AzPolicyAdvertizer

last sync: 2022-Sep-30 16:34:23 UTC

Azure Policy definition

Linux machines should meet requirements for the Azure compute security baseline

Name

Linux machines should meet requirements for the Azure compute security baseline
Azure Portal

fc9b3da7-8347-4380-8e70-0a0361d8dedd

Version

2.0.0
details on versioning

Category

Guest Configuration
Microsoft docs

Description

Requires that prerequisites are deployed to the policy assignment scope. For details, visit https://aka.ms/gcpol. Machines are non-compliant if the machine is not configured correctly for one of the recommendations in the Azure compute security baseline.

Mode

Indexed

Type

BuiltIn

Preview

FALSE

Deprecated

FALSE

Effect

Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)

Used RBAC Role

none

Rule Aliases

IF (7)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.Compute/imageOffer	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.offer properties.virtualMachineProfile.storageProfile.imageReference.offer properties.creationData.imageReference.id	false false false
Microsoft.Compute/imagePublisher	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.publisher properties.virtualMachineProfile.storageProfile.imageReference.publisher properties.creationData.imageReference.id	false false false
Microsoft.Compute/imageSKU	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.sku properties.virtualMachineProfile.storageProfile.imageReference.sku properties.creationData.imageReference.id	false false false
Microsoft.Compute/virtualMachines/osProfile.linuxConfiguration	Microsoft.Compute	virtualMachines	properties.osProfile.linuxConfiguration	true
Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType	Microsoft.Compute	virtualMachines	properties.storageProfile.osDisk.osType	true
Microsoft.ConnectedVMwarevSphere/virtualMachines/osProfile.osType	Microsoft.ConnectedVMwarevSphere	virtualmachines	properties.osProfile.osType	false
Microsoft.HybridCompute/imageOffer	Microsoft.HybridCompute	machines	properties.osName	false

THEN-ExistenceCondition (1)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.GuestConfiguration/guestConfigurationAssignments/complianceStatus	Microsoft.GuestConfiguration	guestConfigurationAssignments	properties.complianceStatus	false

Rule ResourceTypes

IF (3)
Microsoft.Compute/virtualMachines
Microsoft.ConnectedVMwarevSphere/virtualMachines
Microsoft.HybridCompute/machines

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2022-01-28 17:51:01	change	Major (1.3.0 > 2.0.0)
2021-12-06 22:17:57	change	Minor (1.2.0 > 1.3.0)
2021-10-19 19:10:32	change	Version remains equal, old suffix: preview (1.2.0-preview > 1.2.0)
2021-10-04 15:27:15	change	Minor, suffix remains equal (1.1.1-preview > 1.2.0-preview)
2021-05-11 14:06:18	change	Patch, suffix remains equal (1.1.0-preview > 1.1.1-preview)
2021-01-22 09:14:53	change	Minor, suffix remains equal (1.0.0-preview > 1.1.0-preview)
2020-09-02 14:03:46	add	fc9b3da7-8347-4380-8e70-0a0361d8dedd

Used in Initiatives

Initiative DisplayName	Initiative Id	Initiative Category	State	Type
[Preview]: CMMC 2.0 Level 2	4e50fd13-098b-3206-61d6-d1d78205cb45	Regulatory Compliance	Preview	BuiltIn
[Preview]: Reserve Bank of India - IT Framework for Banks	d0d5578d-cc08-2b22-31e3-f525374f235a	Regulatory Compliance	Preview	BuiltIn
Azure Security Benchmark	1f3afdf9-d0c9-4c3d-847f-89da613e70a8	Security Center	GA	BuiltIn
CMMC Level 3	b5629c75-5c77-4422-87b9-2509e680f8de	Regulatory Compliance	GA	BuiltIn
FedRAMP High	d5264498-16f4-418a-b659-fa7ef418175f	Regulatory Compliance	GA	BuiltIn
FedRAMP Moderate	e95f5a9f-57ad-4d03-bb0b-b1d16db93693	Regulatory Compliance	GA	BuiltIn
NIST SP 800-171 Rev. 2	03055927-78bd-4236-86c0-f36125a10dc9	Regulatory Compliance	GA	BuiltIn
NIST SP 800-53 Rev. 4	cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f	Regulatory Compliance	GA	BuiltIn
NIST SP 800-53 Rev. 5	179d1daa-458f-4e47-8086-2a68d0d6c38f	Regulatory Compliance	GA	BuiltIn
SOC 2 Type 2	4054785f-702b-4a98-9215-009cbd58b141	Regulatory Compliance	GA	BuiltIn

JSON Changes

Visual JSON JSON (Annotated)

Show unchanged values

JSON

AzPolicyAdvertizer

Azure Policy definition

Linux machines should meet requirements for the Azure compute security baseline

JSON Left

JSON Right