last sync: 2020-Aug-05 13:05:28 UTC

Azure Policy Initiative

Audit Windows VMs in which the Administrators group does not contain only the specified members

Initiative DisplayName Audit Windows VMs in which the Administrators group does not contain only the specified members
Initiative Id 06122b01-688c-42a8-af2e-fa97dd39aa3b
Initiative Category Guest Configuration
Initiative Description This initiative deploys the policy requirements and audits Windows virtual machines in which the Administrators group does not contain only the specified members. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol
Initiative Type BuiltIn
Initiative Changes none
Initiative Policies count Total Policies: 2
Builtin Policies: 2/2
Static Policies: 0/2
Initiative Policies
Policy DisplayName Policy Id
Show audit results from Windows VMs in which the Administrators group does not contain only the specified members cc7cda28-f867-4311-8497-a526129a8d19
Deploy prerequisites to audit Windows VMs in which the Administrators group does not contain only the specified members b821191b-3a12-44bc-9c38-212138a29ff3
Initiative Rule
{
  "properties": {
    "displayName": "Audit Windows VMs in which the Administrators group does not contain only the specified members",
    "policyType": "BuiltIn",
    "description": "This initiative deploys the policy requirements and audits Windows virtual machines in which the Administrators group does not contain only the specified members. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol",
    "metadata": {
      "version": "1.0.0",
      "category": "Guest Configuration"
    },
    "parameters": {
      "Members": {
        "type": "String",
        "metadata": {
          "displayName": "Members",
          "description": "A semicolon-separated list of all the expected members of the Administrators local group. Ex: Administrator; myUser1; myUser2"
        }
      }
    },
    "policyDefinitions": [
      {
        "policyDefinitionReferenceId": "Deploy_AdministratorsGroupMembers",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b821191b-3a12-44bc-9c38-212138a29ff3",
        "parameters": {
          "Members": {
          "value": "[parameters('Members')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Audit_AdministratorsGroupMembers",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/cc7cda28-f867-4311-8497-a526129a8d19"
      }
    ]
  },
  "id": "/providers/Microsoft.Authorization/policySetDefinitions/06122b01-688c-42a8-af2e-fa97dd39aa3b",
  "type": "Microsoft.Authorization/policySetDefinitions",
  "name": "06122b01-688c-42a8-af2e-fa97dd39aa3b"
}