AzPolicyAdvertizer

last sync: 2023-Jun-02 17:44:47 UTC

Azure Policy definition

[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Windows Firewall Properties'

Name

[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Windows Firewall Properties'
Azure Portal

909c958d-1b99-4c74-b88f-46a5c5bc34f9

Version

1.2.0-deprecated
details on versioning

Category

Guest Configuration
Microsoft docs

Description

This policy creates a Guest Configuration assignment to audit Windows virtual machines with non-compliant settings in Group Policy category: 'Windows Firewall Properties'. It also creates a system-assigned managed identity and deploys the VM extension for Guest Configuration. This policy should only be used along with its corresponding audit policy in an initiative. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol

Mode

Indexed

Type

BuiltIn

Preview

FALSE

Deprecated

True

Effect

Fixed
deployIfNotExists

RBAC
Role(s)

Role Name	Role Id
Contributor	b24988ac-6180-42a0-ab88-20f7382dd24c

Rule
Aliases

IF (6)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.Compute/imageOffer	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.offer properties.virtualMachineProfile.storageProfile.imageReference.offer properties.creationData.imageReference.id	false false false
Microsoft.Compute/imagePublisher	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.publisher properties.virtualMachineProfile.storageProfile.imageReference.publisher properties.creationData.imageReference.id	false false false
Microsoft.Compute/imageSKU	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.sku properties.virtualMachineProfile.storageProfile.imageReference.sku properties.creationData.imageReference.id	false false false
Microsoft.Compute/virtualMachines/osProfile.windowsConfiguration	Microsoft.Compute	virtualMachines	properties.osProfile.windowsConfiguration	true
Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType	Microsoft.Compute	virtualMachines	properties.storageProfile.osDisk.osType	true
Microsoft.HybridCompute/imageOffer	Microsoft.HybridCompute	machines	properties.osName	false

THEN-ExistenceCondition (1)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.GuestConfiguration/guestConfigurationAssignments/parameterHash	Microsoft.GuestConfiguration	guestConfigurationAssignments	properties.parameterHash	false

Rule
ResourceTypes

IF (2)
Microsoft.Compute/virtualMachines
Microsoft.HybridCompute/machines
THEN-Deployment (3)
Microsoft.Compute/virtualMachines
Microsoft.Compute/virtualMachines/extensions
Microsoft.hybridcompute/machines

Compliance

Not a Compliance control

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2020-08-20 14:05:01	change	Previous DisplayName: Deploy prerequisites to audit Windows VMs configurations in 'Windows Firewall Properties'
2020-06-09 16:25:53	change	Previous DisplayName: [Preview]: Deploy prerequisites to audit Windows VMs configurations in 'Windows Firewall Properties'
2019-12-17 15:43:46	change	Previous DisplayName: [Preview]: Deploy requirements to audit Windows VMs configurations in 'Windows Firewall Properties'

Initiatives
usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type
[Deprecated]: Audit Windows VMs that do not match Azure compute security baseline settings	d618d658-b2d0-410e-9e2e-bfbfd04d09fa	Guest Configuration	Deprecated	BuiltIn

JSON