last sync: 2021-May-10 15:04:35 UTC

Azure Policy definition

[Preview]: Guest Attestation extension should be installed on supported Linux virtual machines

Name [Preview]: Guest Attestation extension should be installed on supported Linux virtual machines
Azure Portal
Id 672fe5a1-2fcd-42d7-b85d-902b6e28c6ff
Version 1.0.0-preview
details on versioning
Category Security Center
Microsoft docs
Description Install Guest Attestation extension on supported Linux virtual machines to allow Azure Security Center to proactively attest and monitor the boot integrity. Once installed, boot integrity will be attested via Remote Attestation. This assessment only applies to trusted launch enabled Linux virtual machines.
Mode Indexed
Type BuiltIn
Preview True
Deprecated FALSE
Effect Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
Used RBAC Role none
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-05-04 14:34:06 add 672fe5a1-2fcd-42d7-b85d-902b6e28c6ff
Used in Initiatives none
JSON
{
  "properties": {
  "displayName": "[Preview]: Guest Attestation extension should be installed on supported Linux virtual machines",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "Install Guest Attestation extension on supported Linux virtual machines to allow Azure Security Center to proactively attest and monitor the boot integrity. Once installed, boot integrity will be attested via Remote Attestation. This assessment only applies to trusted launch enabled Linux virtual machines.",
    "metadata": {
      "category": "Security Center",
      "version": "1.0.0-preview",
      "preview": true
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "AuditIfNotExists",
          "Disabled"
        ],
        "defaultValue": "AuditIfNotExists"
      }
    },
    "policyRule": {
      "if": {
        "allOf": [
          {
            "field": "type",
            "equals": "Microsoft.Compute/virtualMachines"
          },
          {
            "anyOf": [
              {
                "allOf": [
                  {
                    "field": "Microsoft.Compute/imagePublisher",
                    "equals": "Canonical"
                  },
                  {
                    "field": "Microsoft.Compute/imageOffer",
                    "equals": "UbuntuServer"
                  },
                  {
                    "field": "Microsoft.Compute/imageSku",
                    "like": "18_04-lts-gen2"
                  }
                ]
              },
              {
                "allOf": [
                  {
                    "field": "Microsoft.Compute/imagePublisher",
                    "equals": "Canonical"
                  },
                  {
                    "field": "Microsoft.Compute/imageOffer",
                    "equals": "0001-com-ubuntu-server-focal"
                  },
                  {
                    "field": "Microsoft.Compute/imageSku",
                    "like": "20_04-lts-gen2"
                  }
                ]
              },
              {
                "allOf": [
                  {
                    "field": "Microsoft.Compute/imagePublisher",
                    "equals": "RedHat"
                  },
                  {
                    "field": "Microsoft.Compute/imageOffer",
                    "equals": "RHEL"
                  },
                  {
                    "field": "Microsoft.Compute/imageSku",
                    "like": "83-gen2"
                  }
                ]
              },
              {
                "allOf": [
                  {
                    "field": "Microsoft.Compute/imagePublisher",
                    "equals": "SUSE"
                  },
                  {
                    "field": "Microsoft.Compute/imageOffer",
                    "equals": "SLES-15-SP2"
                  },
                  {
                    "field": "Microsoft.Compute/imageSku",
                    "like": "gen2"
                  }
                ]
              }
            ]
          },
          {
            "field": "Microsoft.Compute/virtualMachines/securityProfile.uefiSettings",
            "exists": "true"
          },
          {
            "field": "Microsoft.Compute/virtualMachines/securityProfile.uefiSettings.secureBootEnabled",
            "equals": "true"
          },
          {
            "field": "Microsoft.Compute/virtualMachines/securityProfile.uefiSettings.vTpmEnabled",
            "equals": "true"
          }
        ]
      },
      "then": {
      "effect": "[parameters('effect')]",
        "details": {
          "type": "Microsoft.Compute/virtualMachines/extensions",
          "existenceCondition": {
            "allOf": [
              {
                "field": "Microsoft.Compute/virtualMachines/extensions/publisher",
                "equals": "Microsoft.Azure.Security.LinuxAttestation"
              },
              {
                "field": "Microsoft.Compute/virtualMachines/extensions/type",
                "equals": "GuestAttestation"
              },
              {
                "field": "Microsoft.Compute/virtualMachines/extensions/provisioningState",
                "in": [
                  "Succeeded",
                  "Provisioning succeeded"
                ]
              }
            ]
          }
        }
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/672fe5a1-2fcd-42d7-b85d-902b6e28c6ff",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "672fe5a1-2fcd-42d7-b85d-902b6e28c6ff"
}