AzInitiativeAdvertizer

last sync: 2021-Jun-14 13:58:51 UTC

Azure Policy Initiative

[Deprecated]: Audit Windows VMs that do not contain the specified certificates in Trusted Root

Name[Deprecated]: Audit Windows VMs that do not contain the specified certificates in Trusted Root
Azure Portal
Idcdfcc6ff-945e-4bc6-857e-056cbc511e0c
Version1.0.0-deprecated
details on versioning
CategoryGuest Configuration
Microsoft docs
DescriptionThis initiative deploys the policy requirements and audits Windows VMs that do not contain the specified certificates in the Trusted Root Certification Authorities certificate store (Cert:\LocalMachine\Root). For more information on Guest Configuration policies, please visit https://aka.ms/gcpol
TypeBuiltIn
DeprecatedTrue
PreviewFalse
History
Date/Time (UTC ymd) (i) Changes
2020-09-09 11:24:08 Name change: 'Audit Windows VMs that do not contain the specified certificates in Trusted Root' to '[Deprecated]: Audit Windows VMs that do not contain the specified certificates in Trusted Root'
2020-06-11 19:46:04 Name change: '[Preview]: Audit Windows VMs that do not contain the specified certificates in Trusted Root' to 'Audit Windows VMs that do not contain the specified certificates in Trusted Root'
Policy count Total Policies: 2
Builtin Policies: 2
Static Policies: 0
Policy used
Policy DisplayName Policy Id Category Effect State
[Deprecated]: Deploy prerequisites to audit Windows VMs that do not contain the specified certificates in Trusted Root 106ccbe4-a791-4f33-a44a-06796944b8d5 Guest Configuration Fixed: deployIfNotExists Deprecated
[Deprecated]: Show audit results from Windows VMs that do not contain the specified certificates in Trusted Root f3b9ad83-000d-4dc1-bff0-6d54533dd03f Guest Configuration Fixed: auditIfNotExists Deprecated
JSON 
{
  "properties": {
  "displayName": "[Deprecated]: Audit Windows VMs that do not contain the specified certificates in Trusted Root",
    "policyType": "BuiltIn",
    "description": "This initiative deploys the policy requirements and audits Windows VMs that do not contain the specified certificates in the Trusted Root Certification Authorities certificate store (Cert:\\LocalMachine\\Root). For more information on Guest Configuration policies, please visit https://aka.ms/gcpol",
    "metadata": {
      "version": "1.0.0-deprecated",
      "category": "Guest Configuration",
      "deprecated": true
    },
    "parameters": {
      "CertificateThumbprints": {
        "type": "String",
        "metadata": {
          "displayName": "Certificate thumbprints",
          "description": "A semicolon-separated list of certificate thumbprints that should exist under the Trusted Root certificate store (Cert:\\LocalMachine\\Root). e.g. THUMBPRINT1;THUMBPRINT2;THUMBPRINT3"
        }
      }
    },
    "policyDefinitions": [
      {
        "policyDefinitionReferenceId": "Deploy_WindowsCertificateInTrustedRoot",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/106ccbe4-a791-4f33-a44a-06796944b8d5",
        "parameters": {
          "CertificateThumbprints": {
          "value": "[parameters('CertificateThumbprints')]"
          }
        }
      },
      {
        "policyDefinitionReferenceId": "Audit_WindowsCertificateInTrustedRoot",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f3b9ad83-000d-4dc1-bff0-6d54533dd03f"
      }
    ]
  },
  "id": "/providers/Microsoft.Authorization/policySetDefinitions/cdfcc6ff-945e-4bc6-857e-056cbc511e0c",
  "type": "Microsoft.Authorization/policySetDefinitions",
  "name": "cdfcc6ff-945e-4bc6-857e-056cbc511e0c"
}