoft.Compute/virtualMachines
THEN-Deployment (1)
Microsoft.Compute/virtualMachines/extensions
Compliance Not a Compliance control
History
Date/Time (UTC ymd) (i) Change type Change detail
2023-02-27 19:03:54 change Minor, suffix remains equal (7.0.0-preview > 7.1.0-preview)
2022-09-27 16:35:32 change Major, suffix remains equal (6.0.0-preview > 7.0.0-preview)
2021-11-12 16:23:07 change Major, suffix remains equal (3.0.0-preview > 6.0.0-preview)
2021-10-22 15:42:38 change Major, suffix remains equal (2.0.0-preview > 3.0.0-preview)
2021-08-23 14:26:16 change Major, suffix remains equal (1.0.0-preview > 2.0.0-preview)
2021-05-04 14:34:06 add 6074e9a3-c711-4856-976d-24d51f9e065b
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
[Preview]: Configure prerequisites to enable Guest Attestation on Trusted Launch enabled VMs 281d9e47-d14d-4f05-b8eb-18f2c4a034ff Trusted Launch Preview BuiltIn
JSON