last sync: 2023-Jun-02 17:44:47 UTC

Azure Policy definition

[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Windows Firewall Properties'

Name [Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Windows Firewall Properties'
Azure Portal
Id 909c958d-1b99-4c74-b88f-46a5c5bc34f9
Version 1.2.0-deprecated
details on versioning
Category Guest Configuration
Microsoft docs
Description This policy creates a Guest Configuration assignment to audit Windows virtual machines with non-compliant settings in Group Policy category: 'Windows Firewall Properties'. It also creates a system-assigned managed identity and deploys the VM extension for Guest Configuration. This policy should only be used along with its corresponding audit policy in an initiative. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated True
Effect Fixed
deployIfNotExists
RBAC
Role(s)
Role Name Role Id
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c
Rule
Aliases
IF (6)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Compute/imageOffer Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.offer
properties.virtualMachineProfile.storageProfile.imageReference.offer
properties.creationData.imageReference.id
false
false
false
Microsoft.Compute/imagePublisher Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.publisher
properties.virtualMachineProfile.storageProfile.imageReference.publisher
properties.creationData.imageReference.id
false
false
false
Microsoft.Compute/imageSKU Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.sku
properties.virtualMachineProfile.storageProfile.imageReference.sku
properties.creationData.imageReference.id
false
false
false
Microsoft.Compute/virtualMachines/osProfile.windowsConfiguration Microsoft.Compute virtualMachines properties.osProfile.windowsConfiguration true
Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType Microsoft.Compute virtualMachines properties.storageProfile.osDisk.osType true
Microsoft.HybridCompute/imageOffer Microsoft.HybridCompute machines properties.osName false
THEN-ExistenceCondition (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.GuestConfiguration/guestConfigurationAssignments/parameterHash Microsoft.GuestConfiguration guestConfigurationAssignments properties.parameterHash false
Rule
ResourceTypes
IF (2)
Microsoft.Compute/virtualMachines
Microsoft.HybridCompute/machines
THEN-Deployment (3)
Microsoft.Compute/virtualMachines
Microsoft.Compute/virtualMachines/extensions
Microsoft.hybridcompute/machines
Compliance Not a Compliance control
History
Date/Time (UTC ymd) (i) Change type Change detail
2020-08-20 14:05:01 change Previous DisplayName: Deploy prerequisites to audit Windows VMs configurations in 'Windows Firewall Properties'
2020-06-09 16:25:53 change Previous DisplayName: [Preview]: Deploy prerequisites to audit Windows VMs configurations in 'Windows Firewall Properties'
2019-12-17 15:43:46 change Previous DisplayName: [Preview]: Deploy requirements to audit Windows VMs configurations in 'Windows Firewall Properties'
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
[Deprecated]: Audit Windows VMs that do not match Azure compute security baseline settings d618d658-b2d0-410e-9e2e-bfbfd04d09fa Guest Configuration Deprecated BuiltIn
JSON