last sync: 2020-Aug-07 14:05:09 UTC

Azure Policy

Enable Security Center's auto provisioning of the Log Analytics agent on your subscriptions with default workspace.

Policy DisplayName Enable Security Center's auto provisioning of the Log Analytics agent on your subscriptions with default workspace.
Policy Id 6df2fee6-a9ed-4fef-bced-e13be1b25f1c
Policy Category Security Center
Policy Description Allow Security Center to auto provision the Log Analytics agent on your subscriptions to monitor and collect security data using ASC default workspace.
Policy Mode All
Policy Type BuiltIn
Policy in Preview FALSE
Policy Deprecated FALSE
Policy Effect Default: DeployIfNotExists
Allowed: (DeployIfNotExists,Disabled)
Roles used
Role Name Role Id
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c
Policy Changes
Date/Time (UTC ymd) (i) Change Change detail
2020-05-13 05:56:52 add: Policy 6df2fee6-a9ed-4fef-bced-e13be1b25f1c
Used in Policy Initiative(s) none
Policy Rule
{
  "properties": {
    "displayName": "Enable Security Center's auto provisioning of the Log Analytics agent on your subscriptions with default workspace.",
    "policyType": "BuiltIn",
    "mode": "All",
    "description": "Allow Security Center to auto provision the Log Analytics agent on your subscriptions to monitor and collect security data using ASC default workspace.",
    "metadata": {
      "version": "1.0.0",
      "category": "Security Center"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "DeployIfNotExists",
          "Disabled"
        ],
        "defaultValue": "DeployIfNotExists"
      }
    },
    "policyRule": {
      "if": {
        "field": "type",
        "equals": "Microsoft.Resources/subscriptions"
      },
      "then": {
      "effect": "[parameters('effect')]",
        "details": {
          "type": "Microsoft.Security/autoProvisioningSettings",
          "deploymentScope": "Subscription",
          "roleDefinitionIds": [
            "/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c"
          ],
          "existenceCondition": {
            "field": "Microsoft.Security/autoProvisioningSettings/autoProvision",
            "equals": "On"
          },
          "deployment": {
            "location": "westus",
            "properties": {
              "mode": "incremental",
              "template": {
                "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
                "contentVersion": "1.0.0.0",
                "parameters": {
                  
                },
                "variables": {
                  
                },
                "resources": [
                  {
                    "type": "Microsoft.Security/autoProvisioningSettings",
                    "name": "default",
                    "apiVersion": "2017-08-01-preview",
                    "properties": {
                      "autoProvision": "On"
                    }
                  }
                ]
              }
            }
          }
        }
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/6df2fee6-a9ed-4fef-bced-e13be1b25f1c",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "6df2fee6-a9ed-4fef-bced-e13be1b25f1c"
}