last sync: 2022-May-23 08:52:47 UTC

Azure Policy Initiative

[Preview]: Configure prerequisites to enable Guest Attestation on Trusted Launch enabled VMs

Name[Preview]: Configure prerequisites to enable Guest Attestation on Trusted Launch enabled VMs
Azure Portal
Id281d9e47-d14d-4f05-b8eb-18f2c4a034ff
Version3.0.0-preview
details on versioning
CategoryTrusted Launch
Microsoft docs
DescriptionConfigure the Trusted Launch enabled virtual machines to automatically install the Guest Attestation extension and enable system-assigned managed identity to allow Azure Security Center to proactively attest and monitor the boot integrity. Boot integrity is attested via Remote Attestation. For more details, please refer to the following link - https://aka.ms/trustedlaunch
TypeBuiltIn
DeprecatedFalse
PreviewTrue
History
Date/Time (UTC ymd) (i) Changes
2021-10-29 15:48:14 add Policy [Preview]: Configure VMs created with Shared Image Gallery images to install the Guest Attestation extension (496e010e-fa91-4c00-be4b-92b481f67b58)
add Policy [Preview]: Configure VMSS created with Shared Image Gallery images to install the Guest Attestation extension (009259b0-12e8-42c9-94e7-7af86aa58d13)
2021-09-10 15:51:18 add Initiative 281d9e47-d14d-4f05-b8eb-18f2c4a034ff
Policy count Total Policies: 7
Builtin Policies: 7
Static Policies: 0
Policy used
Policy DisplayName Policy Id Category Effect State
[Preview]: Configure supported Linux virtual machine scale sets to automatically install the Guest Attestation extension 57c2e3f0-98cf-4c3b-aa6b-e8f70726e74e Security Center Default: DeployIfNotExists
Allowed: (DeployIfNotExists, Disabled)
Preview
[Preview]: Configure supported Linux virtual machines to automatically install the Guest Attestation extension 6074e9a3-c711-4856-976d-24d51f9e065b Security Center Default: DeployIfNotExists
Allowed: (DeployIfNotExists, Disabled)
Preview
[Preview]: Configure supported Windows virtual machine scale sets to automatically install the Guest Attestation extension c9b2ae08-09e2-4f0e-bb43-b60bf0135bdf Security Center Default: DeployIfNotExists
Allowed: (DeployIfNotExists, Disabled)
Preview
[Preview]: Configure supported Windows virtual machines to automatically install the Guest Attestation extension 98ea2fc7-6fc6-4fd1-9d8d-6331154da071 Security Center Default: DeployIfNotExists
Allowed: (DeployIfNotExists, Disabled)
Preview
[Preview]: Configure system-assigned managed identity to enable Azure Monitor assignments on VMs 17b3de92-f710-4cf4-aa55-0e7859f1ed7b Monitoring Default: Modify
Allowed: (Modify, Disabled)
Preview
[Preview]: Configure VMs created with Shared Image Gallery images to install the Guest Attestation extension 496e010e-fa91-4c00-be4b-92b481f67b58 Security Center Default: DeployIfNotExists
Allowed: (DeployIfNotExists, Disabled)
Preview
[Preview]: Configure VMSS created with Shared Image Gallery images to install the Guest Attestation extension 009259b0-12e8-42c9-94e7-7af86aa58d13 Security Center Default: DeployIfNotExists
Allowed: (DeployIfNotExists, Disabled)
Preview
JSON