last sync: 2020-Sep-23 13:42:45 UTC

Azure Policy

[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Windows Firewall Properties'

Policy DisplayName [Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Windows Firewall Properties'
Policy Id 909c958d-1b99-4c74-b88f-46a5c5bc34f9
Policy Category Guest Configuration
Policy Description This policy creates a Guest Configuration assignment to audit Windows virtual machines with non-compliant settings in Group Policy category: 'Windows Firewall Properties'. It also creates a system-assigned managed identity and deploys the VM extension for Guest Configuration. This policy should only be used along with its corresponding audit policy in an initiative. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol
Policy Mode Indexed
Policy Type BuiltIn
Policy in Preview FALSE
Policy Deprecated True
Policy Effect Fixed: deployIfNotExists
Roles used
Role Name Role Id
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c
Policy Changes
Date/Time (UTC ymd) (i) Change Change detail
2020-08-20 14:05:01 change: DisplayName previous DisplayName: Deploy prerequisites to audit Windows VMs configurations in 'Windows Firewall Properties'
2020-06-09 16:25:53 change: DisplayName previous DisplayName: [Preview]: Deploy prerequisites to audit Windows VMs configurations in 'Windows Firewall Properties'
2019-12-17 15:43:46 change: DisplayName previous DisplayName: [Preview]: Deploy requirements to audit Windows VMs configurations in 'Windows Firewall Properties'
Used in Policy Initiative(s)
Initiative DisplayName Initiative Id
[Deprecated]: Audit Windows VMs that do not match Azure security baseline settings d618d658-b2d0-410e-9e2e-bfbfd04d09fa
Policy Rule
{
  "properties": {
  "displayName": "[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Windows Firewall Properties'",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "This policy creates a Guest Configuration assignment to audit Windows virtual machines with non-compliant settings in Group Policy category: 'Windows Firewall Properties'. It also creates a system-assigned managed identity and deploys the VM extension for Guest Configuration. This policy should only be used along with its corresponding audit policy in an initiative. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol",
    "metadata": {
      "version": "1.2.0-deprecated",
      "category": "Guest Configuration",
      "requiredProviders": [
        "Microsoft.GuestConfiguration"
      ],
      "deprecated": true
    },
    "parameters": {
      "WindowsFirewallDomainUseProfileSettings": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Domain): Use profile settings",
          "description": "Specifies whether Windows Firewall with Advanced Security uses the settings for the Domain profile to filter network traffic. If you select Off, Windows Firewall with Advanced Security will not use any of the firewall rules or connection security rules for this profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallDomainBehaviorForOutboundConnections": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Domain): Behavior for outbound connections",
          "description": "Specifies the behavior for outbound connections for the Domain profile that do not match an outbound firewall rule. The default value of 0 means to allow connections, and a value of 1 means to block connections."
        },
        "defaultValue": "0"
      },
      "WindowsFirewallDomainApplyLocalConnectionSecurityRules": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Domain): Apply local connection security rules",
          "description": "Specifies whether local administrators are allowed to create connection security rules that apply together with connection security rules configured by Group Policy for the Domain profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallDomainApplyLocalFirewallRules": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Domain): Apply local firewall rules",
          "description": "Specifies whether local administrators are allowed to create local firewall rules that apply together with firewall rules configured by Group Policy for the Domain profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallDomainDisplayNotifications": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Domain): Display notifications",
          "description": "Specifies whether Windows Firewall with Advanced Security displays notifications to the user when a program is blocked from receiving inbound connections, for the Domain profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallPrivateUseProfileSettings": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Private): Use profile settings",
          "description": "Specifies whether Windows Firewall with Advanced Security uses the settings for the Private profile to filter network traffic. If you select Off, Windows Firewall with Advanced Security will not use any of the firewall rules or connection security rules for this profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallPrivateBehaviorForOutboundConnections": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Private): Behavior for outbound connections",
          "description": "Specifies the behavior for outbound connections for the Private profile that do not match an outbound firewall rule. The default value of 0 means to allow connections, and a value of 1 means to block connections."
        },
        "defaultValue": "0"
      },
      "WindowsFirewallPrivateApplyLocalConnectionSecurityRules": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Private): Apply local connection security rules",
          "description": "Specifies whether local administrators are allowed to create connection security rules that apply together with connection security rules configured by Group Policy for the Private profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallPrivateApplyLocalFirewallRules": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Private): Apply local firewall rules",
          "description": "Specifies whether local administrators are allowed to create local firewall rules that apply together with firewall rules configured by Group Policy for the Private profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallPrivateDisplayNotifications": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Private): Display notifications",
          "description": "Specifies whether Windows Firewall with Advanced Security displays notifications to the user when a program is blocked from receiving inbound connections, for the Private profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallPublicUseProfileSettings": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Public): Use profile settings",
          "description": "Specifies whether Windows Firewall with Advanced Security uses the settings for the Public profile to filter network traffic. If you select Off, Windows Firewall with Advanced Security will not use any of the firewall rules or connection security rules for this profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallPublicBehaviorForOutboundConnections": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Public): Behavior for outbound connections",
          "description": "Specifies the behavior for outbound connections for the Public profile that do not match an outbound firewall rule. The default value of 0 means to allow connections, and a value of 1 means to block connections."
        },
        "defaultValue": "0"
      },
      "WindowsFirewallPublicApplyLocalConnectionSecurityRules": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Public): Apply local connection security rules",
          "description": "Specifies whether local administrators are allowed to create connection security rules that apply together with connection security rules configured by Group Policy for the Public profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallPublicApplyLocalFirewallRules": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Public): Apply local firewall rules",
          "description": "Specifies whether local administrators are allowed to create local firewall rules that apply together with firewall rules configured by Group Policy for the Public profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallPublicDisplayNotifications": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall (Public): Display notifications",
          "description": "Specifies whether Windows Firewall with Advanced Security displays notifications to the user when a program is blocked from receiving inbound connections, for the Public profile."
        },
        "defaultValue": "1"
      },
      "WindowsFirewallDomainAllowUnicastResponse": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall: Domain: Allow unicast response",
          "description": "Specifies whether Windows Firewall with Advanced Security permits the local computer to receive unicast responses to its outgoing multicast or broadcast messages; for the Domain profile."
        },
        "defaultValue": "0"
      },
      "WindowsFirewallPrivateAllowUnicastResponse": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall: Private: Allow unicast response",
          "description": "Specifies whether Windows Firewall with Advanced Security permits the local computer to receive unicast responses to its outgoing multicast or broadcast messages; for the Private profile."
        },
        "defaultValue": "0"
      },
      "WindowsFirewallPublicAllowUnicastResponse": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: Windows Firewall: Public: Allow unicast response",
          "description": "Specifies whether Windows Firewall with Advanced Security permits the local computer to receive unicast responses to its outgoing multicast or broadcast messages; for the Public profile."
        },
        "defaultValue": "1"
      }
    },
    "policyRule": {
      "if": {
        "anyOf": [
          {
            "allOf": [
              {
                "field": "type",
                "equals": "Microsoft.Compute/virtualMachines"
              },
              {
                "anyOf": [
                  {
                    "field": "Microsoft.Compute/imagePublisher",
                    "in": [
                      "esri",
                      "incredibuild",
                      "MicrosoftDynamicsAX",
                      "MicrosoftSharepoint",
                      "MicrosoftVisualStudio",
                      "MicrosoftWindowsDesktop",
                      "MicrosoftWindowsServerHPCPack"
                    ]
                  },
                  {
                    "allOf": [
                      {
                        "field": "Microsoft.Compute/imagePublisher",
                        "equals": "MicrosoftWindowsServer"
                      },
                      {
                        "field": "Microsoft.Compute/imageSKU",
                        "notLike": "2008*"
                      }
                    ]
                  },
                  {
                    "allOf": [
                      {
                        "field": "Microsoft.Compute/imagePublisher",
                        "equals": "MicrosoftSQLServer"
                      },
                      {
                        "field": "Microsoft.Compute/imageOffer",
                        "notLike": "SQL2008*"
                      }
                    ]
                  },
                  {
                    "allOf": [
                      {
                        "field": "Microsoft.Compute/imagePublisher",
                        "equals": "microsoft-dsvm"
                      },
                      {
                        "field": "Microsoft.Compute/imageOffer",
                        "equals": "dsvm-windows"
                      }
                    ]
                  },
                  {
                    "allOf": [
                      {
                        "field": "Microsoft.Compute/imagePublisher",
                        "equals": "microsoft-ads"
                      },
                      {
                        "field": "Microsoft.Compute/imageOffer",
                        "in": [
                          "standard-data-science-vm",
                          "windows-data-science-vm"
                        ]
                      }
                    ]
                  },
                  {
                    "allOf": [
                      {
                        "field": "Microsoft.Compute/imagePublisher",
                        "equals": "batch"
                      },
                      {
                        "field": "Microsoft.Compute/imageOffer",
                        "equals": "rendering-windows2016"
                      }
                    ]
                  },
                  {
                    "allOf": [
                      {
                        "field": "Microsoft.Compute/imagePublisher",
                        "equals": "center-for-internet-security-inc"
                      },
                      {
                        "field": "Microsoft.Compute/imageOffer",
                        "like": "cis-windows-server-201*"
                      }
                    ]
                  },
                  {
                    "allOf": [
                      {
                        "field": "Microsoft.Compute/imagePublisher",
                        "equals": "pivotal"
                      },
                      {
                        "field": "Microsoft.Compute/imageOffer",
                        "like": "bosh-windows-server*"
                      }
                    ]
                  },
                  {
                    "allOf": [
                      {
                        "field": "Microsoft.Compute/imagePublisher",
                        "equals": "cloud-infrastructure-services"
                      },
                      {
                        "field": "Microsoft.Compute/imageOffer",
                        "like": "ad*"
                      }
                    ]
                  },
                  {
                    "allOf": [
                      {
                        "anyOf": [
                          {
                            "field": "Microsoft.Compute/virtualMachines/osProfile.windowsConfiguration",
                            "exists": "true"
                          },
                          {
                            "field": "Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType",
                            "like": "Windows*"
                          }
                        ]
                      },
                      {
                        "anyOf": [
                          {
                            "field": "Microsoft.Compute/imageSKU",
                            "exists": "false"
                          },
                          {
                            "allOf": [
                              {
                                "field": "Microsoft.Compute/imageSKU",
                                "notLike": "2008*"
                              },
                              {
                                "field": "Microsoft.Compute/imageOffer",
                                "notLike": "SQL2008*"
                              }
                            ]
                          }
                        ]
                      }
                    ]
                  }
                ]
              }
            ]
          },
          {
            "allOf": [
              {
                "field": "type",
                "equals": "Microsoft.HybridCompute/machines"
              },
              {
                "field": "Microsoft.HybridCompute/imageOffer",
                "like": "windows*"
              }
            ]
          }
        ]
      },
      "then": {
        "effect": "deployIfNotExists",
        "details": {
          "roleDefinitionIds": [
            "/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c"
          ],
          "type": "Microsoft.GuestConfiguration/guestConfigurationAssignments",
          "name": "AzureBaseline_WindowsFirewallProperties",
