AzPolicyAdvertizer

last sync: 2025-Jul-25 17:39:48 UTC

Windows Arc-enabled machines should have Azure Monitor Agent installed

Azure BuiltIn Policy definition

Source Azure Portal
Display name Windows Arc-enabled machines should have Azure Monitor Agent installed
Id ec621e21-8b48-403d-a549-fc9023d4747f
Version 1.2.0
Details on versioning
Versioning Versions supported for Versioning: 2
1.2.0
1.1.0
Built-in Versioning [Preview]
Category Monitoring
Microsoft Learn
Description Windows Arc-enabled machines should be monitored and secured through the deployed Azure Monitor Agent. The Azure Monitor Agent collects telemetry data from the guest OS. Windows Arc-enabled machines in supported regions are monitored for Azure Monitor Agent deployment. Learn more: https://aka.ms/AMAOverview.
Cloud environments AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown
Available in AzUSGov Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases IF (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.HybridCompute/machines/osName Microsoft.HybridCompute machines properties.osName True False
THEN-ExistenceCondition (3)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.HybridCompute/machines/extensions/provisioningState Microsoft.HybridCompute machines/extensions properties.provisioningState True False
Microsoft.HybridCompute/machines/extensions/publisher Microsoft.HybridCompute machines/extensions properties.publisher True False
Microsoft.HybridCompute/machines/extensions/type Microsoft.HybridCompute machines/extensions properties.type True False
Rule resource types IF (1)
Compliance
The following 1 compliance controls are associated with this Policy definition 'Windows Arc-enabled machines should have Azure Monitor Agent installed' (ec621e21-8b48-403d-a549-fc9023d4747f)
Rows: 1-1 / 1

Columns:

Close

Columns▼Records:
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

TableFilter v0.7.3

https://www.tablefilter.com/
©2015-2025 Max Guglielmi
?
Page of 1
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
U.15.1 - Events Logged U.15.1 - Events Logged 404 not found n/a n/a 51
Initiatives usage
Rows: 1-1 / 1
Records:
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

TableFilter v0.7.3

https://www.tablefilter.com/
©2015-2025 Max Guglielmi
?
Page of 1
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
NL BIO Cloud Theme V2 d8b2ffbe-c6a8-4622-965d-4ade11d1d2ee Regulatory Compliance GA BuiltIn unknown
History
Date/Time (UTC ymd) (i) Change type Change detail
2024-03-25 19:17:21 change Minor (1.1.0 > 1.2.0)
2023-02-03 18:39:01 change Minor (1.0.1 > 1.1.0)
2022-03-11 18:16:48 change Patch (1.0.0 > 1.0.1)
2021-10-22 15:42:38 add ec621e21-8b48-403d-a549-fc9023d4747f
JSON compare
compare mode: version left: version right:
1.1.0 → 1.2.0 RENAMED
@@ -3,9 +3,9 @@
3
  "policyType": "BuiltIn",
4
  "mode": "Indexed",
5
  "description": "Windows Arc-enabled machines should be monitored and secured through the deployed Azure Monitor Agent. The Azure Monitor Agent collects telemetry data from the guest OS. Windows Arc-enabled machines in supported regions are monitored for Azure Monitor Agent deployment. Learn more: https://aka.ms/AMAOverview.",
6
  "metadata": {
7
- "version": "1.1.0",
8
  "category": "Monitoring"
9
  },
10
  "parameters": {
11
  "effect": {
@@ -35,35 +35,55 @@
35
  {
36
  "field": "location",
37
  "in": [
38
  "australiacentral",
 
39
  "australiaeast",
40
  "australiasoutheast",
41
  "brazilsouth",
 
42
  "canadacentral",
43
  "canadaeast",
44
  "centralindia",
45
  "centralus",
 
46
  "eastasia",
47
  "eastus",
48
  "eastus2",
49
  "eastus2euap",
50
  "francecentral",
 
 
51
  "germanywestcentral",
 
 
52
  "japaneast",
53
  "japanwest",
 
54
  "jioindiawest",
55
  "koreacentral",
56
  "koreasouth",
 
 
57
  "northcentralus",
58
  "northeurope",
59
  "norwayeast",
 
 
 
60
  "southafricanorth",
 
61
  "southcentralus",
62
  "southeastasia",
63
  "southindia",
 
64
  "swedencentral",
 
65
  "switzerlandnorth",
 
 
 
 
66
  "uaenorth",
67
  "uksouth",
68
  "ukwest",
69
  "westcentralus",
 
3
  "policyType": "BuiltIn",
4
  "mode": "Indexed",
5
  "description": "Windows Arc-enabled machines should be monitored and secured through the deployed Azure Monitor Agent. The Azure Monitor Agent collects telemetry data from the guest OS. Windows Arc-enabled machines in supported regions are monitored for Azure Monitor Agent deployment. Learn more: https://aka.ms/AMAOverview.",
6
  "metadata": {
7
+ "version": "1.2.0",
8
  "category": "Monitoring"
9
  },
10
  "parameters": {
11
  "effect": {
 
35
  {
36
  "field": "location",
37
  "in": [
38
  "australiacentral",
39
+ "australiacentral2",
40
  "australiaeast",
41
  "australiasoutheast",
42
  "brazilsouth",
43
+ "brazilsoutheast",
44
  "canadacentral",
45
  "canadaeast",
46
  "centralindia",
47
  "centralus",
48
+ "centraluseuap",
49
  "eastasia",
50
  "eastus",
51
  "eastus2",
52
  "eastus2euap",
53
  "francecentral",
54
+ "francesouth",
55
+ "germanynorth",
56
  "germanywestcentral",
57
+ "israelcentral",
58
+ "italynorth",
59
  "japaneast",
60
  "japanwest",
61
+ "jioindiacentral",
62
  "jioindiawest",
63
  "koreacentral",
64
  "koreasouth",
65
+ "malaysiasouth",
66
+ "mexicocentral",
67
  "northcentralus",
68
  "northeurope",
69
  "norwayeast",
70
+ "norwaywest",
71
+ "polandcentral",
72
+ "qatarcentral",
73
  "southafricanorth",
74
+ "southafricawest",
75
  "southcentralus",
76
  "southeastasia",
77
  "southindia",
78
+ "spaincentral",
79
  "swedencentral",
80
+ "swedensouth",
81
  "switzerlandnorth",
82
+ "switzerlandwest",
83
+ "taiwannorth",
84
+ "taiwannorthwest",
85
+ "uaecentral",
86
  "uaenorth",
87
  "uksouth",
88
  "ukwest",
89
  "westcentralus",
JSON
api-version=2021-06-01
EPAC 
{7 items
  • displayName: "Windows Arc-enabled machines should have Azure Monitor Agent installed",
  • policyType: "BuiltIn",
  • mode: "Indexed",
  • description: "Windows Arc-enabled machines should be monitored and secured through the deployed Azure Monitor Agent. The Azure Monitor Agent collects telemetry data from the guest OS. Windows Arc-enabled machines in supported regions are monitored for Azure Monitor Agent deployment. Learn more: https://aka.ms/AMAOverview.",
  • metadata: {2 items
    • version: "1.2.0",
    • category: "Monitoring"
    },
  • parameters: {1 item},
  • policyRule: {2 items
    • if: {1 item
      • allOf: [3 items
        • {2 items
          • field: "type",
          • equals: "Microsoft.HybridCompute/machines"
          },
        • {2 items
          • field: "Microsoft.HybridCompute/machines/osName",
          • equals: "Windows"
          },
        • {2 items
          • field: "location",
          • in: [57 items
            • "australiacentral",
            • "australiacentral2",
            • "australiaeast",
            • "australiasoutheast",
            • "brazilsouth",
            • "brazilsoutheast",
            • "canadacentral",
            • "canadaeast",
            • "centralindia",
            • "centralus",
            • "centraluseuap",
            • "eastasia",
            • "eastus",
            • "eastus2",
            • "eastus2euap",
            • "francecentral",
            • "francesouth",
            • "germanynorth",
            • "germanywestcentral",
            • "israelcentral",
            • "italynorth",
            • "japaneast",
            • "japanwest",
            • "jioindiacentral",
            • "jioindiawest",
            • "koreacentral",
            • "koreasouth",
            • "malaysiasouth",
            • "mexicocentral",
            • "northcentralus",
            • "northeurope",
            • "norwayeast",
            • "norwaywest",
            • "polandcentral",
            • "qatarcentral",
            • "southafricanorth",
            • "southafricawest",
            • "southcentralus",
            • "southeastasia",
            • "southindia",
            • "spaincentral",
            • "swedencentral",
            • "swedensouth",
            • "switzerlandnorth",
            • "switzerlandwest",
            • "taiwannorth",
            • "taiwannorthwest",
            • "uaecentral",
            • "uaenorth",
            • "uksouth",
            • "ukwest",
            • "westcentralus",
            • "westeurope",
            • "westindia",
            • "westus",
            • "westus2",
            • "westus3"
            ]
          }
        ]
      },
    • then: {2 items
      • effect: "[parameters('effect')]",
      • details: {2 items
        • type: "Microsoft.HybridCompute/machines/extensions",
        • existenceCondition: {1 item
          • allOf: [3 items
            • {2 items
              • field: "Microsoft.HybridCompute/machines/extensions/type",
              • equals: "AzureMonitorWindowsAgent"
              },
            • {2 items
              • field: "Microsoft.HybridCompute/machines/extensions/publisher",
              • equals: "Microsoft.Azure.Monitor"
              },
            • {2 items
              • field: "Microsoft.HybridCompute/machines/extensions/provisioningState",
              • equals: "Succeeded"
              }
            ]
          }
        }
      }
    }
}