AzPolicyAdvertizer

last sync: 2024-Apr-19 17:43:58 UTC

Configure Windows Arc-enabled machines to run Azure Monitor Agent

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

Configure Windows Arc-enabled machines to run Azure Monitor Agent

94f686d6-9a24-4e19-91f1-de937dc171a4

Version

2.4.0
Details on versioning

Category

Monitoring
Microsoft Learn

Description

Automate the deployment of Azure Monitor Agent extension on your Windows Arc-enabled machines for collecting telemetry data from the guest OS. This policy will install the extension if the OS and region are supported and system-assigned managed identity is enabled, and skip install otherwise. Learn more: https://aka.ms/AMAOverview.

Mode

Indexed

Type

BuiltIn

Preview

False

Deprecated

False

Effect

Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled

RBAC role(s)

Role Name	Role Id
Azure Connected Machine Resource Administrator	cd570a14-e51a-42ad-bac8-bafd67325302

Rule aliases

IF (1)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.HybridCompute/machines/osName	Microsoft.HybridCompute	machines	properties.osName	false

THEN-ExistenceCondition (3)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.HybridCompute/machines/extensions/provisioningState	Microsoft.HybridCompute	machines/extensions	properties.provisioningState	false
Microsoft.HybridCompute/machines/extensions/publisher	Microsoft.HybridCompute	machines/extensions	properties.publisher	false
Microsoft.HybridCompute/machines/extensions/type	Microsoft.HybridCompute	machines/extensions	properties.type	false

Rule resource types

IF (1)
Microsoft.HybridCompute/machines
THEN-Deployment (1)
Microsoft.HybridCompute/machines/extensions

Compliance

Not a Compliance control

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type
[Deprecated]: Configure machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent	362ab02d-c362-417e-a525-45805d58e21d	Security Center	Deprecated	BuiltIn
[Deprecated]: Configure machines to create the user-defined Microsoft Defender for Cloud pipeline using Azure Monitor Agent	500ab3a2-f1bd-4a5a-8e47-3e09d9a294c3	Security Center	Deprecated	BuiltIn
[Deprecated]: Enable Azure Monitor for Hybrid VMs with AMA	59e9c3eb-d8df-473b-8059-23fd38ddd0f0	Monitoring	Deprecated	BuiltIn
Configure Windows machines to run Azure Monitor Agent and associate them to a Data Collection Rule	9575b8b7-78ab-4281-b53b-d3c1ace2260b	Monitoring	GA	BuiltIn
Enable Azure Monitor for Hybrid VMs with AMA	2b00397d-c309-49c4-aa5a-f0b2c5bc6321	Monitoring	GA	BuiltIn

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2024-03-25 19:17:21	change	Minor (2.3.0 > 2.4.0)
2023-04-06 17:42:16	change	Minor (2.2.0 > 2.3.0)
2023-02-03 18:39:01	change	Minor (2.1.0 > 2.2.0)
2022-08-12 16:33:43	change	Minor (2.0.0 > 2.1.0)
2022-03-11 18:16:48	change	Major (1.0.0 > 2.0.0)
2021-10-22 15:42:38	add	94f686d6-9a24-4e19-91f1-de937dc171a4

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC