last sync: 2021-Sep-24 16:09:49 UTC

Azure Policy definition

Microsoft Antimalware for Azure should be configured to automatically update protection signatures

Name Microsoft Antimalware for Azure should be configured to automatically update protection signatures
Azure Portal
Id c43e4a30-77cb-48ab-a4dd-93f175c63b57
Version 1.0.0
details on versioning
Category Compute
Microsoft docs
Description This policy audits any Windows virtual machine not configured with automatic update of Microsoft Antimalware protection signatures.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
Used RBAC Role none
History none
Used in Initiatives
Initiative DisplayName Initiative Id Initiative Category State
[Deprecated]: Azure Security Benchmark v1 42a694ed-f65e-42b2-aa9e-8052e9740a92 Regulatory Compliance Deprecated
[Preview]: CMMC Level 3 b5629c75-5c77-4422-87b9-2509e680f8de Regulatory Compliance Preview
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA
JSON
{
  "displayName": "Microsoft Antimalware for Azure should be configured to automatically update protection signatures",
  "policyType": "BuiltIn",
  "mode": "Indexed",
  "description": "This policy audits any Windows virtual machine not configured with automatic update of Microsoft Antimalware protection signatures.",
  "metadata": {
    "version": "1.0.0",
    "category": "Compute"
  },
  "parameters": {
    "effect": {
      "type": "String",
      "metadata": {
        "displayName": "Effect",
        "description": "Enable or disable the execution of the policy"
      },
      "allowedValues": [
        "AuditIfNotExists",
        "Disabled"
      ],
      "defaultValue": "AuditIfNotExists"
    }
  },
  "policyRule": {
    "if": {
      "allOf": [
        {
          "field": "type",
          "equals": "Microsoft.Compute/virtualMachines"
        },
        {
          "field": "Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType",
          "equals": "Windows"
        }
      ]
    },
    "then": {
      "effect": "[parameters('effect')]",
      "details": {
        "type": "Microsoft.Compute/virtualMachines/extensions",
        "existenceCondition": {
          "allOf": [
            {
              "field": "Microsoft.Compute/virtualMachines/extensions/type",
              "equals": "IaaSAntimalware"
            },
            {
              "field": "Microsoft.Compute/virtualMachines/extensions/publisher",
              "equals": "Microsoft.Azure.Security"
            },
            {
              "field": "Microsoft.Compute/virtualMachines/extensions/autoUpgradeMinorVersion",
              "equals": "true"
            }
          ]
        }
      }
    }
  }
}