AzPolicyAdvertizer

last sync: 2021-Jan-20 16:06:14 UTC

Azure Policy definition

The Log Analytics agent should be installed on Virtual Machine Scale Sets

Name The Log Analytics agent should be installed on Virtual Machine Scale Sets
Azure Portal
Id efbde977-ba53-4479-b8e9-10b957924fbf
Version 1.0.0
details on versioning
Category Monitoring
Microsoft docs
Description This policy audits any Windows/Linux Virtual Machine Scale Sets if the Log Analytics agent is not installed.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
Used RBAC Role none
History
Date/Time (UTC ymd) (i) Change type Change detail
2019-10-11 00:02:54 add efbde977-ba53-4479-b8e9-10b957924fbf
Used in Initiatives
Initiative DisplayName Initiative Id Initiative Category State
[Deprecated]: DOD Impact Level 4 8d792a84-723c-4d92-a3c3-e4ed16a2d133 Regulatory Compliance Deprecated
[Preview]: Azure Security Benchmark v1 42a694ed-f65e-42b2-aa9e-8052e9740a92 Regulatory Compliance Preview
[Preview]: NIST SP 800-171 R2 03055927-78bd-4236-86c0-f36125a10dc9 Regulatory Compliance Preview
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA
Json 
{
  "properties": {
    "displayName": "The Log Analytics agent should be installed on Virtual Machine Scale Sets",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "This policy audits any Windows/Linux Virtual Machine Scale Sets if the Log Analytics agent is not installed.",
    "metadata": {
      "version": "1.0.0",
      "category": "Monitoring"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "AuditIfNotExists",
          "Disabled"
        ],
        "defaultValue": "AuditIfNotExists"
      }
    },
    "policyRule": {
      "if": {
        "field": "type",
        "equals": "Microsoft.Compute/virtualMachineScaleSets"
      },
      "then": {
      "effect": "[parameters('effect')]",
        "details": {
          "type": "Microsoft.Compute/virtualMachineScaleSets/extensions",
          "existenceCondition": {
            "allOf": [
              {
                "field": "Microsoft.Compute/virtualMachineScaleSets/extensions/publisher",
                "equals": "Microsoft.EnterpriseCloud.Monitoring"
              },
              {
                "field": "Microsoft.Compute/virtualMachineScaleSets/extensions/type",
                "in": [
                  "MicrosoftMonitoringAgent",
                  "OmsAgentForLinux"
                ]
              },
              {
                "field": "Microsoft.Compute/virtualMachineScaleSets/extensions/provisioningState",
                "equals": "Succeeded"
              },
              {
                "field": "Microsoft.Compute/virtualMachineScaleSets/extensions/settings.workspaceId",
                "exists": "true"
              }
            ]
          }
        }
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/efbde977-ba53-4479-b8e9-10b957924fbf",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "efbde977-ba53-4479-b8e9-10b957924fbf"
}