last sync: 2023-Jun-09 17:46:13 UTC

Azure Policy definition

Configure Linux virtual machines to run Azure Monitor Agent with user-assigned managed identity-based authentication

Name Configure Linux virtual machines to run Azure Monitor Agent with user-assigned managed identity-based authentication
Azure Portal
Id ae8a10e6-19d6-44a3-a02d-a2bdfc707742
Version 3.1.0
details on versioning
Category Monitoring
Microsoft docs
Description Automate the deployment of Azure Monitor Agent extension on your Linux virtual machines for collecting telemetry data from the guest OS. This policy will install the extension and configure it to use the specified user-assigned managed identity if the OS and region are supported, and skip install otherwise. Learn more: https://aka.ms/AMAOverview.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
RBAC
Role(s)
Role Name Role Id
Virtual Machine Contributor 9980e02c-c2be-4d73-94e8-173b1dc7cf3c
Rule
Aliases
IF (5)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Compute/imageId Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.id
properties.virtualMachineProfile.storageProfile.imageReference.id
properties.creationData.imageReference.id
false
false
false
Microsoft.Compute/imageOffer Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.offer
properties.virtualMachineProfile.storageProfile.imageReference.offer
properties.creationData.imageReference.id
false
false
false
Microsoft.Compute/imagePublisher Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.publisher
properties.virtualMachineProfile.storageProfile.imageReference.publisher
properties.creationData.imageReference.id
false
false
false
Microsoft.Compute/imageSku Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.sku
properties.virtualMachineProfile.storageProfile.imageReference.sku
properties.creationData.imageReference.id
false
false
false
Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType Microsoft.Compute virtualMachines properties.storageProfile.osDisk.osType true
THEN-ExistenceCondition (3)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Compute/virtualMachines/extensions/provisioningState Microsoft.Compute virtualMachines/extensions properties.provisioningState false
Microsoft.Compute/virtualMachines/extensions/publisher Microsoft.Compute virtualMachines/extensions properties.publisher false
Microsoft.Compute/virtualMachines/extensions/type Microsoft.Compute virtualMachines/extensions properties.type false
Rule
ResourceTypes
IF (1)
Microsoft.Compute/virtualMachines
THEN-Deployment (1)
Microsoft.Compute/virtualMachines/extensions
Compliance Not a Compliance control
History
Date/Time (UTC ymd) (i) Change type Change detail
2023-04-06 17:42:16 change Minor (3.0.0 > 3.1.0)
2022-09-13 16:35:29 change Major (2.1.0 > 3.0.0)
2022-08-12 16:33:43 change Minor (2.0.0 > 2.1.0)
2022-05-06 16:29:23 change Major (1.0.0 > 2.0.0)
2022-04-01 20:29:14 add ae8a10e6-19d6-44a3-a02d-a2bdfc707742
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
[Preview]: Configure machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent 362ab02d-c362-417e-a525-45805d58e21d Security Center Preview BuiltIn
[Preview]: Configure machines to create the user-defined Microsoft Defender for Cloud pipeline using Azure Monitor Agent 500ab3a2-f1bd-4a5a-8e47-3e09d9a294c3 Security Center Preview BuiltIn
[Preview]: Enable Azure Monitor for VMs with Azure Monitoring Agent(AMA) 9dffaf29-5905-4145-883c-957eb442c226 Monitoring Preview BuiltIn
Deploy Linux Azure Monitor Agent with user-assigned managed identity-based auth and associate with Data Collection Rule babf8e94-780b-4b4d-abaa-4830136a8725 Monitoring GA BuiltIn
JSON