          "existenceCondition": {
            "field": "Microsoft.GuestConfiguration/guestConfigurationAssignments/parameterHash",
          "equals": "[base64(concat('Windows Firewall: Domain: Firewall state;ExpectedValue', '=', parameters('WindowsFirewallDomainUseProfileSettings'), ',', 'Windows Firewall: Domain: Outbound connections;ExpectedValue', '=', parameters('WindowsFirewallDomainBehaviorForOutboundConnections'), ',', 'Windows Firewall: Domain: Settings: Apply local connection security rules;ExpectedValue', '=', parameters('WindowsFirewallDomainApplyLocalConnectionSecurityRules'), ',', 'Windows Firewall: Domain: Settings: Apply local firewall rules;ExpectedValue', '=', parameters('WindowsFirewallDomainApplyLocalFirewallRules'), ',', 'Windows Firewall: Domain: Settings: Display a notification;ExpectedValue', '=', parameters('WindowsFirewallDomainDisplayNotifications'), ',', 'Windows Firewall: Private: Firewall state;ExpectedValue', '=', parameters('WindowsFirewallPrivateUseProfileSettings'), ',', 'Windows Firewall: Private: Outbound connections;ExpectedValue', '=', parameters('WindowsFirewallPrivateBehaviorForOutboundConnections'), ',', 'Windows Firewall: Private: Settings: Apply local connection security rules;ExpectedValue', '=', parameters('WindowsFirewallPrivateApplyLocalConnectionSecurityRules'), ',', 'Windows Firewall: Private: Settings: Apply local firewall rules;ExpectedValue', '=', parameters('WindowsFirewallPrivateApplyLocalFirewallRules'), ',', 'Windows Firewall: Private: Settings: Display a notification;ExpectedValue', '=', parameters('WindowsFirewallPrivateDisplayNotifications'), ',', 'Windows Firewall: Public: Firewall state;ExpectedValue', '=', parameters('WindowsFirewallPublicUseProfileSettings'), ',', 'Windows Firewall: Public: Outbound connections;ExpectedValue', '=', parameters('WindowsFirewallPublicBehaviorForOutboundConnections'), ',', 'Windows Firewall: Public: Settings: Apply local connection security rules;ExpectedValue', '=', parameters('WindowsFirewallPublicApplyLocalConnectionSecurityRules'), ',', 'Windows Firewall: Public: Settings: Apply local firewall rules;ExpectedValue', '=', parameters('WindowsFirewallPublicApplyLocalFirewallRules'), ',', 'Windows Firewall: Public: Settings: Display a notification;ExpectedValue', '=', parameters('WindowsFirewallPublicDisplayNotifications'), ',', 'Windows Firewall: Domain: Allow unicast response;ExpectedValue', '=', parameters('WindowsFirewallDomainAllowUnicastResponse'), ',', 'Windows Firewall: Private: Allow unicast response;ExpectedValue', '=', parameters('WindowsFirewallPrivateAllowUnicastResponse'), ',', 'Windows Firewall: Public: Allow unicast response;ExpectedValue', '=', parameters('WindowsFirewallPublicAllowUnicastResponse')))]"
          },
          "deployment": {
            "properties": {
              "mode": "incremental",
              "parameters": {
                "vmName": {
                "value": "[field('name')]"
                },
                "location": {
                "value": "[field('location')]"
                },
                "type": {
                "value": "[field('type')]"
                },
                "configurationName": {
                  "value": "AzureBaseline_WindowsFirewallProperties"
                },
                "WindowsFirewallDomainUseProfileSettings": {
                "value": "[parameters('WindowsFirewallDomainUseProfileSettings')]"
                },
                "WindowsFirewallDomainBehaviorForOutboundConnections": {
                "value": "[parameters('WindowsFirewallDomainBehaviorForOutboundConnections')]"
                },
                "WindowsFirewallDomainApplyLocalConnectionSecurityRules": {
                "value": "[parameters('WindowsFirewallDomainApplyLocalConnectionSecurityRules')]"
                },
                "WindowsFirewallDomainApplyLocalFirewallRules": {
                "value": "[parameters('WindowsFirewallDomainApplyLocalFirewallRules')]"
                },
                "WindowsFirewallDomainDisplayNotifications": {
                "value": "[parameters('WindowsFirewallDomainDisplayNotifications')]"
                },
                "WindowsFirewallPrivateUseProfileSettings": {
                "value": "[parameters('WindowsFirewallPrivateUseProfileSettings')]"
                },
                "WindowsFirewallPrivateBehaviorForOutboundConnections": {
                "value": "[parameters('WindowsFirewallPrivateBehaviorForOutboundConnections')]"
                },
                "WindowsFirewallPrivateApplyLocalConnectionSecurityRules": {
                "value": "[parameters('WindowsFirewallPrivateApplyLocalConnectionSecurityRules')]"
                },
                "WindowsFirewallPrivateApplyLocalFirewallRules": {
                "value": "[parameters('WindowsFirewallPrivateApplyLocalFirewallRules')]"
                },
                "WindowsFirewallPrivateDisplayNotifications": {
                "value": "[parameters('WindowsFirewallPrivateDisplayNotifications')]"
                },
                "WindowsFirewallPublicUseProfileSettings": {
                "value": "[parameters('WindowsFirewallPublicUseProfileSettings')]"
                },
                "WindowsFirewallPublicBehaviorForOutboundConnections": {
                "value": "[parameters('WindowsFirewallPublicBehaviorForOutboundConnections')]"
                },
