AzInitiativeAdvertizer

last sync: 2021-Sep-22 19:36:52 UTC

Azure Policy Initiative

[Deprecated]: Audit Windows VMs that do not contain the specified certificates in Trusted Root

Name [Deprecated]: Audit Windows VMs that do not contain the specified certificates in Trusted Root
Azure Portal

Id cdfcc6ff-945e-4bc6-857e-056cbc511e0c

Version 1.0.0-deprecated
details on versioning

Category Guest Configuration
Microsoft docs

Description This initiative deploys the policy requirements and audits Windows VMs that do not contain the specified certificates in the Trusted Root Certification Authorities certificate store (Cert:\LocalMachine\Root). For more information on Guest Configuration policies, please visit https://aka.ms/gcpol

Type BuiltIn

Deprecated True

Preview False

History

Date/Time (UTC ymd) (i)	Changes
2020-09-09 11:24:08	Name change: 'Audit Windows VMs that do not contain the specified certificates in Trusted Root' to '[Deprecated]: Audit Windows VMs that do not contain the specified certificates in Trusted Root'
2020-06-11 19:46:04	Name change: '[Preview]: Audit Windows VMs that do not contain the specified certificates in Trusted Root' to 'Audit Windows VMs that do not contain the specified certificates in Trusted Root'

Policy count Total Policies: 2
Builtin Policies: 2
Static Policies: 0

Policy used

Policy DisplayName	Policy Id	Category	Effect	State
[Deprecated]: Deploy prerequisites to audit Windows VMs that do not contain the specified certificates in Trusted Root	106ccbe4-a791-4f33-a44a-06796944b8d5	Guest Configuration	Fixed: deployIfNotExists	Deprecated
[Deprecated]: Show audit results from Windows VMs that do not contain the specified certificates in Trusted Root	f3b9ad83-000d-4dc1-bff0-6d54533dd03f	Guest Configuration	Fixed: auditIfNotExists	Deprecated

JSON

{
  "displayName": "[Deprecated]: Audit Windows VMs that do not contain the specified certificates in Trusted Root",
  "policyType": "BuiltIn",
  "description": "This initiative deploys the policy requirements and audits Windows VMs that do not contain the specified certificates in the Trusted Root Certification Authorities certificate store (Cert:\\LocalMachine\\Root). For more information on Guest Configuration policies, please visit https://aka.ms/gcpol",
  "metadata": {
    "version": "1.0.0-deprecated",
    "category": "Guest Configuration",
    "deprecated": true
  },
  "parameters": {
    "CertificateThumbprints": {
      "type": "String",
      "metadata": {
        "displayName": "Certificate thumbprints",
        "description": "A semicolon-separated list of certificate thumbprints that should exist under the Trusted Root certificate store (Cert:\\LocalMachine\\Root). e.g. THUMBPRINT1;THUMBPRINT2;THUMBPRINT3"
      }
    }
  },
  "policyDefinitions": [
    {
      "policyDefinitionReferenceId": "Deploy_WindowsCertificateInTrustedRoot",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/106ccbe4-a791-4f33-a44a-06796944b8d5",
      "parameters": {
        "CertificateThumbprints": {
          "value": "[parameters('CertificateThumbprints')]"
        }
      }
    },
    {
      "policyDefinitionReferenceId": "Audit_WindowsCertificateInTrustedRoot",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f3b9ad83-000d-4dc1-bff0-6d54533dd03f"
    }
  ]
}