last sync: 2020-Aug-07 14:05:08 UTC

Azure Policy Initiative

[Deprecated]: Audit Windows VMs on which Windows Defender Exploit Guard is not enabled

Initiative DisplayName [Deprecated]: Audit Windows VMs on which Windows Defender Exploit Guard is not enabled
Initiative Id 9d2fd8e6-95c8-410d-add0-43ada4241574
Initiative Category Guest Configuration
Initiative Description This initiative deploys the policy requirements and audits Windows virtual machines on which Windows Defender Exploit Guard is not enabled. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol
Initiative Type BuiltIn
Initiative Changes
Date/Time (UTC ymd) (i) Change(s)
2020-04-22 04:43:14 change DisplayName Name change: '[Preview]: Audit Windows VMs on which Windows Defender Exploit Guard is not enabled' to '[Deprecated]: Audit Windows VMs on which Windows Defender Exploit Guard is not enabled'
Initiative Policies count Total Policies: 2
Builtin Policies: 2/2
Static Policies: 0/2
Initiative Policies
Policy DisplayName Policy Id
[Deprecated]: Show audit results from Windows VMs on which Windows Defender Exploit Guard is not enabled 0d9b45ff-9ddd-43fc-bf59-fbd1c8423053
[Deprecated]: Deploy prerequisites to audit Windows VMs on which Windows Defender Exploit Guard is not enabled 6a7a2bcf-f9be-4e35-9734-4f9657a70f1d
Initiative Rule
{
  "properties": {
  "displayName": "[Deprecated]: Audit Windows VMs on which Windows Defender Exploit Guard is not enabled",
    "policyType": "BuiltIn",
    "description": "This initiative deploys the policy requirements and audits Windows virtual machines on which Windows Defender Exploit Guard is not enabled. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol",
    "metadata": {
      "version": "1.0.0-deprecated",
      "category": "Guest Configuration",
      "deprecated": true
    },
    "parameters": {
      "NotAvailableMachineState": {
        "type": "String",
        "metadata": {
        "displayName": "[Deprecated]: State in which to show VMs on which Windows Defender Exploit Guard is not available",
          "description": "Windows Defender Exploit Guard is only available starting with Windows 10/Windows Server with update 1709. Setting this value to 'Non-Compliant' will make machines with older versions on which Windows Defender Exploit Guard is not available (such as Windows Server 2012 R2) non-compliant. Setting this value to 'Compliant' will make these machines compliant."
        },
        "allowedValues": [
          "Compliant",
          "Non-Compliant"
        ],
        "defaultValue": "Non-Compliant"
      }
    },
    "policyDefinitions": [
      {
        "policyDefinitionReferenceId": "Deploy_WindowsDefenderExploitGuard",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6a7a2bcf-f9be-4e35-9734-4f9657a70f1d",
        "parameters": {
          "NotAvailableMachineState": {
          "value": "[parameters('NotAvailableMachineState')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Audit_WindowsDefenderExploitGuard",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0d9b45ff-9ddd-43fc-bf59-fbd1c8423053"
      }
    ]
  },
  "id": "/providers/Microsoft.Authorization/policySetDefinitions/9d2fd8e6-95c8-410d-add0-43ada4241574",
  "type": "Microsoft.Authorization/policySetDefinitions",
  "name": "9d2fd8e6-95c8-410d-add0-43ada4241574"
}