                "WindowsFirewallPublicApplyLocalConnectionSecurityRules": {
                "value": "[parameters('WindowsFirewallPublicApplyLocalConnectionSecurityRules')]"
                },
                "WindowsFirewallPublicApplyLocalFirewallRules": {
                "value": "[parameters('WindowsFirewallPublicApplyLocalFirewallRules')]"
                },
                "WindowsFirewallPublicDisplayNotifications": {
                "value": "[parameters('WindowsFirewallPublicDisplayNotifications')]"
                },
                "WindowsFirewallDomainAllowUnicastResponse": {
                "value": "[parameters('WindowsFirewallDomainAllowUnicastResponse')]"
                },
                "WindowsFirewallPrivateAllowUnicastResponse": {
                "value": "[parameters('WindowsFirewallPrivateAllowUnicastResponse')]"
                },
                "WindowsFirewallPublicAllowUnicastResponse": {
                "value": "[parameters('WindowsFirewallPublicAllowUnicastResponse')]"
                }
              },
              "template": {
                "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
                "contentVersion": "1.0.0.0",
                "parameters": {
                  "vmName": {
                    "type": "string"
                  },
                  "location": {
                    "type": "string"
                  },
                  "type": {
                    "type": "string"
                  },
                  "configurationName": {
                    "type": "string"
                  },
                  "WindowsFirewallDomainUseProfileSettings": {
                    "type": "string"
                  },
                  "WindowsFirewallDomainBehaviorForOutboundConnections": {
                    "type": "string"
                  },
                  "WindowsFirewallDomainApplyLocalConnectionSecurityRules": {
                    "type": "string"
                  },
                  "WindowsFirewallDomainApplyLocalFirewallRules": {
                    "type": "string"
                  },
                  "WindowsFirewallDomainDisplayNotifications": {
                    "type": "string"
                  },
                  "WindowsFirewallPrivateUseProfileSettings": {
                    "type": "string"
                  },
                  "WindowsFirewallPrivateBehaviorForOutboundConnections": {
                    "type": "string"
                  },
                  "WindowsFirewallPrivateApplyLocalConnectionSecurityRules": {
                    "type": "string"
                  },
                  "WindowsFirewallPrivateApplyLocalFirewallRules": {
                    "type": "string"
                  },
                  "WindowsFirewallPrivateDisplayNotifications": {
                    "type": "string"
                  },
                  "WindowsFirewallPublicUseProfileSettings": {
                    "type": "string"
                  },
                  "WindowsFirewallPublicBehaviorForOutboundConnections": {
                    "type": "string"
                  },
                  "WindowsFirewallPublicApplyLocalConnectionSecurityRules": {
                    "type": "string"
                  },
                  "WindowsFirewallPublicApplyLocalFirewallRules": {
                    "type": "string"
                  },
                  "WindowsFirewallPublicDisplayNotifications": {
                    "type": "string"
                  },
                  "WindowsFirewallDomainAllowUnicastResponse": {
                    "type": "string"
                  },
                  "WindowsFirewallPrivateAllowUnicastResponse": {
                    "type": "string"
                  },
                  "WindowsFirewallPublicAllowUnicastResponse": {
                    "type": "string"
                  }
                },
                "resources": [
                  {
                  "condition": "[equals(toLower(parameters('type')), toLower('microsoft.hybridcompute/machines'))]",
                    "apiVersion": "2018-11-20",
                    "type": "Microsoft.HybridCompute/machines/providers/guestConfigurationAssignments",
                  "name": "[concat(parameters('vmName'), '/Microsoft.GuestConfiguration/', parameters('configurationName'))]",
                  "location": "[parameters('location')]",
                    "properties": {
                      "guestConfiguration": {
                      "name": "[parameters('configurationName')]",
                        "version": "1.*",
                        "configurationParameter": [
                          {
                            "name": "Windows Firewall: Domain: Firewall state;ExpectedValue",
                          "value": "[parameters('WindowsFirewallDomainUseProfileSettings')]"
                          },
                          {
                            "name": "Windows Firewall: Domain: Outbound connections;ExpectedValue",
                          "value": "[parameters('WindowsFirewallDomainBehaviorForOutboundConnections')]"
                          },
                          {
                            "name": "Windows Firewall: Domain: Settings: Apply local connection security rules;ExpectedValue",
                          "value": "[parameters('WindowsFirewallDomainApplyLocalConnectionSecurityRules')]"
                          },
                          {
                            "name": "Windows Firewall: Domain: Settings: Apply local firewall rules;ExpectedValue",
                          "value": "[parameters('WindowsFirewallDomainApplyLocalFirewallRules')]"
                          },
                          {
                            "name": "Windows Firewall: Domain: Settings: Display a notification;ExpectedValue",
                          "value": "[parameters('WindowsFirewallDomainDisplayNotifications')]"
                          },
                          {
                            "name": "Windows Firewall: Private: Firewall state;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPrivateUseProfileSettings')]"
                          },
                          {
                            "name": "Windows Firewall: Private: Outbound connections;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPrivateBehaviorForOutboundConnections')]"
                          },
                          {
                            "name": "Windows Firewall: Private: Settings: Apply local connection security rules;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPrivateApplyLocalConnectionSecurityRules')]"
                          },
                          {
                            "name": "Windows Firewall: Private: Settings: Apply local firewall rules;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPrivateApplyLocalFirewallRules')]"
                          },
                          {
                            "name": "Windows Firewall: Private: Settings: Display a notification;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPrivateDisplayNotifications')]"
                          },
                          {
                            "name": "Windows Firewall: Public: Firewall state;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPublicUseProfileSettings')]"
                          },
                          {
                            "name": "Windows Firewall: Public: Outbound connections;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPublicBehaviorForOutboundConnections')]"
                          },
                          {
                            "name": "Windows Firewall: Public: Settings: Apply local connection security rules;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPublicApplyLocalConnectionSecurityRules')]"
                          },
                          {
                            "name": "Windows Firewall: Public: Settings: Apply local firewall rules;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPublicApplyLocalFirewallRules')]"
                          },
                          {
                            "name": "Windows Firewall: Public: Settings: Display a notification;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPublicDisplayNotifications')]"
                          },
                          {
                            "name": "Windows Firewall: Domain: Allow unicast response;ExpectedValue",
                          "value": "[parameters('WindowsFirewallDomainAllowUnicastResponse')]"
                          },
                          {
                            "name": "Windows Firewall: Private: Allow unicast response;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPrivateAllowUnicastResponse')]"
                          },
                          {
                            "name": "Windows Firewall: Public: Allow unicast response;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPublicAllowUnicastResponse')]"
                          }
                        ]
                      }
                    }
                  },
                  {
                  "condition": "[equals(toLower(parameters('type')), toLower('Microsoft.Compute/virtualMachines'))]",
                    "apiVersion": "2018-11-20",
                    "type": "Microsoft.Compute/virtualMachines/providers/guestConfigurationAssignments",
                  "name": "[concat(parameters('vmName'), '/Microsoft.GuestConfiguration/', parameters('configurationName'))]",
                  "location": "[parameters('location')]",
                    "properties": {
                      "guestConfiguration": {
                      "name": "[parameters('configurationName')]",
                        "version": "1.*",
                        "configurationParameter": [
                          {
                            "name": "Windows Firewall: Domain: Firewall state;ExpectedValue",
                          "value": "[parameters('WindowsFirewallDomainUseProfileSettings')]"
                          },
                          {
                            "name": "Windows Firewall: Domain: Outbound connections;ExpectedValue",
                          "value": "[parameters('WindowsFirewallDomainBehaviorForOutboundConnections')]"
                          },
                          {
                            "name": "Windows Firewall: Domain: Settings: Apply local connection security rules;ExpectedValue",
                          "value": "[parameters('WindowsFirewallDomainApplyLocalConnectionSecurityRules')]"
                          },
                          {
                            "name": "Windows Firewall: Domain: Settings: Apply local firewall rules;ExpectedValue",
                          "value": "[parameters('WindowsFirewallDomainApplyLocalFirewallRules')]"
                          },
                          {
                            "name": "Windows Firewall: Domain: Settings: Display a notification;ExpectedValue",
                          "value": "[parameters('WindowsFirewallDomainDisplayNotifications')]"
                          },
                          {
                            "name": "Windows Firewall: Private: Firewall state;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPrivateUseProfileSettings')]"
                          },
                          {
                            "name": "Windows Firewall: Private: Outbound connections;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPrivateBehaviorForOutboundConnections')]"
                          },
                          {
                            "name": "Windows Firewall: Private: Settings: Apply local connection security rules;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPrivateApplyLocalConnectionSecurityRules')]"
                          },
                          {
                            "name": "Windows Firewall: Private: Settings: Apply local firewall rules;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPrivateApplyLocalFirewallRules')]"
                          },
                          {
                            "name": "Windows Firewall: Private: Settings: Display a notification;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPrivateDisplayNotifications')]"
                          },
                          {
                            "name": "Windows Firewall: Public: Firewall state;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPublicUseProfileSettings')]"
                          },
                          {
                            "name": "Windows Firewall: Public: Outbound connections;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPublicBehaviorForOutboundConnections')]"
                          },
                          {
                            "name": "Windows Firewall: Public: Settings: Apply local connection security rules;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPublicApplyLocalConnectionSecurityRules')]"
                          },
                          {
                            "name": "Windows Firewall: Public: Settings: Apply local firewall rules;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPublicApplyLocalFirewallRules')]"
                          },
                          {
                            "name": "Windows Firewall: Public: Settings: Display a notification;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPublicDisplayNotifications')]"
                          },
                          {
                            "name": "Windows Firewall: Domain: Allow unicast response;ExpectedValue",
                          "value": "[parameters('WindowsFirewallDomainAllowUnicastResponse')]"
                          },
                          {
                            "name": "Windows Firewall: Private: Allow unicast response;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPrivateAllowUnicastResponse')]"
                          },
                          {
                            "name": "Windows Firewall: Public: Allow unicast response;ExpectedValue",
                          "value": "[parameters('WindowsFirewallPublicAllowUnicastResponse')]"
                          }
                        ]
                      }
                    }
                  },
                  {
                  "condition": "[equals(toLower(parameters('type')), toLower('Microsoft.Compute/virtualMachines'))]",
                    "apiVersion": "2019-07-01",
                    "type": "Microsoft.Compute/virtualMachines",
                    "identity": {
                      "type": "SystemAssigned"
                    },
                  "name": "[parameters('vmName')]",
                  "location": "[parameters('location')]"
                  },
                  {
                  "condition": "[equals(toLower(parameters('type')), toLower('Microsoft.Compute/virtualMachines'))]",
                    "apiVersion": "2019-07-01",
                  "name": "[concat(parameters('vmName'), '/AzurePolicyforWindows')]",
                    "type": "Microsoft.Compute/virtualMachines/extensions",
                  "location": "[parameters('location')]",
                    "properties": {
                      "publisher": "Microsoft.GuestConfiguration",
                      "type": "ConfigurationforWindows",
                      "typeHandlerVersion": "1.1",
                      "autoUpgradeMinorVersion": true,
                      "settings": {
                        
                      },
                      "protectedSettings": {
                        
                      }
                    },
                    "dependsOn": [
                    "[concat('Microsoft.Compute/virtualMachines/',parameters('vmName'),'/providers/Microsoft.GuestConfiguration/guestConfigurationAssignments/',parameters('configurationName'))]"
                    ]
                  }
                ]
              }
            }
          }
        }
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/909c958d-1b99-4c74-b88f-46a5c5bc34f9",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "909c958d-1b99-4c74-b88f-46a5c5bc34f9"
}