last sync: 2020-Jul-13 14:14:31 UTC

Azure Policy Initiative

Enable Azure Monitor for Virtual Machine Scale Sets

Initiative DisplayName Enable Azure Monitor for Virtual Machine Scale Sets
Initiative Id 75714362-cae7-409e-9b99-a8e5075b7fad
Initiative Category Monitoring
Initiative Description Enable Azure Monitor for the Virtual Machine Scale Sets in the specified scope (Management group, Subscription or resource group). Takes Log Analytics workspace as parameter. Note: if your scale set upgradePolicy is set to Manual, you need to apply the extension to the all VMs in the set by calling upgrade on them. In CLI this would be az vmss update-instances.
Initiative Type BuiltIn
Initiative Changes
Date/Time (UTC ymd) (i) Change(s)
2020-04-22 04:43:14 change DisplayName Name change: '[Preview]: Enable Azure Monitor for Virtual Machine Scale Sets' to 'Enable Azure Monitor for Virtual Machine Scale Sets'
2020-02-29 21:43:11 change Description Description change: 'Enable Azure Monitor for the VM Scale Sets in the specified scope (Management group, Subscription or resource group). Takes Log Analytics workspace as parameter. Note: if your scale set upgradePolicy is set to Manual, you need to apply the extension to the all VMs in the set by calling upgrade on them. In CLI this would be az vmss update-instances.' to 'Enable Azure Monitor for the Virtual Machine Scale Sets in the specified scope (Management group, Subscription or resource group). Takes Log Analytics workspace as parameter. Note: if your scale set upgradePolicy is set to Manual, you need to apply the extension to the all VMs in the set by calling upgrade on them. In CLI this would be az vmss update-instances.'
change DisplayName Name change: '[Preview]: Enable Azure Monitor for VM Scale Sets (VMSS)' to '[Preview]: Enable Azure Monitor for Virtual Machine Scale Sets'
Initiative Policies count Total Policies: 6
Builtin Policies: 6/6
Static Policies: 0/6
Initiative Policies
Policy DisplayName Policy Id
Deploy Log Analytics agent for Linux virtual machine scale sets 5ee9e9ed-0b42-41b7-8c9c-3cfb2fbe2069
Deploy Dependency agent for Windows virtual machine scale sets 3be22e3b-d919-47aa-805e-8985dbeb0ad9
Audit Dependency agent deployment in virtual machine scale sets - VM Image (OS) unlisted e2dd799a-a932-4e9d-ac17-d473bc3c6c10
Deploy Dependency agent for Linux virtual machine scale sets 765266ab-e40e-4c61-bcb2-5a5275d0b7c0
Deploy Log Analytics agent for Windows virtual machine scale sets 3c1b3629-c8f8-4bf6-862c-037cb9094038
Audit Log Analytics agent deployment in virtual machine scale sets - VM Image (OS) unlisted 5c3bc7b8-a64c-4e08-a9cd-7ff0f31e1138
Initiative Rule
{
  "properties": {
    "displayName": "Enable Azure Monitor for Virtual Machine Scale Sets",
    "policyType": "BuiltIn",
    "description": "Enable Azure Monitor for the Virtual Machine Scale Sets in the specified scope (Management group, Subscription or resource group). Takes Log Analytics workspace as parameter. Note: if your scale set upgradePolicy is set to Manual, you need to apply the extension to the all VMs in the set by calling upgrade on them. In CLI this would be az vmss update-instances.",
    "metadata": {
      "version": "1.0.1",
      "category": "Monitoring"
    },
    "parameters": {
      "logAnalytics_1": {
        "type": "String",
        "metadata": {
          "displayName": "Log Analytics workspace",
          "description": "Select Log Analytics workspace from dropdown list. If this workspace is outside of the scope of the assignment you must manually grant 'Log Analytics Contributor' permissions (or similar) to the policy assignment's principal ID.",
          "strongType": "omsWorkspace"
        }
      },
      "listOfImageIdToInclude_windows": {
        "type": "Array",
        "metadata": {
          "displayName": "Optional: List of VM images that have supported Windows OS to add to scope",
          "description": "Example value: '/subscriptions//resourceGroups/YourResourceGroup/providers/Microsoft.Compute/images/ContosoStdImage'"
        },
        "defaultValue": [
          
        ]
      },
      "listOfImageIdToInclude_linux": {
        "type": "Array",
        "metadata": {
          "displayName": "Optional: List of VM images that have supported Linux OS to add to scope",
          "description": "Example value: '/subscriptions//resourceGroups/YourResourceGroup/providers/Microsoft.Compute/images/ContosoStdImage'"
        },
        "defaultValue": [
          
        ]
      }
    },
    "policyDefinitions": [
      {
        "policyDefinitionReferenceId": "LogAnalyticsExtension_Windows_VMSS_Deploy",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/3c1b3629-c8f8-4bf6-862c-037cb9094038",
        "parameters": {
          "logAnalytics": {
          "value": "[parameters('logAnalytics_1')]"
          },
          "listOfImageIdToInclude": {
          "value": "[parameters('listOfImageIdToInclude_windows')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "LogAnalyticsExtension_Linux_VMSS_Deploy",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5ee9e9ed-0b42-41b7-8c9c-3cfb2fbe2069",
        "parameters": {
          "logAnalytics": {
          "value": "[parameters('logAnalytics_1')]"
          },
          "listOfImageIdToInclude": {
          "value": "[parameters('listOfImageIdToInclude_linux')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "DependencyAgentExtension_Windows_VMSS_Deploy",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/3be22e3b-d919-47aa-805e-8985dbeb0ad9",
        "parameters": {
          "listOfImageIdToInclude": {
          "value": "[parameters('listOfImageIdToInclude_windows')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "DependencyAgentExtension_Linux_VMSS_Deploy",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/765266ab-e40e-4c61-bcb2-5a5275d0b7c0",
        "parameters": {
          "listOfImageIdToInclude": {
          "value": "[parameters('listOfImageIdToInclude_linux')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "LogAnalytics_OSImage_VMSS_Audit",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5c3bc7b8-a64c-4e08-a9cd-7ff0f31e1138",
        "parameters": {
          "listOfImageIdToInclude_windows": {
          "value": "[parameters('listOfImageIdToInclude_windows')]"
          },
          "listOfImageIdToInclude_linux": {
          "value": "[parameters('listOfImageIdToInclude_linux')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "DependencyAgent_OSImage_VMSS_Audit",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e2dd799a-a932-4e9d-ac17-d473bc3c6c10",
        "parameters": {
          "listOfImageIdToInclude_windows": {
          "value": "[parameters('listOfImageIdToInclude_windows')]"
          },
          "listOfImageIdToInclude_linux": {
          "value": "[parameters('listOfImageIdToInclude_linux')]"
          }
        }
      }
    ]
  },
  "id": "/providers/Microsoft.Authorization/policySetDefinitions/75714362-cae7-409e-9b99-a8e5075b7fad",
  "type": "Microsoft.Authorization/policySetDefinitions",
  "name": "75714362-cae7-409e-9b99-a8e5075b7fad"
}