last sync: 2022-Sep-30 16:34:23 UTC

Azure Policy definition

Configure Windows virtual machines to run Azure Monitor Agent with user-assigned managed identity-based authentication

Name Configure Windows virtual machines to run Azure Monitor Agent with user-assigned managed identity-based authentication
Azure Portal
Id 637125fd-7c39-4b94-bb0a-d331faf333a9
Version 1.1.0
details on versioning
Category Monitoring
Microsoft docs
Description Automate the deployment of Azure Monitor Agent extension on your Windows virtual machines for collecting telemetry data from the guest OS. This policy will install the extension and configure it to use the specified user-assigned managed identity if the OS and region are supported, and skip install otherwise. Learn more: https://aka.ms/AMAOverview.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: DeployIfNotExists
Allowed: (DeployIfNotExists, Disabled)
Used RBAC Role
Role Name Role Id
Virtual Machine Contributor 9980e02c-c2be-4d73-94e8-173b1dc7cf3c
Rule Aliases IF (4)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Compute/imageId Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.id
properties.virtualMachineProfile.storageProfile.imageReference.id
properties.creationData.imageReference.id
false
false
false
Microsoft.Compute/imageOffer Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.offer
properties.virtualMachineProfile.storageProfile.imageReference.offer
properties.creationData.imageReference.id
false
false
false
Microsoft.Compute/imagePublisher Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.publisher
properties.virtualMachineProfile.storageProfile.imageReference.publisher
properties.creationData.imageReference.id
false
false
false
Microsoft.Compute/imageSku Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.sku
properties.virtualMachineProfile.storageProfile.imageReference.sku
properties.creationData.imageReference.id
false
false
false
THEN-ExistenceCondition (3)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Compute/virtualMachines/extensions/provisioningState Microsoft.Compute virtualMachines/extensions properties.provisioningState false
Microsoft.Compute/virtualMachines/extensions/publisher Microsoft.Compute virtualMachines/extensions properties.publisher false
Microsoft.Compute/virtualMachines/extensions/type Microsoft.Compute virtualMachines/extensions properties.type false
Rule ResourceTypes IF (1)
Microsoft.Compute/virtualMachines
THEN-Deployment (1)
Microsoft.Compute/virtualMachines/extensions
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-08-12 16:33:43 change Minor (1.0.0 > 1.1.0)
2022-04-08 16:22:13 add 637125fd-7c39-4b94-bb0a-d331faf333a9
Used in Initiatives
Initiative DisplayName Initiative Id Initiative Category State Type
[Preview]: Configure machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent 362ab02d-c362-417e-a525-45805d58e21d Security Center Preview BuiltIn
[Preview]: Configure machines to create the user-defined Microsoft Defender for Cloud pipeline using Azure Monitor Agent 500ab3a2-f1bd-4a5a-8e47-3e09d9a294c3 Security Center Preview BuiltIn
[Preview]: Enable Azure Monitor for VMs with Azure Monitoring Agent(AMA) 9dffaf29-5905-4145-883c-957eb442c226 Monitoring Preview BuiltIn
Deploy Windows Azure Monitor Agent with user-assigned managed identity-based auth and associate with Data Collection Rule 0d1b56c6-6d1f-4a5d-8695-b15efbea6b49 Monitoring GA BuiltIn
JSON Changes

JSON