AzPolicyAdvertizer

last sync: 2021-Aug-04 14:59:26 UTC

Azure Policy definition

[Preview]: Linux virtual machines should use Secure Boot

Name [Preview]: Linux virtual machines should use Secure Boot
Azure Portal

Id b1bb3592-47b8-4150-8db0-bfdcc2c8965b

Version 1.0.0-preview
details on versioning

Category Security Center
Microsoft docs

Description To protect against the installation of malware-based rootkits and boot kits, enable Secure Boot on supported Linux virtual machines. Secure Boot ensures that only signed operating systems and drivers will be allowed to run. This assessment only applies to Linux virtual machines that have the Azure Monitor Agent installed.

Mode All

Type BuiltIn

Preview True

Deprecated FALSE

Effect Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)

Used RBAC Role none

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2021-05-26 13:43:16	add	b1bb3592-47b8-4150-8db0-bfdcc2c8965b

Used in Initiatives none

JSON

{
  "properties": {
  "displayName": "[Preview]: Linux virtual machines should use Secure Boot",
    "policyType": "BuiltIn",
    "mode": "All",
    "description": "To protect against the installation of malware-based rootkits and boot kits, enable Secure Boot on supported Linux virtual machines. Secure Boot ensures that only signed operating systems and drivers will be allowed to run. This assessment only applies to Linux virtual machines that have the Azure Monitor Agent installed.",
    "metadata": {
      "category": "Security Center",
      "version": "1.0.0-preview",
      "preview": true
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "AuditIfNotExists",
          "Disabled"
        ],
        "defaultValue": "AuditIfNotExists"
      }
    },
    "policyRule": {
      "if": {
        "allOf": [
          {
            "field": "type",
            "equals": "Microsoft.Compute/virtualMachines/extensions"
          },
          {
            "field": "Microsoft.Compute/virtualMachines/extensions/type",
            "equals": "AzureSecurityLinuxAgent"
          },
          {
            "field": "Microsoft.Compute/virtualMachines/extensions/publisher",
            "equals": "Microsoft.Azure.Security.Monitoring"
          }
        ]
      },
      "then": {
      "effect": "[parameters('effect')]",
        "details": {
          "type": "Microsoft.Security/assessments",
          "name": "0396b18c-41aa-489c-affd-4ee5d1714a59",
          "existenceCondition": {
            "field": "Microsoft.Security/assessments/status.code",
            "in": [
              "NotApplicable",
              "Healthy"
            ]
          }
        }
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/b1bb3592-47b8-4150-8db0-bfdcc2c8965b",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "b1bb3592-47b8-4150-8db0-bfdcc2c8965b"
}