last sync: 2024-Jul-26 18:17:39 UTC

Dependency agent should be enabled in virtual machine scale sets for listed virtual machine images

Azure BuiltIn Policy definition

Source Azure Portal
Display name Dependency agent should be enabled in virtual machine scale sets for listed virtual machine images
Id e2dd799a-a932-4e9d-ac17-d473bc3c6c10
Version 2.0.0
Details on versioning
Category Monitoring
Microsoft Learn
Description Reports virtual machine scale sets as non-compliant if the virtual machine image is not in the list defined and the agent is not installed. The list of OS images is updated over time as support is updated.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases IF (4)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Compute/imageId Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.id
properties.virtualMachineProfile.storageProfile.imageReference.id
properties.creationData.imageReference.id
True
True
True


False
False
False
Microsoft.Compute/imageOffer Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.offer
properties.virtualMachineProfile.storageProfile.imageReference.offer
properties.creationData.imageReference.id
True
True
True


False
False
False
Microsoft.Compute/imagePublisher Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.publisher
properties.virtualMachineProfile.storageProfile.imageReference.publisher
properties.creationData.imageReference.id
True
True
True


False
False
False
Microsoft.Compute/imageSKU Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.sku
properties.virtualMachineProfile.storageProfile.imageReference.sku
properties.creationData.imageReference.id
True
True
True


False
False
False
THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Compute/virtualMachineScaleSets/extensions/publisher Microsoft.Compute virtualMachineScaleSets/extensions properties.publisher True False
Rule resource types IF (1)
Microsoft.Compute/virtualMachineScaleSets
Compliance
The following 6 compliance controls are associated with this Policy definition 'Dependency agent should be enabled in virtual machine scale sets for listed virtual machine images' (e2dd799a-a932-4e9d-ac17-d473bc3c6c10)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
ISO27001-2013 A.12.4.1 ISO27001-2013_A.12.4.1 ISO 27001:2013 A.12.4.1 Operations Security Event Logging Shared n/a Event logs recording user activities, exceptions, faults and information security events shall be produced, kept and regularly reviewed. link 53
ISO27001-2013 A.12.4.3 ISO27001-2013_A.12.4.3 ISO 27001:2013 A.12.4.3 Operations Security Administrator and operator logs Shared n/a System administrator and system operator activities shall be logged and the logs protected and regularly reviewed. link 29
ISO27001-2013 A.12.4.4 ISO27001-2013_A.12.4.4 ISO 27001:2013 A.12.4.4 Operations Security Clock Synchronization Shared n/a The clocks of all relevant information processing systems within an organization or security domain shall be synchronized to a single reference time source. link 8
op.exp.8 Recording of the activity op.exp.8 Recording of the activity 404 not found n/a n/a 67
U.15.1 - Events logged U.15.1 - Events logged 404 not found n/a n/a 41
U.15.3 - Events logged U.15.3 - Events logged 404 not found n/a n/a 6
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
[Preview]: SWIFT CSP-CSCF v2020 3e0c67fc-8c7c-406c-89bd-6b6bdc986a22 Regulatory Compliance Preview BuiltIn
ISO 27001:2013 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 Regulatory Compliance GA BuiltIn
Legacy - Enable Azure Monitor for Virtual Machine Scale Sets 75714362-cae7-409e-9b99-a8e5075b7fad Monitoring GA BuiltIn
NL BIO Cloud Theme 6ce73208-883e-490f-a2ac-44aac3b3687f Regulatory Compliance GA BuiltIn
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-03-02 15:11:40 change Major (1.0.1 > 2.0.0)
2020-04-22 04:43:16 change Previous DisplayName: [Preview]: Audit Dependency Agent Deployment in Virtual Machine Scale Sets - VM Image (OS) unlisted
2020-02-29 21:43:10 change Previous DisplayName: [Preview]: Audit Dependency Agent Deployment in VMSS - VM Image (OS) unlisted
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC