AzInitiativeAdvertizer

last sync: 2025-Mar-14 18:30:04 UTC

Enforce Azure Compute Security Benchmark compliance auditing

Source

Display name

Enforce Azure Compute Security Benchmark compliance auditing

Enforce-ACSB

Version

Category

Guest Configuration

Description

Enforce Azure Compute Security Benchmark compliance auditing for Windows and Linux virtual machines.

Cloud environments

AzureCloud

Type

Custom Azure Landing Zones (ALZ)

Deprecated

False

Preview

False

Policy count

Total Policies: 5
Builtin Policies: 5
Static Policies: 0
ALZ Policies: 0

Policy used

Policy DisplayName	Policy Id	Category	Effect	Roles#	Roles	State	Type	policy in AzUSGov
Add system-assigned managed identity to enable Guest Configuration assignments on virtual machines with no identities	3cf2ab00-13f1-4d0c-8971-2ac904541a7e	Guest Configuration	Fixed modify	1	Contributor	GA	BuiltIn	true
Deploy the Linux Guest Configuration extension to enable Guest Configuration assignments on Linux VMs	331e8ea8-378a-410f-a2e5-ae22f38bb0da	Guest Configuration	Fixed deployIfNotExists	1	Contributor	GA	BuiltIn	true
Deploy the Windows Guest Configuration extension to enable Guest Configuration assignments on Windows VMs	385f5831-96d4-41db-9a3c-cd3af78aaae6	Guest Configuration	Fixed deployIfNotExists	1	Contributor	GA	BuiltIn	true
Linux machines should meet requirements for the Azure compute security baseline	fc9b3da7-8347-4380-8e70-0a0361d8dedd	Guest Configuration	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA	BuiltIn	true
Windows machines should meet requirements of the Azure compute security baseline	72650e9f-97bc-4b2a-ab5f-9781a9fcecbc	Guest Configuration	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA	BuiltIn	true

Roles used

Total Roles usage: 3
Total Roles unique usage: 1

Role	Role Id	Policies count	Policies
Contributor	b24988ac-6180-42a0-ab88-20f7382dd24c	3	Add system-assigned managed identity to enable Guest Configuration assignments on virtual machines with no identities, Deploy the Linux Guest Configuration extension to enable Guest Configuration assignments on Linux VMs, Deploy the Windows Guest Configuration extension to enable Guest Configuration assignments on Windows VMs

History

none

JSON compare

n/a

JSON

EPAC