AzPolicyAdvertizer

last sync: 2023-Jun-09 17:46:13 UTC

Azure Policy definition

Configure Windows Arc-enabled machines to run Azure Monitor Agent

Name

Configure Windows Arc-enabled machines to run Azure Monitor Agent
Azure Portal

94f686d6-9a24-4e19-91f1-de937dc171a4

Version

2.3.0
details on versioning

Category

Monitoring
Microsoft docs

Description

Automate the deployment of Azure Monitor Agent extension on your Windows Arc-enabled machines for collecting telemetry data from the guest OS. This policy will install the extension if the OS and region are supported and system-assigned managed identity is enabled, and skip install otherwise. Learn more: https://aka.ms/AMAOverview.

Mode

Indexed

Type

BuiltIn

Preview

FALSE

Deprecated

FALSE

Effect

Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled

RBAC
Role(s)

Role Name	Role Id
Azure Connected Machine Resource Administrator	cd570a14-e51a-42ad-bac8-bafd67325302

Rule
Aliases

IF (1)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.HybridCompute/machines/osName	Microsoft.HybridCompute	machines	properties.osName	false

THEN-ExistenceCondition (3)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.HybridCompute/machines/extensions/provisioningState	Microsoft.HybridCompute	machines/extensions	properties.provisioningState	false
Microsoft.HybridCompute/machines/extensions/publisher	Microsoft.HybridCompute	machines/extensions	properties.publisher	false
Microsoft.HybridCompute/machines/extensions/type	Microsoft.HybridCompute	machines/extensions	properties.type	false

Rule
ResourceTypes

IF (1)
Microsoft.HybridCompute/machines
THEN-Deployment (1)
Microsoft.HybridCompute/machines/extensions

Compliance

Not a Compliance control

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2023-04-06 17:42:16	change	Minor (2.2.0 > 2.3.0)
2023-02-03 18:39:01	change	Minor (2.1.0 > 2.2.0)
2022-08-12 16:33:43	change	Minor (2.0.0 > 2.1.0)
2022-03-11 18:16:48	change	Major (1.0.0 > 2.0.0)
2021-10-22 15:42:38	add	94f686d6-9a24-4e19-91f1-de937dc171a4

Initiatives
usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type
[Preview]: Configure machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent	362ab02d-c362-417e-a525-45805d58e21d	Security Center	Preview	BuiltIn
[Preview]: Configure machines to create the user-defined Microsoft Defender for Cloud pipeline using Azure Monitor Agent	500ab3a2-f1bd-4a5a-8e47-3e09d9a294c3	Security Center	Preview	BuiltIn
[Preview]: Enable Azure Monitor for Hybrid VMs with AMA	59e9c3eb-d8df-473b-8059-23fd38ddd0f0	Monitoring	Preview	BuiltIn
Configure Windows machines to run Azure Monitor Agent and associate them to a Data Collection Rule	9575b8b7-78ab-4281-b53b-d3c1ace2260b	Monitoring	GA	BuiltIn

JSON