last sync: 2021-Sep-22 19:36:51 UTC

Azure Policy definition

[Deprecated]: Show audit results from Windows web servers that are not using secure communication protocols

Name [Deprecated]: Show audit results from Windows web servers that are not using secure communication protocols
Azure Portal
Id 60ffe3e2-4604-4460-8f22-0f1da058266c
Version 1.0.0-deprecated
details on versioning
Category Guest Configuration
Microsoft docs
Description This policy should only be used along with its corresponding deploy policy in an initiative. This definition allows Azure Policy to process the results of auditing Windows web servers that are not using secure communication protocols (TLS 1.1 or TLS 1.2). For more information on Guest Configuration policies, please visit https://aka.ms/gcpol
Mode All
Type BuiltIn
Preview FALSE
Deprecated True
Effect Fixed: auditIfNotExists
Used RBAC Role none
History
Date/Time (UTC ymd) (i) Change type Change detail
2020-09-09 11:24:03 change Previous DisplayName: Show audit results from Windows web servers that are not using secure communication protocols
Used in Initiatives
Initiative DisplayName Initiative Id Initiative Category State
[Deprecated]: Audit Windows web servers that are not using secure communication protocols 8bc55e6b-e9d5-4266-8dac-f688d151ec9c Guest Configuration Deprecated
JSON
{
  "displayName": "[Deprecated]: Show audit results from Windows web servers that are not using secure communication protocols",
  "policyType": "BuiltIn",
  "mode": "All",
  "description": "This policy should only be used along with its corresponding deploy policy in an initiative. This definition allows Azure Policy to process the results of auditing Windows web servers that are not using secure communication protocols (TLS 1.1 or TLS 1.2). For more information on Guest Configuration policies, please visit https://aka.ms/gcpol",
  "metadata": {
    "version": "1.0.0-deprecated",
    "category": "Guest Configuration",
    "deprecated": true
  },
  "policyRule": {
    "if": {
      "anyOf": [
        {
          "allOf": [
            {
              "field": "type",
              "equals": "Microsoft.Compute/virtualMachines"
            },
            {
              "anyOf": [
                {
                  "field": "Microsoft.Compute/imagePublisher",
                  "in": [
                    "esri",
                    "incredibuild",
                    "MicrosoftDynamicsAX",
                    "MicrosoftSharepoint",
                    "MicrosoftVisualStudio",
                    "MicrosoftWindowsDesktop",
                    "MicrosoftWindowsServerHPCPack"
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "MicrosoftWindowsServer"
                    },
                    {
                      "field": "Microsoft.Compute/imageSKU",
                      "notLike": "2008*"
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "MicrosoftSQLServer"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "notLike": "SQL2008*"
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "microsoft-dsvm"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "equals": "dsvm-windows"
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "microsoft-ads"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "in": [
                        "standard-data-science-vm",
                        "windows-data-science-vm"
                      ]
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "batch"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "equals": "rendering-windows2016"
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "center-for-internet-security-inc"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "like": "cis-windows-server-201*"
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "pivotal"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "like": "bosh-windows-server*"
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "field": "Microsoft.Compute/imagePublisher",
                      "equals": "cloud-infrastructure-services"
                    },
                    {
                      "field": "Microsoft.Compute/imageOffer",
                      "like": "ad*"
                    }
                  ]
                },
                {
                  "allOf": [
                    {
                      "anyOf": [
                        {
                          "field": "Microsoft.Compute/virtualMachines/osProfile.windowsConfiguration",
                          "exists": "true"
                        },
                        {
                          "field": "Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType",
                          "like": "Windows*"
                        }
                      ]
                    },
                    {
                      "anyOf": [
                        {
                          "field": "Microsoft.Compute/imageSKU",
                          "exists": "false"
                        },
                        {
                          "allOf": [
                            {
                              "field": "Microsoft.Compute/imageSKU",
                              "notLike": "2008*"
                            },
                            {
                              "field": "Microsoft.Compute/imageOffer",
                              "notLike": "SQL2008*"
                            }
                          ]
                        }
                      ]
                    }
                  ]
                }
              ]
            }
          ]
        },
        {
          "allOf": [
            {
              "field": "type",
              "equals": "Microsoft.HybridCompute/machines"
            },
            {
              "field": "Microsoft.HybridCompute/imageOffer",
              "like": "windows*"
            }
          ]
        }
      ]
    },
    "then": {
      "effect": "auditIfNotExists",
      "details": {
        "type": "Microsoft.GuestConfiguration/guestConfigurationAssignments",
        "name": "AuditSecureProtocol",
        "existenceCondition": {
          "field": "Microsoft.GuestConfiguration/guestConfigurationAssignments/complianceStatus",
          "equals": "Compliant"
        }
      }
    }
  }
}