JSON compareHide
compare mode:
side-by-side
line-by-line
version left: 2.0.1-preview 2.0.0-preview 1.0.0-preview version right: 3.0.0-preview 2.0.1-preview 2.0.0-preview 1.0.0-preview
@@ -4,9 +4,9 @@
4
"mode": "Indexed",
5
"description": "Deploys Microsoft Defender for Endpoint agent on applicable Linux VM images.",
6
"metadata": {
7
"category": "Security Center",
8
-
"version": "2.0.1-preview",
9
"preview": true
10
},
11
"parameters": {
12
"PublishersToExclude": {
@@ -78,9 +78,9 @@
78
}
79
]
80
},
81
{
82
-
"anyOf": [
83
{
84
"not": {
85
"field": "Microsoft.Compute/imagePublisher",
86
"in": [
4
"mode": "Indexed",
5
"description": "Deploys Microsoft Defender for Endpoint agent on applicable Linux VM images.",
6
"metadata": {
7
"category": "Security Center",
8
+
"version": "3 .0.0 -preview",
9
"preview": true
10
},
11
"parameters": {
12
"PublishersToExclude": {
78
}
79
]
80
},
81
{
82
+
"allOf ": [
83
{
84
"not": {
85
"field": "Microsoft.Compute/imagePublisher",
86
"in": [
JSON
api-version=2021-06-01 Copy definition Copy definition 4 EPAC EPAC
{ 7 items displayName: "[Preview]: Deploy Microsoft Defender for Endpoint agent on Linux virtual machines" , policyType: "BuiltIn" , mode: "Indexed" , description: "Deploys Microsoft Defender for Endpoint agent on applicable Linux VM images." , metadata: { 3 items category: "Security Center" , version: "3.0.0-preview" , preview: true } , parameters: { 3 items PublishersToExclude: { 3 items type: "Array" , metadata: { 2 items displayName: "Optional: List Of Image Publishers to exclude" , description: "List of Linux image Publishers to exclude from MDE provision" } , defaultValue : [] } , ImageIdsToExclude: { 3 items type: "Array" , metadata: { 2 items displayName: "Optional: List of virtual machine images to exclude" , description: "Example value: '/subscriptions/<subscriptionId>/resourceGroups/YourResourceGroup/providers/Microsoft.Compute/images/ContosoImage'" } , defaultValue : [] } , effect: { 4 items type: "String" , metadata: { 2 items displayName: "Effect" , description: "Enable or disable the execution of the policy" } , allowedValues: [ 3 items "DeployIfNotExists" , "AuditIfNotExists" , "Disabled" ] , defaultValue: "DeployIfNotExists" } } , policyRule: { 2 items if: { 1 item allOf: [ 5 items { 2 items field: "type" , equals: "Microsoft.Compute/virtualMachines" } , { 2 items field: "Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType" , like: "linux*" } , { 1 item anyOf: [ 2 items { 1 item not: { 2 items field: "Microsoft.Compute/virtualMachines/imagePublisher" , in: "[parameters('PublishersToExclude')]" } } , { 2 items value: 🔍 "[
empty(
parameters('PublishersToExclude')
)
]", equals: "true" } ] } , { 1 item anyOf: [ 2 items { 1 item not: { 2 items field: "Microsoft.Compute/virtualMachines/storageProfile.imageReference.id" , in: "[parameters('ImageIdsToExclude')]" } } , { 2 items value: 🔍 "[
empty(
parameters('ImageIdsToExclude')
)
]", equals: "true" } ] } , { 1 item allOf: [ 12 items { 1 item not: { 2 items field: "Microsoft.Compute/imagePublisher" , in: [ 20 items "AzureDatabricks" , "azureopenshift" , "cisco" , "fortinet" , "juniper-networks" , "barracudanetworks" , "checkpoint" , "imperva" , "qualysguard" , "f5-networks" , "paloaltonetworks" , "rohdeschwarzcybersecuritysas" , "sonicwall-inc" , "esdenera" , "brocade_communications" , "5nine-software-inc" , "forcepoint-llc" , "hillstone-networks" , "netgate" , "microsoft-aks" ] } } , { 1 item not: { 2 items field: "Microsoft.Compute/imageOffer" , contains: "firewall" } } , { 1 item not: { 2 items field: "Microsoft.Compute/imageSKU" , Like: "centos-6*" } } , { 1 item } , { 1 item } , { 1 item } , { 1 item } , { 1 item } , { 1 item } , { 1 item } , { 1 item } , { 1 item } ] } ] } , then: { 2 items effect: "[parameters('effect')]" , details: { 5 items roleDefinitionIds: [ 1 item "/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" Contributor ] , type: "Microsoft.Compute/virtualMachines/extensions" , name: "MDE.Linux" , existenceCondition: { 1 item allOf: [ 3 items { 2 items field: "Microsoft.Compute/virtualMachines/extensions/publisher" , equals: "Microsoft.Azure.AzureDefenderForServers" } , { 2 items field: "Microsoft.Compute/virtualMachines/extensions/type" , equals: "MDE.Linux" } , { 2 items field: "Microsoft.Compute/virtualMachines/extensions/provisioningState" , equals: "Succeeded" } ] } , deployment: { 1 item properties: { 3 items mode: "incremental" , parameters: { 3 items } , template: { 4 items $schema: "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" , contentVersion: "1.0.0.0" , parameters: { 3 items } , resources: [ 1 item { 5 items apiVersion: "2020-06-01" , name: 🔍 "[
concat(
parameters('vmName'),
'/MDE.Linux'
)
]", type: "Microsoft.Compute/virtualMachines/extensions" , location: "[parameters('location')]" , properties: { 6 items autoUpgradeMinorVersion: true , publisher: "Microsoft.Azure.AzureDefenderForServers" , type: "MDE.Linux" , typeHandlerVersion: "1.0" , settings: { 2 items azureResourceId: "[parameters('azureResourceId')]" , installedBy: "Policy" } , protectedSettings: { 1 item defenderForEndpointOnboardingScript: 🔍 "[
reference(
subscriptionResourceId(
'Microsoft.Security/mdeOnboardings',
'Linux'
),
'2021-10-01-preview',
'full'
).properties.onboardingPackageLinux
]" } } } ] } } } } } } }
