AzPolicyAdvertizer

last sync: 2023-Nov-30 18:20:17 UTC

Azure Policy definition

Windows virtual machines should have Azure Monitor Agent installed

Source

Azure Portal

Display name

Windows virtual machines should have Azure Monitor Agent installed

c02729e5-e5e7-4458-97fa-2b5ad0661f28

Version

3.1.0
Details on versioning

Category

Monitoring
Microsoft Learn

Description

Windows virtual machines should be monitored and secured through the deployed Azure Monitor Agent. The Azure Monitor Agent collects telemetry data from the guest OS. Windows virtual machines with supported OS and in supported regions are monitored for Azure Monitor Agent deployment. Learn more: https://aka.ms/AMAOverview.

Mode

Indexed

Type

BuiltIn

Preview

False

Deprecated

False

Effect

Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled

RBAC role(s)

none

Rule aliases

IF (5)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.Compute/imageId	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.id properties.virtualMachineProfile.storageProfile.imageReference.id properties.creationData.imageReference.id	false false false
Microsoft.Compute/imageOffer	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.offer properties.virtualMachineProfile.storageProfile.imageReference.offer properties.creationData.imageReference.id	false false false
Microsoft.Compute/imagePublisher	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.publisher properties.virtualMachineProfile.storageProfile.imageReference.publisher properties.creationData.imageReference.id	false false false
Microsoft.Compute/imageSku	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.sku properties.virtualMachineProfile.storageProfile.imageReference.sku properties.creationData.imageReference.id	false false false
Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType	Microsoft.Compute	virtualMachines	properties.storageProfile.osDisk.osType	true

THEN-ExistenceCondition (3)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.Compute/virtualMachines/extensions/provisioningState	Microsoft.Compute	virtualMachines/extensions	properties.provisioningState	false
Microsoft.Compute/virtualMachines/extensions/publisher	Microsoft.Compute	virtualMachines/extensions	properties.publisher	false
Microsoft.Compute/virtualMachines/extensions/type	Microsoft.Compute	virtualMachines/extensions	properties.type	false

Rule resource types

IF (1)
Microsoft.Compute/virtualMachines

Compliance

The following 1 compliance controls are associated with this Policy definition 'Windows virtual machines should have Azure Monitor Agent installed' (c02729e5-e5e7-4458-97fa-2b5ad0661f28)

Control Domain	Control	Name	MetadataId	Category	Title	Owner	Requirements	Description	Info	Policy#
ACAT_Security_Policies		ACAT_Security_Policies	ACAT Security Policies	Guidelines for M365 Certification	Protecting systems and resources	Shared	n/a	Ensures that apps have strong security and compliance practices in place to protect customer data, security, and privacy.	link	24

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type
ACAT for Microsoft 365 Certification	80307b86-ab81-45ab-bf4f-4e0b93cf3dd5	Regulatory Compliance	GA	BuiltIn

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2023-04-06 17:42:16	change	Minor (3.0.0 > 3.1.0)
2022-04-22 19:50:54	change	Major (2.0.0 > 3.0.0)
2022-02-04 18:25:37	change	Major (1.0.0 > 2.0.0)
2021-10-22 15:42:38	add	c02729e5-e5e7-4458-97fa-2b5ad0661f28

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC