last sync: 2020-Sep-25 13:37:27 UTC

Azure Policy

Microsoft Antimalware for Azure should be configured to automatically update protection signatures

Policy DisplayName Microsoft Antimalware for Azure should be configured to automatically update protection signatures
Policy Id c43e4a30-77cb-48ab-a4dd-93f175c63b57
Policy Category Compute
Policy Description This policy audits any Windows virtual machine not configured with automatic update of Microsoft Antimalware protection signatures.
Policy Mode Indexed
Policy Type BuiltIn
Policy in Preview FALSE
Policy Deprecated FALSE
Policy Effect Default: AuditIfNotExists
Allowed: (AuditIfNotExists,Disabled)
Roles used none
Policy Changes no changes
Used in Policy Initiative(s)
Initiative DisplayName Initiative Id
[Preview]: Azure Security Benchmark 42a694ed-f65e-42b2-aa9e-8052e9740a92
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab
Policy Rule
{
  "properties": {
    "displayName": "Microsoft Antimalware for Azure should be configured to automatically update protection signatures",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "This policy audits any Windows virtual machine not configured with automatic update of Microsoft Antimalware protection signatures.",
    "metadata": {
      "version": "1.0.0",
      "category": "Compute"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "AuditIfNotExists",
          "Disabled"
        ],
        "defaultValue": "AuditIfNotExists"
      }
    },
    "policyRule": {
      "if": {
        "allOf": [
          {
            "field": "type",
            "equals": "Microsoft.Compute/virtualMachines"
          },
          {
            "field": "Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType",
            "equals": "Windows"
          }
        ]
      },
      "then": {
      "effect": "[parameters('effect')]",
        "details": {
          "type": "Microsoft.Compute/virtualMachines/extensions",
          "existenceCondition": {
            "allOf": [
              {
                "field": "Microsoft.Compute/virtualMachines/extensions/type",
                "equals": "IaaSAntimalware"
              },
              {
                "field": "Microsoft.Compute/virtualMachines/extensions/publisher",
                "equals": "Microsoft.Azure.Security"
              },
              {
                "field": "Microsoft.Compute/virtualMachines/extensions/autoUpgradeMinorVersion",
                "equals": "true"
              }
            ]
          }
        }
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/c43e4a30-77cb-48ab-a4dd-93f175c63b57",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "c43e4a30-77cb-48ab-a4dd-93f175c63b57"
}