AzPolicyAdvertizer

last sync: 2023-Jun-19 17:45:01 UTC

Community Policy definition

Deploy Azure Security Center Vulnerability Assessment extension if does not exist

Name Deploy Azure Security Center Vulnerability Assessment extension if does not exist
Community-Policy GitHub
Id security_deploy-vulnerablity-assesment-agent-for-custom-vm
Version n/a
details on versioning
Category Security
Microsoft docs
Description This policy deploy vulnerability assessment agent AzureSecurityCenter to Virtual Machine deployed from Shared Gallery Image.
Mode Indexed
Type Custom Community
Effect Fixed
deployIfNotExists
Used RBAC Role
Role Name Role Id
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c
Rule Aliases IF (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Compute/virtualMachines/storageProfile.imageReference.id Microsoft.Compute virtualMachines properties.storageProfile.imageReference.id true
THEN-ExistenceCondition (3)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Compute/virtualMachines/extensions/provisioningState Microsoft.Compute virtualMachines/extensions properties.provisioningState false
Microsoft.Compute/virtualMachines/extensions/publisher Microsoft.Compute virtualMachines/extensions properties.publisher false
Microsoft.Compute/virtualMachines/extensions/type Microsoft.Compute virtualMachines/extensions properties.type false
Rule ResourceTypes IF (1)
Microsoft.Compute/virtualMachines
JSON