AzPolicyAdvertizer

last sync: 2023-Jun-09 17:46:13 UTC

Azure Policy definition

Configure Windows virtual machines to run Azure Monitor Agent using system-assigned managed identity

Name

Configure Windows virtual machines to run Azure Monitor Agent using system-assigned managed identity
Azure Portal

ca817e41-e85a-4783-bc7f-dc532d36235e

Version

4.3.0
details on versioning

Category

Monitoring
Microsoft docs

Description

Automate the deployment of Azure Monitor Agent extension on your Windows virtual machines for collecting telemetry data from the guest OS. This policy will install the extension if the OS and region are supported and system-assigned managed identity is enabled, and skip install otherwise. Learn more: https://aka.ms/AMAOverview.

Mode

Indexed

Type

BuiltIn

Preview

FALSE

Deprecated

FALSE

Effect

Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled

RBAC
Role(s)

Role Name	Role Id
Virtual Machine Contributor	9980e02c-c2be-4d73-94e8-173b1dc7cf3c

Rule
Aliases

IF (5)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.Compute/imageId	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.id properties.virtualMachineProfile.storageProfile.imageReference.id properties.creationData.imageReference.id	false false false
Microsoft.Compute/imageOffer	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.offer properties.virtualMachineProfile.storageProfile.imageReference.offer properties.creationData.imageReference.id	false false false
Microsoft.Compute/imagePublisher	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.publisher properties.virtualMachineProfile.storageProfile.imageReference.publisher properties.creationData.imageReference.id	false false false
Microsoft.Compute/imageSku	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.sku properties.virtualMachineProfile.storageProfile.imageReference.sku properties.creationData.imageReference.id	false false false
Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType	Microsoft.Compute	virtualMachines	properties.storageProfile.osDisk.osType	true

THEN-ExistenceCondition (3)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.Compute/virtualMachines/extensions/provisioningState	Microsoft.Compute	virtualMachines/extensions	properties.provisioningState	false
Microsoft.Compute/virtualMachines/extensions/publisher	Microsoft.Compute	virtualMachines/extensions	properties.publisher	false
Microsoft.Compute/virtualMachines/extensions/type	Microsoft.Compute	virtualMachines/extensions	properties.type	false

Rule
ResourceTypes

IF (1)
Microsoft.Compute/virtualMachines
THEN-Deployment (1)
Microsoft.Compute/virtualMachines/extensions

Compliance

Not a Compliance control

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2023-05-26 17:43:09	change	Minor (4.2.0 > 4.3.0)
2023-04-06 17:42:16	change	Minor (4.1.0 > 4.2.0)
2022-08-12 16:33:43	change	Minor (4.0.1 > 4.1.0)
2022-04-08 16:22:13	change	Patch (4.0.0 > 4.0.1) *changes on text case sensitivity are not tracked
2022-04-01 20:29:14	change	Major (3.0.0 > 4.0.0)
2022-02-04 18:25:37	change	Major (2.0.1 > 3.0.0)
2021-10-19 19:10:32	change	Patch (2.0.0 > 2.0.1) *changes on text case sensitivity are not tracked
2021-06-02 22:44:52	change	Major (1.0.0 > 2.0.0)
2021-05-26 13:43:16	change	Version remains equal, old suffix: preview (1.0.0-preview > 1.0.0)
2021-01-22 09:14:53	add	ca817e41-e85a-4783-bc7f-dc532d36235e

Initiatives
usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type
[Preview]: Configure machines to automatically install the Azure Monitor and Azure Security agents on virtual machines	a15f3269-2e10-458c-87a4-d5989e678a73	Monitoring	Preview	BuiltIn
Configure Windows machines to run Azure Monitor Agent and associate them to a Data Collection Rule	9575b8b7-78ab-4281-b53b-d3c1ace2260b	Monitoring	GA	BuiltIn

JSON