last sync: 2024-Oct-15 17:53:32 UTC

Virtual Machine should have TrustedLaunch enabled

Azure BuiltIn Policy definition

Source Azure Portal
Display name Virtual Machine should have TrustedLaunch enabled
Id c95b54ad-0614-4633-ab29-104b01235cbf
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]
Category Trusted Launch
Microsoft Learn
Description Enable TrustedLaunch on Virtual Machine for enhanced security, use VM SKU (Gen 2) that supports TrustedLaunch. To learn more about TrustedLaunch, visit https://learn.microsoft.com/en-us/azure/virtual-machines/trusted-launch
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
Audit
Allowed
Audit, Disabled
RBAC role(s) none
Rule aliases IF (4)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Compute/virtualMachines/securityProfile Microsoft.Compute virtualMachines properties.securityProfile True True
Microsoft.Compute/virtualMachines/securityProfile.securityType Microsoft.Compute virtualMachines properties.securityProfile.securityType True False
Microsoft.Compute/virtualMachines/securityProfile.uefiSettings.secureBootEnabled Microsoft.Compute virtualMachines properties.securityProfile.uefiSettings.secureBootEnabled True False
Microsoft.Compute/virtualMachines/securityProfile.uefiSettings.vTpmEnabled Microsoft.Compute virtualMachines properties.securityProfile.uefiSettings.vTpmEnabled True False
Rule resource types IF (1)
Microsoft.Compute/virtualMachines
Compliance
The following 1 compliance controls are associated with this Policy definition 'Virtual Machine should have TrustedLaunch enabled' (c95b54ad-0614-4633-ab29-104b01235cbf)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
SO .5 - Trusted Launch SO.5 - Trusted Launch 404 not found n/a n/a 2
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
[Preview]: Sovereignty Baseline - Global Policies c1cbff38-87c0-4b9f-9f70-035c7a3b5523 Regulatory Compliance Preview BuiltIn
Audit virtual machines for Trusted Launch support Audit-TrustedLaunch Trusted Launch GA ALZ
History
Date/Time (UTC ymd) (i) Change type Change detail
2024-03-11 18:31:50 add c95b54ad-0614-4633-ab29-104b01235cbf
JSON compare n/a
JSON
api-version=2021-06-01
EPAC