AzInitiativeAdvertizer

last sync: 2023-Sep-26 18:00:58 UTC

Azure Policy Initiative (PolicySet)

[Preview]: Configure machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent

Source

Azure Portal

Display name

[Preview]: Configure machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent

362ab02d-c362-417e-a525-45805d58e21d

Version

1.0.1-preview
details on versioning

Category

Security Center
Microsoft docs

Description

Configure machines to automatically install the Azure Monitor and Azure Security agents. Microsoft Defender for Cloud collects events from the agents and uses them to provide security alerts and tailored hardening tasks (recommendations). Create a resource group, a Data Collection Rule and Log Analytics workspace in the same region as the machine to store audit records. Target machines must be in a supported location.

Type

BuiltIn

Deprecated

False

Preview

True

Policy count

Total Policies: 13
Builtin Policies: 13
Static Policies: 0

Policy used

Policy DisplayName	Policy Id	Category	Effect	Roles#	Roles	State
[Preview]: Assign Built-In User-Assigned Managed Identity to Virtual Machines	d367bd60-64ca-4364-98ea-276775bddd94	Managed Identity	Default DeployIfNotExists Allowed AuditIfNotExists, DeployIfNotExists, Disabled	2	Contributor, User Access Administrator	Preview
[Preview]: Configure Arc machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent	3b1a8e0a-b2e1-48be-9365-28be2fbef550	Security Center	Default DeployIfNotExists Allowed DeployIfNotExists, Disabled	1	Contributor	Preview
[Preview]: Configure Association to link Arc machines to default Microsoft Defender for Cloud Data Collection Rule	30f52897-df47-4ca0-81a8-a3be3e8dd226	Security Center	Default DeployIfNotExists Allowed DeployIfNotExists, Disabled	2	Log Analytics Contributor, Monitoring Contributor	Preview
[Preview]: Configure Association to link virtual machines to default Microsoft Defender for Cloud Data Collection Rule	a2ea54a3-9707-45e3-8230-bbda8309d17e	Security Center	Default DeployIfNotExists Allowed DeployIfNotExists, Disabled	2	Log Analytics Contributor, Monitoring Contributor	Preview
[Preview]: Configure supported Linux Arc machines to automatically install the Azure Security agent	2f47ec78-4301-4655-b78e-b29377030cdc	Security Center	Default DeployIfNotExists Allowed DeployIfNotExists, Disabled	1	Log Analytics Contributor	Preview
[Preview]: Configure supported Linux virtual machines to automatically install the Azure Security agent	5f8eb305-9c9f-4abe-9bb0-df220d9faba2	Security Center	Default DeployIfNotExists Allowed DeployIfNotExists, Disabled	1	Virtual Machine Contributor	Preview
[Preview]: Configure supported Windows Arc machines to automatically install the Azure Security agent	d01f3018-de9f-4d75-8dae-d12c1875da9f	Security Center	Default DeployIfNotExists Allowed DeployIfNotExists, Disabled	1	Log Analytics Contributor	Preview
[Preview]: Configure supported Windows machines to automatically install the Azure Security agent	1537496a-b1e8-482b-a06a-1cc2415cdc7b	Security Center	Default DeployIfNotExists Allowed DeployIfNotExists, Disabled	1	Virtual Machine Contributor	Preview
[Preview]: Configure virtual machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent	8b5ad9ab-3d44-4a6e-9ac3-75b04ea5fd28	Security Center	Default DeployIfNotExists Allowed DeployIfNotExists, Disabled	1	Contributor	Preview
Configure Linux Arc-enabled machines to run Azure Monitor Agent	845857af-0333-4c5d-bbbc-6076697da122	Monitoring	Default DeployIfNotExists Allowed DeployIfNotExists, Disabled	1	Azure Connected Machine Resource Administrator	GA
Configure Linux virtual machines to run Azure Monitor Agent with user-assigned managed identity-based authentication	ae8a10e6-19d6-44a3-a02d-a2bdfc707742	Monitoring	Default DeployIfNotExists Allowed DeployIfNotExists, Disabled	1	Virtual Machine Contributor	GA
Configure Windows Arc-enabled machines to run Azure Monitor Agent	94f686d6-9a24-4e19-91f1-de937dc171a4	Monitoring	Default DeployIfNotExists Allowed DeployIfNotExists, Disabled	1	Azure Connected Machine Resource Administrator	GA
Configure Windows virtual machines to run Azure Monitor Agent with user-assigned managed identity-based authentication	637125fd-7c39-4b94-bb0a-d331faf333a9	Monitoring	Default DeployIfNotExists Allowed DeployIfNotExists, Disabled	1	Virtual Machine Contributor	GA

Roles used

Total Roles usage: 16
Total Roles unique usage: 6

Role	Role Id	Policies count	Policies
Azure Connected Machine Resource Administrator	cd570a14-e51a-42ad-bac8-bafd67325302	2	Configure Linux Arc-enabled machines to run Azure Monitor Agent, Configure Windows Arc-enabled machines to run Azure Monitor Agent
Contributor	b24988ac-6180-42a0-ab88-20f7382dd24c	3	[Preview]: Assign Built-In User-Assigned Managed Identity to Virtual Machines, [Preview]: Configure Arc machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent, [Preview]: Configure virtual machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent
Log Analytics Contributor	92aaf0da-9dab-42b6-94a3-d43ce8d16293	4	[Preview]: Configure Association to link Arc machines to default Microsoft Defender for Cloud Data Collection Rule, [Preview]: Configure Association to link virtual machines to default Microsoft Defender for Cloud Data Collection Rule, [Preview]: Configure supported Linux Arc machines to automatically install the Azure Security agent, [Preview]: Configure supported Windows Arc machines to automatically install the Azure Security agent
Monitoring Contributor	749f88d5-cbae-40b8-bcfc-e573ddc772fa	2	[Preview]: Configure Association to link Arc machines to default Microsoft Defender for Cloud Data Collection Rule, [Preview]: Configure Association to link virtual machines to default Microsoft Defender for Cloud Data Collection Rule
Virtual Machine Contributor	9980e02c-c2be-4d73-94e8-173b1dc7cf3c	4	[Preview]: Configure supported Linux virtual machines to automatically install the Azure Security agent, [Preview]: Configure supported Windows machines to automatically install the Azure Security agent, Configure Linux virtual machines to run Azure Monitor Agent with user-assigned managed identity-based authentication, Configure Windows virtual machines to run Azure Monitor Agent with user-assigned managed identity-based authentication
User Access Administrator	18d7d88d-d35e-4fb5-a5c3-7773c20a72d9	1	[Preview]: Assign Built-In User-Assigned Managed Identity to Virtual Machines

History

Date/Time (UTC ymd) (i)	Changes
2022-08-12 16:33:44	Version change: '1.0.0-preview' to '1.0.1-preview'
2022-08-08 16:31:57	Name change: '[Preview]: Configure virtual and Arc-enabled machines to create the default Microsoft Defender for Cloud pipeline' to '[Preview]: Configure machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent' Description change: 'Configure machines to automatically install the Azure Monitor and Azure Security agents. Microsoft Defender for Cloud collects events from the agents and uses them to provide security alerts and tailored hardening tasks (recommendations). Create a resource group and Log Analytics workspace in the same region as the machine to store audit records. Target machines must be in a supported location.' to 'Configure machines to automatically install the Azure Monitor and Azure Security agents. Microsoft Defender for Cloud collects events from the agents and uses them to provide security alerts and tailored hardening tasks (recommendations). Create a resource group, a Data Collection Rule and Log Analytics workspace in the same region as the machine to store audit records. Target machines must be in a supported location.'
2022-06-02 16:30:53	add Initiative 362ab02d-c362-417e-a525-45805d58e21d

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01