AzPolicyAdvertizer

last sync: 2025-Nov-05 18:23:31 UTC

[Preview]: Configure supported virtual machines to automatically enable vTPM

Azure BuiltIn Policy definition

Source Azure Portal
Display name [Preview]: Configure supported virtual machines to automatically enable vTPM
Id e494853f-93c3-4e44-9210-d12f61a64b34
Version 2.0.0-preview
Details on versioning
Versioning Versions supported for Versioning: 1
2.0.0-preview
Built-in Versioning [Preview]
Category Security Center
Microsoft Learn
Description Configure supported virtual machines to automatically enable vTPM to facilitate Measured Boot and other OS security features that require a TPM. Once enabled, vTPM can be used to attest boot integrity.
Cloud environments AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown
Available in AzUSGov The Policy is available in AzureUSGovernment cloud. Version: '2.0.0-preview'
Repository: Azure-Policy e494853f-93c3-4e44-9210-d12f61a64b34
Mode Indexed
Type BuiltIn
Preview True
Deprecated False
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
Virtual Machine Contributor 9980e02c-c2be-4d73-94e8-173b1dc7cf3c
Rule aliases IF (3)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Compute/virtualMachines/securityProfile.securityType Microsoft.Compute virtualMachines properties.securityProfile.securityType True False
Microsoft.Compute/virtualMachines/securityProfile.uefiSettings Microsoft.Compute virtualMachines properties.securityProfile.uefiSettings True False
Microsoft.Compute/virtualMachines/securityProfile.uefiSettings.vTpmEnabled Microsoft.Compute virtualMachines properties.securityProfile.uefiSettings.vTpmEnabled True False
THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Compute/virtualMachines/securityProfile.uefiSettings.vTpmEnabled Microsoft.Compute virtualMachines properties.securityProfile.uefiSettings.vTpmEnabled True False
Rule resource types IF (1)
THEN-Deployment (1)
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-11-12 16:23:07 change Major, suffix remains equal (1.0.0-preview > 2.0.0-preview)
2021-06-08 15:17:13 add e494853f-93c3-4e44-9210-d12f61a64b34
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC