AzPolicyAdvertizer

last sync: 2024-Nov-25 18:54:24 UTC

Configure Azure Defender for Servers to be disabled for resources (resource level) with the selected tag

Azure BuiltIn Policy definition

Source Azure Portal
Display name Configure Azure Defender for Servers to be disabled for resources (resource level) with the selected tag
Id 080fedce-9d4a-4d07-abf0-9f036afbc9c8
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]
Category Security Center - Granular Pricing
Microsoft Learn
Description Azure Defender for Servers provides real-time threat protection for server workloads and generates hardening recommendations as well as alerts about suspicious activities. This policy will disable the Defender for Servers plan for all resources (VMs, VMSSs and ARC Machines) that have the selected tag name and tag value(s).
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
Security Admin fb1c8493-542b-48eb-b624-b4c8fea62acd
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Security/pricings/pricingTier Microsoft.Security pricings properties.pricingTier True False
Rule resource types IF (3)
Microsoft.Compute/virtualMachines
Microsoft.Compute/virtualMachineScaleSets
Microsoft.HybridCompute/machines
THEN-Deployment (1)
Microsoft.Security/pricings
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2024-01-22 17:47:54 add 080fedce-9d4a-4d07-abf0-9f036afbc9c8
JSON compare n/a
JSON
api-version=2021-06-01
EPAC