AzPolicyAdvertizer

last sync: 2023-Jun-09 17:46:13 UTC

Azure Policy definition

[Deprecated]: Show audit results from Linux VMs that do not have the passwd file permissions set to 0644

Name

[Deprecated]: Show audit results from Linux VMs that do not have the passwd file permissions set to 0644
Azure Portal

b18175dd-c599-4c64-83ba-bb018a06d35b

Version

4.0.0-deprecated
details on versioning

Category

Guest Configuration
Microsoft docs

Description

This policy should only be used along with its corresponding deploy policy in an initiative. This definition allows Azure Policy to process the results of auditing Linux virtual machines that do not have the passwd file permissions set to 0644. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol

Mode

All

Type

BuiltIn

Preview

FALSE

Deprecated

True

Effect

Fixed
auditIfNotExists

RBAC
Role(s)

none

Rule
Aliases

IF (6)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.Compute/imageOffer	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.offer properties.virtualMachineProfile.storageProfile.imageReference.offer properties.creationData.imageReference.id	false false false
Microsoft.Compute/imagePublisher	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.publisher properties.virtualMachineProfile.storageProfile.imageReference.publisher properties.creationData.imageReference.id	false false false
Microsoft.Compute/imageSKU	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.sku properties.virtualMachineProfile.storageProfile.imageReference.sku properties.creationData.imageReference.id	false false false
Microsoft.Compute/virtualMachines/osProfile.linuxConfiguration	Microsoft.Compute	virtualMachines	properties.osProfile.linuxConfiguration	true
Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType	Microsoft.Compute	virtualMachines	properties.storageProfile.osDisk.osType	true
Microsoft.HybridCompute/imageOffer	Microsoft.HybridCompute	machines	properties.osName	false

THEN-ExistenceCondition (1)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.GuestConfiguration/guestConfigurationAssignments/complianceStatus	Microsoft.GuestConfiguration	guestConfigurationAssignments	properties.complianceStatus	false

Rule
ResourceTypes

IF (2)
Microsoft.Compute/virtualMachines
Microsoft.HybridCompute/machines

Compliance

Not a Compliance control

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2022-01-28 17:51:01	change	Major, suffix remains equal (3.1.0-deprecated > 4.0.0-deprecated)
2021-12-06 22:17:57	change	Minor, suffix remains equal (3.0.0-deprecated > 3.1.0-deprecated)
2020-09-09 11:24:03	change	Previous DisplayName: Show audit results from Linux VMs that do not have the passwd file permissions set to 0644
2020-06-09 16:25:53	change	Previous DisplayName: [Preview]: Show audit results from Linux VMs that do not have the passwd file permissions set to 0644

Initiatives
usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type
[Deprecated]: Audit VMs with insecure password security settings	3fa7cbf5-c0a4-4a59-85a5-cca4d996d5a6	Guest Configuration	Deprecated	BuiltIn

JSON