| Category | Id | DisplayName | Description | Details (UTC ymd) (i) |
|---|---|---|---|---|
| Monitoring | 39a366e6-fdde-4f41-bbf8-3757f46d1611 | [Preview]: Configure Azure Defender for SQL agents on virtual machines | Configure virtual machines to automatically install the Azure Defender for SQL agents where the Azure Monitor Agent is installed. Security Center collects events from the agents and uses them to provide security alerts and tailored hardening tasks (recommendations). Creates a resource group and Log Analytics workspace in the same region as the machine. This policy only applies to VMs in a few regions. | 2021-06-02 22:44:53:
add Initiative |
| Monitoring | 118f04da-0375-44d1-84e3-0fd9e1849403 | Configure Azure Monitor Agent to Linux virtual machines and associate to Data Collection Rule | Deploy Azure Monitor Agent for Linux virtual machines if the virtual machine image (OS) and location are in the list defined and the agent is not installed. Then, deploy Association to link virtual machine to specified Data Collection Rule. The list of OS images is updated over time as support is increased. | 2021-05-26 13:43:18:
add Initiative |
| Monitoring | 9575b8b7-78ab-4281-b53b-d3c1ace2260b | Configure Azure Monitor Agent to Windows virtual machines and associate to Data Collection Rule | Deploy Azure Monitor Agent for Windows virtual machines if the virtual machine image (OS) and location are in the list defined and the agent is not installed. Then, deploy Association to link virtual machine to specified Data Collection Rule. The list of OS images is updated over time as support is increased. | 2021-05-26 13:43:18:
add Initiative |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2021-05-18 14:34:49:
add Policy (9) |
| Guest Configuration | be7a78aa-3e10-4153-a5fd-8c6506dbc821 | [Preview]: Windows machines should meet requirements for the Azure compute security baseline | This initiative audits Windows machines with settings that do not meet the Azure compute security baseline. For details, please visit https://aka.ms/gcpol | 2021-05-13 14:39:12:
change DisplayName
change Description |
| Guest Configuration | d618d658-b2d0-410e-9e2e-bfbfd04d09fa | [Deprecated]: Audit Windows VMs that do not match Azure compute security baseline settings | This initiative deploys the policy requirements and audits Windows virtual machines with non-compliant Azure compute security baseline configurations. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2021-05-13 14:39:12:
change DisplayName
change Description |
| Security Center | e77fc0b3-f7e9-4c58-bc13-cb753ed8e46e | Configure Advanced Threat Protection to be enabled on open-source relational databases | Enable Advanced Threat Protection on your non-Basic tier open-source relational databases to detect anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. See https://aka.ms/AzDforOpenSourceDBsDocu. | 2021-05-11 14:06:20:
add Initiative |
| Guest Configuration | 12794019-7a00-42cf-95c2-882eed337cc8 | Deploy prerequisites to enable Guest Configuration policies on virtual machines | This initiative adds a system-assigned managed identity and deploys the platform-appropriate Guest Configuration extension to virtual machines that are eligible to be monitored by Guest Configuration policies. This is a prerequisite for all Guest Configuration policies and must be assigned to the policy assignment scope before using any Guest Configuration policy. For more information on Guest Configuration, visit https://aka.ms/gcpol. | 2021-05-11 14:06:20:
change DisplayName |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2021-05-04 14:34:05:
remove Policy (2) |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2021-04-21 13:28:48:
remove Policy (2) |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center | 2021-04-21 13:28:48:
remove Policy (2) |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | [Preview]: CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. | 2021-04-21 13:28:48:
remove Policy (1) |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2021-04-13 13:29:23:
add Policy (4) |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | This initiative includes policies that address a subset of CIS Microsoft Azure Foundations Benchmark recommendations. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cisazure110-initiative. | 2021-04-07 13:27:17:
change DisplayName |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | [Preview]: CIS Microsoft Azure Foundations Benchmark v1.3.0 | This initiative includes policies that address a subset of CIS Microsoft Azure Foundations Benchmark recommendations. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cisazure130-initiative. | 2021-04-07 13:27:17:
change DisplayName |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | This initiative includes policies that address a subset of CIS Microsoft Azure Foundations Benchmark recommendations. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cisazure110-initiative. | 2021-03-31 14:35:06:
add Policy (8)
remove Policy (1) |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2021-03-24 14:32:49:
add Policy (1) |
| Network | 62329546-775b-4a3d-a4cb-eb4bb990d2c0 | Flow logs should be configured and enabled for every network security group | Audit for network security groups to verify if flow logs are configured and if flow log status is enabled. Enabling flow logs allows to log information about IP traffic flowing through network security group. It can be used for optimizing network flows, monitoring throughput, verifying compliance, detecting intrusions and more. | 2021-03-10 14:52:45:
add Initiative |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Preview]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. | 2021-03-10 14:52:45:
change DisplayName |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Preview]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. | 2021-03-02 20:05:39:
remove Policy (2) |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2021-02-23 16:24:42:
add Policy (13) |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | [Preview]: CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. | 2021-02-17 14:28:42:
remove Policy (2) |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | This initiative includes policies that address a subset of CIS Microsoft Azure Foundations Benchmark recommendations. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cisazure110-initiative. | 2021-02-17 14:28:42:
add Policy (2) |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | This initiative includes audit and virtual machine extension deployment policies that address a subset of HITRUST/HIPAA controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/hipaa-blueprint. | 2021-02-17 14:28:42:
add Policy (2) |
| Regulatory Compliance | 612b5213-9160-4969-8578-1518bd2a000c | [Preview]: CIS Microsoft Azure Foundations Benchmark v1.3.0 | This initiative includes policies that address a subset of CIS Microsoft Azure Foundations Benchmark recommendations. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cisazure130-initiative. | 2021-02-17 14:28:42:
add Initiative |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2021-02-09 14:46:37:
change Description
change DisplayName |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. | 2021-02-09 14:46:37:
change Description |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center | 2021-02-09 14:46:37:
change Description |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | This initiative includes audit and virtual machine extension deployment policies that address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init. | 2021-02-09 14:46:37:
change Description |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | [Preview]: CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. | 2021-02-03 15:09:01:
remove Policy (2) |
| Regulatory Compliance | d1a462af-7e6d-4901-98ac-61570b4ed22a | [Preview]: New Zealand ISM Restricted | This initiative includes policies that address a subset of New Zealand Information Security Manual controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nzism-initiative. | 2021-02-03 15:09:01:
add Initiative |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | [Preview]: NIST SP 800-171 R2 | This initiative includes audit and virtual machine extension policies that address a subset of NIST SP 800-171 R2 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800171r2-blueprint. | 2021-01-22 09:14:56:
remove Policy (2)
add Policy (1) |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | This initiative includes policies that address a subset of CIS Microsoft Azure Foundations Benchmark recommendations. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cisazure110-initiative. | 2021-01-22 09:14:56:
remove Policy (2)
add Policy (1) |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. | 2021-01-22 09:14:56:
remove Policy (2)
change DisplayName |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | This initiative includes audit and virtual machine extension deployment policies that address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init. | 2021-01-22 09:14:56:
remove Policy (1)
add Policy (1) |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DOD Impact Level 4 | This initiative includes audit and virtual machine extension deployment policies that address a subset of DOD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-blueprint. | 2021-01-22 09:14:56:
remove Policy (2) |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | This initiative includes audit and virtual machine extension deployment policies that address a subset of FedRAMP M controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/fedrampm-blueprint. | 2021-01-22 09:14:56:
add Policy (1)
remove Policy (1) |
| Regulatory Compliance | 496eeda9-8f2f-4d5e-8dfd-204f0a92ed41 | PCI v3.2.1:2018 | This initiative includes audit and virtual machine extension deployment policies that address a subset of PCI v3.2.1:2018 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/pciv321-init. | 2021-01-22 09:14:56:
add Policy (1)
remove Policy (1) |
| Regulatory Compliance | 92646f03-e39d-47a9-9e24-58d60ef49af8 | [Preview]: Motion Picture Association of America (MPAA) | This initiative includes audit and virtual machine extension deployment policies that address a subset of Motion Picture Association of America (MPAA) security and guidelines controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/mpaa-blueprint. | 2021-01-22 09:14:56:
add Policy (1)
remove Policy (1) |
| Regulatory Compliance | 4c4a5f27-de81-430b-b4e5-9cbd50595a87 | Canada Federal PBMM | This initiative includes audit and virtual machine extension deployment policies that address a subset of Canada Federal PBMM controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/canadafederalpbmm-blueprint. | 2021-01-22 09:14:56:
add Policy (1)
remove Policy (1) |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-blueprint and https://aka.ms/uknhs-blueprint. | 2021-01-22 09:14:56:
add Policy (1)
remove Policy (1) |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center | 2021-01-22 09:14:56:
change DisplayName
remove Policy (1) |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 R4 | This initiative includes audit and virtual machine extension deployment policies that address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist80053-blueprint. | 2021-01-22 09:14:56:
add Policy (1)
remove Policy (1) |
| Regulatory Compliance | 105e0327-6175-4eb2-9af4-1fba43bdb39d | IRS1075 September 2016 | This initiative includes audit and virtual machine extension deployment policies that address a subset of IRS1075 September 2016 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/irs1075-blueprint. | 2021-01-22 09:14:56:
add Policy (1)
remove Policy (1) |
| Regulatory Compliance | b5629c75-5c77-4422-87b9-2509e680f8de | [Preview]: CMMC Level 3 | This initiative includes policies that address a subset of Cybersecurity Maturity Model Certification (CMMC) Level 3 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cmmc-initiative. | 2021-01-22 09:14:56:
add Initiative |
| Monitoring | a15f3269-2e10-458c-87a4-d5989e678a73 | [Preview]: Deploy - Configure prerequisites to enable Azure Monitor and Azure Security agents on virtual machines | Configure machines to automatically install the Azure Monitor and Azure Security agents. Security Center collects events from the agents and uses them to provide security alerts and tailored hardening tasks (recommendations). Create a resource group and Log Analytics workspace in the same region as the machine to store audit records. This policy only applies to VMs in a few regions. | 2021-01-22 09:14:56:
add Initiative |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes audit and virtual machine extension deployment policies that address a subset of Australian Government Information Security Manual(ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/AustralianGovernmentISM-blueprint. | 2021-01-22 09:14:56:
remove Policy (1) |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | This initiative includes audit and virtual machine extension deployment policies that address a subset of HITRUST/HIPAA controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/hipaa-blueprint. | 2021-01-22 09:14:56:
remove Policy (1) |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2021-01-22 09:14:56:
remove Policy (1) |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | This initiative includes audit and virtual machine extension deployment policies that address a subset of FedRAMP H controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/fedramph-blueprint. | 2021-01-22 09:14:56:
remove Policy (1) |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | This initiative includes policies that address a subset of CIS Microsoft Azure Foundations Benchmark recommendations. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cisazure110-initiative. | 2021-01-20 16:06:15:
change Description |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | This initiative includes policies that address a subset of CIS Microsoft Azure Foundations Benchmark recommendations. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cisazure110-initiative. | 2021-01-14 16:08:03:
add Policy (4) |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. | 2021-01-13 16:08:35:
change Description
change DisplayName |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2021-01-05 16:06:49:
add Policy (34) |
| Regulatory Compliance | bb522ac1-bc39-4957-b194-429bcd3bcb0b | [Deprecated]: Azure Security Benchmark v2 | This initiative has been deprecated. The Azure Security Benchmark v2 policy set is now represented in the consolidated Azure Security Benchmark initiative, which also serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center | 2021-01-05 16:06:49:
add Initiative |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2020-12-11 15:42:52:
add Policy (4)
remove Policy (1) |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2020-10-27 14:12:47:
add Policy (17) |
| Kubernetes | a8640138-9b0a-4a28-b8cb-1666c838647d | Kubernetes cluster pod security baseline standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security baseline standards. This policy is generally available for Kubernetes Service (AKS), and preview for AKS Engine and Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. | 2020-10-13 13:23:38:
change Description |
| Kubernetes | 42b8ef37-b724-4e24-bbc8-7a7708edfe00 | Kubernetes cluster pod security restricted standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security restricted standards. This policy is generally available for Kubernetes Service (AKS), and preview for AKS Engine and Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. | 2020-10-13 13:23:38:
change Description |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2020-10-13 13:23:38:
add Policy (1) |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2020-09-15 14:06:41:
add Policy (5)
remove Policy (1) |
| Kubernetes | a8640138-9b0a-4a28-b8cb-1666c838647d | Kubernetes cluster pod security baseline standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security baseline standards. This policy is generally available for Kubernetes Service (AKS), and preview for AKS Engine and Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. | 2020-09-15 14:06:41:
change DisplayName |
| Kubernetes | 42b8ef37-b724-4e24-bbc8-7a7708edfe00 | Kubernetes cluster pod security restricted standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security restricted standards. This policy is generally available for Kubernetes Service (AKS), and preview for AKS Engine and Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. | 2020-09-15 14:06:41:
change DisplayName |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. | 2020-09-15 14:06:41:
remove Policy (1) |
| Regulatory Compliance | 3e0c67fc-8c7c-406c-89bd-6b6bdc986a22 | [Preview]: SWIFT CSP-CSCF v2020 | This initiative includes audit and virtual machine extension deployment policies that address a subset of SWIFT CSP-CSCF v2020 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift-blueprint. | 2020-09-09 11:24:08:
remove Policy (26)
add Policy (17) |
| Regulatory Compliance | 105e0327-6175-4eb2-9af4-1fba43bdb39d | IRS1075 September 2016 | This initiative includes audit and virtual machine extension deployment policies that address a subset of IRS1075 September 2016 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/irs1075-blueprint. | 2020-09-09 11:24:08:
remove Policy (24)
add Policy (16) |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 R4 | This initiative includes audit and virtual machine extension deployment policies that address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist80053-blueprint. | 2020-09-09 11:24:08:
remove Policy (24)
add Policy (16) |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | This initiative includes audit and virtual machine extension deployment policies that address a subset of FedRAMP M controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/fedrampm-blueprint. | 2020-09-09 11:24:08:
remove Policy (24)
add Policy (16) |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | This initiative includes audit and virtual machine extension deployment policies that address a subset of FedRAMP H controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/fedramph-blueprint. | 2020-09-09 11:24:08:
remove Policy (24)
add Policy (16) |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DOD Impact Level 4 | This initiative includes audit and virtual machine extension deployment policies that address a subset of DOD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-blueprint. | 2020-09-09 11:24:08:
remove Policy (24)
add Policy (16) |
| Regulatory Compliance | 4c4a5f27-de81-430b-b4e5-9cbd50595a87 | Canada Federal PBMM | This initiative includes audit and virtual machine extension deployment policies that address a subset of Canada Federal PBMM controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/canadafederalpbmm-blueprint. | 2020-09-09 11:24:08:
add Policy (15)
remove Policy (22) |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | [Preview]: NIST SP 800-171 R2 | This initiative includes audit and virtual machine extension policies that address a subset of NIST SP 800-171 R2 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800171r2-blueprint. | 2020-09-09 11:24:08:
add Policy (14)
remove Policy (20) |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-blueprint and https://aka.ms/uknhs-blueprint. | 2020-09-09 11:24:08:
remove Policy (19)
add Policy (13) |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | This initiative includes audit and virtual machine extension deployment policies that address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init. | 2020-09-09 11:24:08:
remove Policy (18)
add Policy (13) |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | This initiative includes audit and virtual machine extension deployment policies that address a subset of HITRUST/HIPAA controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/hipaa-blueprint. | 2020-09-09 11:24:08:
remove Policy (16)
add Policy (9) |
| Regulatory Compliance | 92646f03-e39d-47a9-9e24-58d60ef49af8 | [Preview]: Motion Picture Association of America (MPAA) | This initiative includes audit and virtual machine extension deployment policies that address a subset of Motion Picture Association of America (MPAA) security and guidelines controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/mpaa-blueprint. | 2020-09-09 11:24:08:
remove Policy (10)
add Policy (6) |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes audit and virtual machine extension deployment policies that address a subset of Australian Government Information Security Manual(ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/AustralianGovernmentISM-blueprint. | 2020-09-09 11:24:08:
add Policy (5)
remove Policy (8) |
| Regulatory Compliance | 496eeda9-8f2f-4d5e-8dfd-204f0a92ed41 | PCI v3.2.1:2018 | This initiative includes audit and virtual machine extension deployment policies that address a subset of PCI v3.2.1:2018 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/pciv321-init. | 2020-09-09 11:24:08:
add Policy (6)
remove Policy (6) |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. | 2020-09-09 11:24:08:
add Policy (4)
remove Policy (8) |
| Guest Configuration | 4ddaefff-7c78-4824-9b27-5c344f3cdf90 | [Deprecated]: Audit Windows VMs on which the remote host connection status does not match the specified one | This initiative deploys the policy requirements and audits Windows virtual machines on which the remote host connection status does not match the specified one. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-09-09 11:24:08:
change DisplayName |
| Guest Configuration | 133046de-0bd7-4546-93f4-f452e9e258b7 | [Deprecated]: Audit Windows VMs in which the Administrators group does not contain all of the specified members | This initiative deploys the policy requirements and audits Windows virtual machines in which the Administrators group does not contain all of the specified members. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-09-09 11:24:08:
change DisplayName |
| Guest Configuration | d7fff7ea-9d47-4952-b854-b7da261e48f2 | [Deprecated]: Audit Windows VMs that have the specified applications installed | This initiative deploys the policy requirements and audits Windows virtual machines that have the specified applications installed. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-09-09 11:24:08:
change DisplayName |
| Guest Configuration | c937dcb4-4398-4b39-8d63-4a6be432252e | [Deprecated]: Audit Linux VMs that do not have the specified applications installed | This initiative deploys the policy requirements and audits Linux virtual machines that do not have the specified applications installed. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-09-09 11:24:08:
change DisplayName |
| Guest Configuration | acb6cd8e-45f5-466f-b3cb-ff6fce525f71 | [Deprecated]: Audit Windows Server VMs on which Windows Serial Console is not enabled | This initiative deploys the policy requirements and audits Windows Server virtual machines on which Windows Serial Console is not enabled. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-09-09 11:24:08:
change DisplayName |
| Guest Configuration | 06122b01-688c-42a8-af2e-fa97dd39aa3b | [Deprecated]: Audit Windows VMs in which the Administrators group does not contain only the specified members | This initiative deploys the policy requirements and audits Windows virtual machines in which the Administrators group does not contain only the specified members. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-09-09 11:24:08:
change DisplayName |
| Guest Configuration | cdfcc6ff-945e-4bc6-857e-056cbc511e0c | [Deprecated]: Audit Windows VMs that do not contain the specified certificates in Trusted Root | This initiative deploys the policy requirements and audits Windows VMs that do not contain the specified certificates in the Trusted Root Certification Authorities certificate store (Cert:\LocalMachine\Root). For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-09-09 11:24:08:
change DisplayName |
| Guest Configuration | 8bc55e6b-e9d5-4266-8dac-f688d151ec9c | [Deprecated]: Audit Windows web servers that are not using secure communication protocols | This initiative deploys the policy requirements and audits Windows web servers that are not using secure communication protocols (TLS 1.1 or TLS 1.2). For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-09-09 11:24:08:
change DisplayName |
| Guest Configuration | add1999e-a61c-46d3-b8c3-f35fb8398175 | [Deprecated]: Audit Windows VMs in which the Administrators group contains any of the specified members | This initiative deploys the policy requirements and audits Windows virtual machines in which the Administrators group contains any of the specified members. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-09-09 11:24:08:
change DisplayName |
| Guest Configuration | c96b2a9c-6fab-4ac2-ae21-502143491cd4 | [Deprecated]: Audit Windows VMs with a pending reboot | This initiative deploys the policy requirements and audits Windows virtual machines with a pending reboot. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-09-09 11:24:08:
change DisplayName |
| Guest Configuration | 6b3c1e80-8ae5-405b-b021-c23d13b3959f | [Deprecated]: Audit Windows VMs that are not joined to the specified domain | This initiative deploys the policy requirements and audits Windows virtual machines that are not joined to the specified domain. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-09-09 11:24:08:
change DisplayName |
| Guest Configuration | 538942d3-3fae-4fb6-9d94-744f9a51e7da | [Deprecated]: Audit Windows VMs that are not set to the specified time zone | This initiative deploys the policy requirements and audits Windows virtual machines that are not set to the specified time zone. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-09-09 11:24:08:
change DisplayName |
| Guest Configuration | c58599d5-0d51-454f-aaf1-da18a5e76edd | [Deprecated]: Audit Windows VMs on which the DSC configuration is not compliant | This initiative deploys the policy requirements and audits Windows VMs on which the Desired State Configuration (DSC) configuration is not compliant. This policy is only applicable to machines with WMF 4 and above. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-09-09 11:24:08:
change DisplayName |
| Guest Configuration | 8eeec860-e2fa-4f89-a669-84942c57225f | [Deprecated]: Audit Windows VMs on which the specified services are not installed and 'Running' | This initiative deploys the policy requirements and audits Windows virtual machines on which the specified services are not installed and 'Running'. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-09-09 11:24:08:
change DisplayName |
| Guest Configuration | 25ef9b72-4af2-4501-acd1-fc814e73dde1 | [Deprecated]: Audit Windows VMs that do not have the specified applications installed | This initiative deploys the policy requirements and audits Windows virtual machines that do not have the specified applications installed. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-09-09 11:24:08:
change DisplayName |
| Guest Configuration | f48bcc78-5400-4fb0-b913-5140a2e5fa20 | [Deprecated]: Audit Linux VMs that have the specified applications installed | This initiative deploys the policy requirements and audits Linux virtual machines that have the specified applications installed. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-09-09 11:24:08:
change DisplayName |
| Guest Configuration | b8b5b0a8-b809-4e5d-8082-382c686e35b7 | [Deprecated]: Audit Windows VMs that have not restarted within the specified number of days | This initiative deploys the policy requirements and audits Windows virtual machines that have not restarted within the specified number of days. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-09-09 11:24:08:
change DisplayName |
| Guest Configuration | b6f5e05c-0aaa-4337-8dd4-357c399d12ae | [Deprecated]: Audit Windows VMs that contain certificates expiring within the specified number of days | This initiative deploys the policy requirements and audits Windows virtual machines that contain certificates expiring within the specified number of days. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-09-09 11:24:08:
change DisplayName |
| Guest Configuration | 095e4ed9-c835-4ab6-9439-b5644362a06c | Audit machines with insecure password security settings | This initiative deploys the policy requirements and audits machines with insecure password security settings. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-09-09 11:24:08:
add Initiative |
| Guest Configuration | 06c5e415-a662-463a-bb85-ede14286b979 | [Deprecated]: Audit Windows VMs on which the Log Analytics agent is not connected as expected | This initiative deploys the policy requirements and audits Windows virtual machines on which the Log Analytics agent is not connected to the specified workspaces. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-09-09 11:24:08:
change DisplayName |
| Guest Configuration | 3fa7cbf5-c0a4-4a59-85a5-cca4d996d5a6 | [Deprecated]: Audit VMs with insecure password security settings | This initiative deploys the policy requirements and audits virtual machines with insecure password security settings. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-09-09 11:24:08:
change DisplayName |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | This initiative includes policies that address a subset of CIS Microsoft Azure Foundations Benchmark recommendations. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cisazure110-initiative. | 2020-09-02 14:03:46:
remove Policy (7)
add Policy (3) |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. | 2020-09-02 14:03:46:
remove Policy (7) |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | [Preview]: NIST SP 800-171 R2 | This initiative includes audit and virtual machine extension policies that address a subset of NIST SP 800-171 R2 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800171r2-blueprint. | 2020-09-02 14:03:46:
remove Policy (4) |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DOD Impact Level 4 | This initiative includes audit and virtual machine extension deployment policies that address a subset of DOD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-blueprint. | 2020-09-02 14:03:46:
remove Policy (4) |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2020-08-28 14:17:28:
add Policy (1) |
| Guest Configuration | f000289c-47af-4043-87da-91ba9e1a2720 | [Deprecated]: Audit Windows VMs that do not have the specified Windows PowerShell execution policy | This initiative deploys the policy requirements and audits Windows virtual machines where Windows PowerShell is not configured to use the specified PowerShell execution policy. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-08-28 14:17:28:
change DisplayName |
| Guest Configuration | c980fd64-c67f-49a6-a8a8-e57661150802 | [Deprecated]: Audit Windows VMs that do not have the specified Windows PowerShell modules installed | This initiative deploys the policy requirements and audits Windows virtual machines that do not have the specified Windows PowerShell modules installed. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-08-28 14:17:28:
change DisplayName |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | This initiative includes audit and virtual machine extension deployment policies that address a subset of HITRUST/HIPAA controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/hipaa-blueprint. | 2020-08-21 13:50:30:
remove Policy (22)
add Policy (14) |
| Regulatory Compliance | 92646f03-e39d-47a9-9e24-58d60ef49af8 | [Preview]: Motion Picture Association of America (MPAA) | This initiative includes audit and virtual machine extension deployment policies that address a subset of Motion Picture Association of America (MPAA) security and guidelines controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/mpaa-blueprint. | 2020-08-21 13:50:30:
add Policy (10)
remove Policy (14) |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. | 2020-08-21 13:50:30:
remove Policy (8)
add Policy (7) |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes audit and virtual machine extension deployment policies that address a subset of Australian Government Information Security Manual(ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/AustralianGovernmentISM-blueprint. | 2020-08-21 13:50:30:
add Policy (4)
remove Policy (2) |
| Guest Configuration | d618d658-b2d0-410e-9e2e-bfbfd04d09fa | [Deprecated]: Audit Windows VMs that do not match Azure compute security baseline settings | This initiative deploys the policy requirements and audits Windows virtual machines with non-compliant Azure compute security baseline configurations. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-08-21 13:50:30:
change DisplayName |
| Guest Configuration | be7a78aa-3e10-4153-a5fd-8c6506dbc821 | [Preview]: Windows machines should meet requirements for the Azure compute security baseline | This initiative audits Windows machines with settings that do not meet the Azure compute security baseline. For details, please visit https://aka.ms/gcpol | 2020-08-21 13:50:30:
add Initiative |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | This initiative includes policies that address a subset of CIS Microsoft Azure Foundations Benchmark recommendations. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cisazure110-initiative. | 2020-08-21 13:50:30:
remove Policy (1) |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2020-08-20 14:04:33:
add Policy (8)
remove Policy (1) |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2020-08-07 14:05:08:
add Policy (7) |
| Guest Configuration | 12794019-7a00-42cf-95c2-882eed337cc8 | Deploy prerequisites to enable Guest Configuration policies on virtual machines | This initiative adds a system-assigned managed identity and deploys the platform-appropriate Guest Configuration extension to virtual machines that are eligible to be monitored by Guest Configuration policies. This is a prerequisite for all Guest Configuration policies and must be assigned to the policy assignment scope before using any Guest Configuration policy. For more information on Guest Configuration, visit https://aka.ms/gcpol. | 2020-07-17 15:57:10:
add Initiative |
| Kubernetes | 42b8ef37-b724-4e24-bbc8-7a7708edfe00 | Kubernetes cluster pod security restricted standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security restricted standards. This policy is generally available for Kubernetes Service (AKS), and preview for AKS Engine and Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. | 2020-07-14 15:28:17:
add Policy (1) |
| Kubernetes | 42b8ef37-b724-4e24-bbc8-7a7708edfe00 | Kubernetes cluster pod security restricted standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security restricted standards. This policy is generally available for Kubernetes Service (AKS), and preview for AKS Engine and Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. | 2020-07-08 14:28:36:
add Initiative |
| Kubernetes | a8640138-9b0a-4a28-b8cb-1666c838647d | Kubernetes cluster pod security baseline standards for Linux-based workloads | This initiative includes the policies for the Kubernetes cluster pod security baseline standards. This policy is generally available for Kubernetes Service (AKS), and preview for AKS Engine and Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc. | 2020-07-08 14:28:36:
add Initiative |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DOD Impact Level 4 | This initiative includes audit and virtual machine extension deployment policies that address a subset of DOD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-blueprint. | 2020-07-01 14:50:07:
remove Policy (6) |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | This initiative includes policies that address a subset of CIS Microsoft Azure Foundations Benchmark recommendations. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cisazure110-initiative. | 2020-07-01 14:50:07:
remove Policy (6) |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. | 2020-07-01 14:50:07:
remove Policy (6) |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | [Preview]: NIST SP 800-171 R2 | This initiative includes audit and virtual machine extension policies that address a subset of NIST SP 800-171 R2 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800171r2-blueprint. | 2020-07-01 14:50:07:
remove Policy (3) |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-blueprint and https://aka.ms/uknhs-blueprint. | 2020-07-01 14:50:07:
remove Policy (2) |
| Regulatory Compliance | 3e0c67fc-8c7c-406c-89bd-6b6bdc986a22 | [Preview]: SWIFT CSP-CSCF v2020 | This initiative includes audit and virtual machine extension deployment policies that address a subset of SWIFT CSP-CSCF v2020 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift-blueprint. | 2020-07-01 14:50:07:
remove Policy (1) |
| Regulatory Compliance | 92646f03-e39d-47a9-9e24-58d60ef49af8 | [Preview]: Motion Picture Association of America (MPAA) | This initiative includes audit and virtual machine extension deployment policies that address a subset of Motion Picture Association of America (MPAA) security and guidelines controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/mpaa-blueprint. | 2020-07-01 14:50:07:
remove Policy (1) |
| Guest Configuration | 12794019-7a00-42cf-95c2-882eed337cc8 | Deploy prerequisites to enable Guest Configuration policies on virtual machines | This initiative adds a system-assigned managed identity and deploys the platform-appropriate Guest Configuration extension to virtual machines that are eligible to be monitored by Guest Configuration policies. This is a prerequisite for all Guest Configuration policies and must be assigned to the policy assignment scope before using any Guest Configuration policy. For more information on Guest Configuration, visit https://aka.ms/gcpol. | 2020-06-29 05:46:42:
remove Initiative |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | This initiative includes audit and virtual machine extension deployment policies that address a subset of HITRUST/HIPAA controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/hipaa-blueprint. | 2020-06-23 16:03:23:
add Policy (79) |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2020-06-23 16:03:23:
remove Policy (6)
add Policy (8) |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DOD Impact Level 4 | This initiative includes audit and virtual machine extension deployment policies that address a subset of DOD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-blueprint. | 2020-06-23 16:03:23:
remove Policy (1) |
| Guest Configuration | 12794019-7a00-42cf-95c2-882eed337cc8 | Deploy prerequisites to enable Guest Configuration policies on virtual machines | This initiative adds a system-assigned managed identity and deploys the platform-appropriate Guest Configuration extension to virtual machines that are eligible to be monitored by Guest Configuration policies. This is a prerequisite for all Guest Configuration policies and must be assigned to the policy assignment scope before using any Guest Configuration policy. For more information on Guest Configuration, visit https://aka.ms/gcpol. | 2020-06-23 16:03:23:
add Initiative |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | This initiative includes policies that address a subset of CIS Microsoft Azure Foundations Benchmark recommendations. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cisazure110-initiative. | 2020-06-23 16:03:23:
remove Policy (1) |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | [Preview]: NIST SP 800-171 R2 | This initiative includes audit and virtual machine extension policies that address a subset of NIST SP 800-171 R2 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800171r2-blueprint. | 2020-06-23 16:03:23:
remove Policy (1) |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | This initiative includes audit and virtual machine extension deployment policies that address a subset of HITRUST/HIPAA controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/hipaa-blueprint. | 2020-06-22 16:06:26:
change Description |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | This initiative includes audit and virtual machine extension deployment policies that address a subset of FedRAMP M controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/fedrampm-blueprint. | 2020-06-16 14:55:25:
change DisplayName
change Description |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-blueprint and https://aka.ms/uknhs-blueprint. | 2020-06-16 14:55:25:
change DisplayName
change Description |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes audit and virtual machine extension deployment policies that address a subset of Australian Government Information Security Manual(ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/AustralianGovernmentISM-blueprint. | 2020-06-16 14:55:25:
change DisplayName
change Description |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | This initiative includes audit and virtual machine extension deployment policies that address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init. | 2020-06-16 14:55:25:
change Description
change DisplayName |
| Regulatory Compliance | a169a624-5599-4385-a696-c8d643089fab | HITRUST/HIPAA | This initiative includes audit and virtual machine extension deployment policies that address a subset of HITRUST/HIPAA controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/hipaa-blueprint. | 2020-06-16 14:55:25:
change DisplayName
change Description |
| Regulatory Compliance | 105e0327-6175-4eb2-9af4-1fba43bdb39d | IRS1075 September 2016 | This initiative includes audit and virtual machine extension deployment policies that address a subset of IRS1075 September 2016 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/irs1075-blueprint. | 2020-06-16 14:55:25:
change Description
change DisplayName |
| Regulatory Compliance | 3e0c67fc-8c7c-406c-89bd-6b6bdc986a22 | [Preview]: SWIFT CSP-CSCF v2020 | This initiative includes audit and virtual machine extension deployment policies that address a subset of SWIFT CSP-CSCF v2020 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/swift-blueprint. | 2020-06-16 14:55:25:
change Description
change DisplayName |
| Regulatory Compliance | 4c4a5f27-de81-430b-b4e5-9cbd50595a87 | Canada Federal PBMM | This initiative includes audit and virtual machine extension deployment policies that address a subset of Canada Federal PBMM controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/canadafederalpbmm-blueprint. | 2020-06-16 14:55:25:
change Description
change DisplayName |
| Regulatory Compliance | 92646f03-e39d-47a9-9e24-58d60ef49af8 | [Preview]: Motion Picture Association of America (MPAA) | This initiative includes audit and virtual machine extension deployment policies that address a subset of Motion Picture Association of America (MPAA) security and guidelines controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/mpaa-blueprint. | 2020-06-16 14:55:25:
change Description
change DisplayName |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 R4 | This initiative includes audit and virtual machine extension deployment policies that address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist80053-blueprint. | 2020-06-16 14:55:25:
change Description
change DisplayName |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | This initiative includes policies that address a subset of CIS Microsoft Azure Foundations Benchmark recommendations. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cisazure110-initiative. | 2020-06-16 14:55:25:
change Description
change DisplayName |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | This initiative includes audit and virtual machine extension deployment policies that address a subset of FedRAMP H controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/fedramph-blueprint. | 2020-06-16 14:55:25:
change DisplayName
change Description |
| Regulatory Compliance | 496eeda9-8f2f-4d5e-8dfd-204f0a92ed41 | PCI v3.2.1:2018 | This initiative includes audit and virtual machine extension deployment policies that address a subset of PCI v3.2.1:2018 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/pciv321-init. | 2020-06-16 14:55:25:
change Description
change DisplayName |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. | 2020-06-16 14:55:25:
change Description
change DisplayName |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DOD Impact Level 4 | This initiative includes audit and virtual machine extension deployment policies that address a subset of DOD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-blueprint. | 2020-06-16 14:55:25:
change Description |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. | 2020-06-11 19:46:04:
remove Policy (2)
add Policy (9) |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2020-06-11 19:46:04:
remove Policy (3)
add Policy (1) |
| Guest Configuration | 06c5e415-a662-463a-bb85-ede14286b979 | [Deprecated]: Audit Windows VMs on which the Log Analytics agent is not connected as expected | This initiative deploys the policy requirements and audits Windows virtual machines on which the Log Analytics agent is not connected to the specified workspaces. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-06-11 19:46:04:
change DisplayName |
| Regulatory Compliance | 03055927-78bd-4236-86c0-f36125a10dc9 | [Preview]: NIST SP 800-171 R2 | This initiative includes audit and virtual machine extension policies that address a subset of NIST SP 800-171 R2 requirements. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800171r2-blueprint. | 2020-06-11 19:46:04:
add Initiative |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | This initiative includes policies that address a subset of CIS Microsoft Azure Foundations Benchmark recommendations. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cisazure110-initiative. | 2020-06-11 19:46:04:
change DisplayName |
| Guest Configuration | b6f5e05c-0aaa-4337-8dd4-357c399d12ae | [Deprecated]: Audit Windows VMs that contain certificates expiring within the specified number of days | This initiative deploys the policy requirements and audits Windows virtual machines that contain certificates expiring within the specified number of days. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-06-11 19:46:04:
change DisplayName |
| Guest Configuration | c58599d5-0d51-454f-aaf1-da18a5e76edd | [Deprecated]: Audit Windows VMs on which the DSC configuration is not compliant | This initiative deploys the policy requirements and audits Windows VMs on which the Desired State Configuration (DSC) configuration is not compliant. This policy is only applicable to machines with WMF 4 and above. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-06-11 19:46:04:
change DisplayName |
| Guest Configuration | cdfcc6ff-945e-4bc6-857e-056cbc511e0c | [Deprecated]: Audit Windows VMs that do not contain the specified certificates in Trusted Root | This initiative deploys the policy requirements and audits Windows VMs that do not contain the specified certificates in the Trusted Root Certification Authorities certificate store (Cert:\LocalMachine\Root). For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-06-11 19:46:04:
change DisplayName |
| Guest Configuration | d618d658-b2d0-410e-9e2e-bfbfd04d09fa | [Deprecated]: Audit Windows VMs that do not match Azure compute security baseline settings | This initiative deploys the policy requirements and audits Windows virtual machines with non-compliant Azure compute security baseline configurations. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-06-11 19:46:04:
change DisplayName |
| Guest Configuration | 4ddaefff-7c78-4824-9b27-5c344f3cdf90 | [Deprecated]: Audit Windows VMs on which the remote host connection status does not match the specified one | This initiative deploys the policy requirements and audits Windows virtual machines on which the remote host connection status does not match the specified one. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-06-11 19:46:04:
change DisplayName |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | This initiative includes audit and virtual machine extension deployment policies that address a subset of FedRAMP H controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/fedramph-blueprint. | 2020-06-11 19:46:04:
change DisplayName |
| Guest Configuration | b8b5b0a8-b809-4e5d-8082-382c686e35b7 | [Deprecated]: Audit Windows VMs that have not restarted within the specified number of days | This initiative deploys the policy requirements and audits Windows virtual machines that have not restarted within the specified number of days. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-06-11 19:46:04:
change DisplayName |
| Guest Configuration | 3fa7cbf5-c0a4-4a59-85a5-cca4d996d5a6 | [Deprecated]: Audit VMs with insecure password security settings | This initiative deploys the policy requirements and audits virtual machines with insecure password security settings. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-06-11 19:46:04:
change DisplayName |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DOD Impact Level 4 | This initiative includes audit and virtual machine extension deployment policies that address a subset of DOD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-blueprint. | 2020-06-01 18:36:21:
change DisplayName
change Description |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DOD Impact Level 4 | This initiative includes audit and virtual machine extension deployment policies that address a subset of DOD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-blueprint. | 2020-05-29 15:39:26:
add Policy (4)
change DisplayName |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2020-05-29 15:39:26:
add Policy (4) |
| Monitoring | 55f3eceb-5573-4f18-9695-226972c6d74a | Enable Azure Monitor for VMs | Enable Azure Monitor for the virtual machines (VMs) in the specified scope (management group, subscription or resource group). Takes Log Analytics workspace as parameter. | 2020-05-29 15:39:26:
add Policy (2) |
| Cosmos DB | cb5e1e90-7c33-491c-a15b-24885c915752 | Enable Azure Cosmos DB throughput policy | Enable throughput control for Azure Cosmos DB resources in the specified scope (Management group, Subscription or resource group). Takes max throughput as parameter. Use this policy to help enforce throughput control via the resource provider. | 2020-05-29 15:39:26:
add Initiative |
| Monitoring | 55f3eceb-5573-4f18-9695-226972c6d74a | Enable Azure Monitor for VMs | Enable Azure Monitor for the virtual machines (VMs) in the specified scope (management group, subscription or resource group). Takes Log Analytics workspace as parameter. | 2020-05-21 16:06:36:
add Policy (1) |
| Monitoring | 55f3eceb-5573-4f18-9695-226972c6d74a | Enable Azure Monitor for VMs | Enable Azure Monitor for the virtual machines (VMs) in the specified scope (management group, subscription or resource group). Takes Log Analytics workspace as parameter. | 2020-05-14 05:31:20:
add Policy (1) |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | This initiative includes policies that address a subset of CIS Microsoft Azure Foundations Benchmark recommendations. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cisazure110-initiative. | 2020-04-23 15:06:19:
change Description |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | This initiative includes policies that address a subset of CIS Microsoft Azure Foundations Benchmark recommendations. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cisazure110-initiative. | 2020-04-22 04:43:14:
add Policy (16) |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2020-04-22 04:43:14:
add Policy (3) |
| Regulatory Compliance | 27272c0b-c225-4cc3-b8b0-f2534b093077 | [Preview]: Australian Government ISM PROTECTED | This initiative includes audit and virtual machine extension deployment policies that address a subset of Australian Government Information Security Manual(ISM) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/AustralianGovernmentISM-blueprint. | 2020-04-22 04:43:14:
add Initiative |
| Monitoring | 75714362-cae7-409e-9b99-a8e5075b7fad | Enable Azure Monitor for Virtual Machine Scale Sets | Enable Azure Monitor for the Virtual Machine Scale Sets in the specified scope (Management group, Subscription or resource group). Takes Log Analytics workspace as parameter. Note: if your scale set upgradePolicy is set to Manual, you need to apply the extension to the all VMs in the set by calling upgrade on them. In CLI this would be az vmss update-instances. | 2020-04-22 04:43:14:
change DisplayName |
| Guest Configuration | 9d2fd8e6-95c8-410d-add0-43ada4241574 | [Deprecated]: Audit Windows VMs on which Windows Defender Exploit Guard is not enabled | This initiative deploys the policy requirements and audits Windows virtual machines on which Windows Defender Exploit Guard is not enabled. For more information on Guest Configuration policies, please visit https://aka.ms/gcpol | 2020-04-22 04:43:14:
change DisplayName |
| Monitoring | 55f3eceb-5573-4f18-9695-226972c6d74a | Enable Azure Monitor for VMs | Enable Azure Monitor for the virtual machines (VMs) in the specified scope (management group, subscription or resource group). Takes Log Analytics workspace as parameter. | 2020-04-22 04:43:14:
change DisplayName |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DOD Impact Level 4 | This initiative includes audit and virtual machine extension deployment policies that address a subset of DOD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-blueprint. | 2020-03-16 18:14:00:
change DisplayName
change Description |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2020-03-10 16:29:48:
change DisplayName |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DOD Impact Level 4 | This initiative includes audit and virtual machine extension deployment policies that address a subset of DOD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-blueprint. | 2020-03-03 10:09:24:
add Policy (30)
remove Policy (2) |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. | 2020-03-03 10:09:24:
add Policy (13)
remove Policy (2) |
| Monitoring | 75714362-cae7-409e-9b99-a8e5075b7fad | Enable Azure Monitor for Virtual Machine Scale Sets | Enable Azure Monitor for the Virtual Machine Scale Sets in the specified scope (Management group, Subscription or resource group). Takes Log Analytics workspace as parameter. Note: if your scale set upgradePolicy is set to Manual, you need to apply the extension to the all VMs in the set by calling upgrade on them. In CLI this would be az vmss update-instances. | 2020-02-29 21:43:11:
change Description
change DisplayName |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2020-02-20 08:25:18:
remove Policy (2) |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | This initiative includes policies that address a subset of CIS Microsoft Azure Foundations Benchmark recommendations. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cisazure110-initiative. | 2020-02-20 08:25:18:
remove Policy (1) |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | This initiative includes audit and virtual machine extension deployment policies that address a subset of FedRAMP H controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/fedramph-blueprint. | 2020-02-20 08:25:18:
remove Policy (1) |
| Regulatory Compliance | 105e0327-6175-4eb2-9af4-1fba43bdb39d | IRS1075 September 2016 | This initiative includes audit and virtual machine extension deployment policies that address a subset of IRS1075 September 2016 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/irs1075-blueprint. | 2020-02-20 08:25:18:
remove Policy (1) |
| Regulatory Compliance | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 | FedRAMP Moderate | This initiative includes audit and virtual machine extension deployment policies that address a subset of FedRAMP M controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/fedrampm-blueprint. | 2020-02-20 08:25:18:
remove Policy (1) |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-blueprint and https://aka.ms/uknhs-blueprint. | 2020-02-20 08:25:18:
remove Policy (1) |
| Regulatory Compliance | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 | ISO 27001:2013 | This initiative includes audit and virtual machine extension deployment policies that address a subset of ISO 27001:2013 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/iso27001-init. | 2020-02-20 08:25:18:
remove Policy (1) |
| Regulatory Compliance | 4c4a5f27-de81-430b-b4e5-9cbd50595a87 | Canada Federal PBMM | This initiative includes audit and virtual machine extension deployment policies that address a subset of Canada Federal PBMM controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/canadafederalpbmm-blueprint. | 2020-02-20 08:25:18:
remove Policy (1) |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 R4 | This initiative includes audit and virtual machine extension deployment policies that address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist80053-blueprint. | 2020-02-20 08:25:18:
remove Policy (1) |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DOD Impact Level 4 | This initiative includes audit and virtual machine extension deployment policies that address a subset of DOD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-blueprint. | 2020-02-20 08:25:18:
remove Policy (1) |
| Regulatory Compliance | 8d792a84-723c-4d92-a3c3-e4ed16a2d133 | [Deprecated]: DOD Impact Level 4 | This initiative includes audit and virtual machine extension deployment policies that address a subset of DOD Impact Level 4 (IL4) controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/dodil4-blueprint. | 2020-02-05 07:51:53:
add Initiative |
| Regulatory Compliance | 42a694ed-f65e-42b2-aa9e-8052e9740a92 | [Deprecated]: Azure Security Benchmark v1 | This initiative has been deprecated. The Azure Security Benchmark initiative now represents the Azure Security Benchmark v2 controls, and serves as the Azure Security Center default policy initiative. Please assign that initiative, or manage its policies and compliance results within Azure Security Center. | 2020-02-05 07:51:53:
add Initiative |
| Regulatory Compliance | 92646f03-e39d-47a9-9e24-58d60ef49af8 | [Preview]: Motion Picture Association of America (MPAA) | This initiative includes audit and virtual machine extension deployment policies that address a subset of Motion Picture Association of America (MPAA) security and guidelines controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/mpaa-blueprint. | 2020-01-09 16:38:57:
add Initiative |
| Regulatory Compliance | 3937f550-eedd-4639-9c5e-294358be442e | UK OFFICIAL and UK NHS | This initiative includes audit and virtual machine extension deployment policies that address a subset of UK OFFICIAL and UK NHS controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/ukofficial-blueprint and https://aka.ms/uknhs-blueprint. | 2019-12-04 08:49:52:
add Policy (24) |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2019-12-04 08:49:52:
remove Policy (1) |
| Regulatory Compliance | d5264498-16f4-418a-b659-fa7ef418175f | FedRAMP High | This initiative includes audit and virtual machine extension deployment policies that address a subset of FedRAMP H controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/fedramph-blueprint. | 2019-12-04 08:49:52:
add Initiative |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2019-11-27 16:13:13:
add Policy (2) |
| Regulatory Compliance | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f | NIST SP 800-53 R4 | This initiative includes audit and virtual machine extension deployment policies that address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist80053-blueprint. | 2019-11-21 16:22:58:
add Policy (728) |
| Regulatory Compliance | 1a5bb27d-173f-493e-9568-eb56638dde4d | CIS Microsoft Azure Foundations Benchmark v1.1.0 | This initiative includes policies that address a subset of CIS Microsoft Azure Foundations Benchmark recommendations. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/cisazure110-initiative. | 2019-11-20 21:24:34:
add Policy (29) |
| Security Center | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 | Azure Security Benchmark | The Azure Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Azure Security Benchmark v2, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | 2019-10-29 23:53:40:
add Policy (9) |