last sync: 2022-Sep-23 16:35:49 UTC

Azure Policy definition

Configure Windows Arc-enabled machines to run Azure Monitor Agent

Name Configure Windows Arc-enabled machines to run Azure Monitor Agent
Azure Portal
Id 94f686d6-9a24-4e19-91f1-de937dc171a4
Version 2.1.0
details on versioning
Category Monitoring
Microsoft docs
Description Automate the deployment of Azure Monitor Agent extension on your Windows Arc-enabled machines for collecting telemetry data from the guest OS. This policy will install the extension if the OS and region are supported and system-assigned managed identity is enabled, and skip install otherwise. Learn more: https://aka.ms/AMAOverview.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: DeployIfNotExists
Allowed: (DeployIfNotExists, Disabled)
Used RBAC Role
Role Name Role Id
Azure Connected Machine Resource Administrator cd570a14-e51a-42ad-bac8-bafd67325302
Rule Aliases IF (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.HybridCompute/machines/osName Microsoft.HybridCompute machines properties.osName false
THEN-ExistenceCondition (3)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.HybridCompute/machines/extensions/provisioningState Microsoft.HybridCompute machines/extensions properties.provisioningState false
Microsoft.HybridCompute/machines/extensions/publisher Microsoft.HybridCompute machines/extensions properties.publisher false
Microsoft.HybridCompute/machines/extensions/type Microsoft.HybridCompute machines/extensions properties.type false
Rule ResourceTypes IF (1)
Microsoft.HybridCompute/machines
THEN-Deployment (1)
Microsoft.HybridCompute/machines/extensions
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-08-12 16:33:43 change Minor (2.0.0 > 2.1.0)
2022-03-11 18:16:48 change Major (1.0.0 > 2.0.0)
2021-10-22 15:42:38 add 94f686d6-9a24-4e19-91f1-de937dc171a4
Used in Initiatives
Initiative DisplayName Initiative Id Initiative Category State Type
[Preview]: Configure machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent 362ab02d-c362-417e-a525-45805d58e21d Security Center Preview BuiltIn
[Preview]: Configure machines to create the user-defined Microsoft Defender for Cloud pipeline using Azure Monitor Agent 500ab3a2-f1bd-4a5a-8e47-3e09d9a294c3 Security Center Preview BuiltIn
[Preview]: Enable Azure Monitor for Hybrid VMs with AMA 59e9c3eb-d8df-473b-8059-23fd38ddd0f0 Monitoring Preview BuiltIn
Configure Windows machines to run Azure Monitor Agent and associate them to a Data Collection Rule 9575b8b7-78ab-4281-b53b-d3c1ace2260b Monitoring GA BuiltIn
JSON Changes

JSON