last sync: 2024-Nov-25 18:54:24 UTC

Dependency agent should be enabled for listed virtual machine images

Azure BuiltIn Policy definition

Source Azure Portal
Display name Dependency agent should be enabled for listed virtual machine images
Id 11ac78e3-31bc-4f0c-8434-37ab963cea07
Version 2.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
2.0.0
Built-in Versioning [Preview]
Category Monitoring
Microsoft Learn
Description Reports virtual machines as non-compliant if the virtual machine image is not in the list defined and the agent is not installed. The list of OS images is updated over time as support is updated.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases IF (4)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Compute/imageId Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.id
properties.virtualMachineProfile.storageProfile.imageReference.id
properties.creationData.imageReference.id
True
True
True


False
False
False
Microsoft.Compute/imageOffer Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.offer
properties.virtualMachineProfile.storageProfile.imageReference.offer
properties.creationData.imageReference.id
True
True
True


False
False
False
Microsoft.Compute/imagePublisher Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.publisher
properties.virtualMachineProfile.storageProfile.imageReference.publisher
properties.creationData.imageReference.id
True
True
True


False
False
False
Microsoft.Compute/imageSKU Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.sku
properties.virtualMachineProfile.storageProfile.imageReference.sku
properties.creationData.imageReference.id
True
True
True


False
False
False
THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Compute/virtualMachines/extensions/publisher Microsoft.Compute virtualMachines/extensions properties.publisher True False
Rule resource types IF (1)
Microsoft.Compute/virtualMachines
Compliance
The following 9 compliance controls are associated with this Policy definition 'Dependency agent should be enabled for listed virtual machine images' (11ac78e3-31bc-4f0c-8434-37ab963cea07)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
ISO27001-2013 A.12.4.1 ISO27001-2013_A.12.4.1 ISO 27001:2013 A.12.4.1 Operations Security Event Logging Shared n/a Event logs recording user activities, exceptions, faults and information security events shall be produced, kept and regularly reviewed. link 53
ISO27001-2013 A.12.4.3 ISO27001-2013_A.12.4.3 ISO 27001:2013 A.12.4.3 Operations Security Administrator and operator logs Shared n/a System administrator and system operator activities shall be logged and the logs protected and regularly reviewed. link 29
ISO27001-2013 A.12.4.4 ISO27001-2013_A.12.4.4 ISO 27001:2013 A.12.4.4 Operations Security Clock Synchronization Shared n/a The clocks of all relevant information processing systems within an organization or security domain shall be synchronized to a single reference time source. link 8
mp.info.4 Time stamps mp.info.4 Time stamps 404 not found n/a n/a 33
NL_BIO_Cloud_Theme U.15.1(2) NL_BIO_Cloud_Theme_U.15.1(2) NL_BIO_Cloud_Theme_U.15.1(2) U.15 Logging and monitoring Events Logged n/a The malware protection is carried out on various environments, such as on mail servers, (desktop) computers and when accessing the organization's network. The scan for malware includes: all files received over networks or through any form of storage medium, even before use; all attachments and downloads even before use; virtual machines; network traffic. 46
NL_BIO_Cloud_Theme U.15.3(2) NL_BIO_Cloud_Theme_U.15.3(2) NL_BIO_Cloud_Theme_U.15.3(2) U.15 Logging and monitoring Events Logged n/a The CSP maintains a list of all assets that are critical in terms of logging and monitoring and regularly reviews this list for correctness. 6
op.exp.8 Recording of the activity op.exp.8 Recording of the activity 404 not found n/a n/a 67
U.15.1 - Events logged U.15.1 - Events logged 404 not found n/a n/a 40
U.15.3 - Events logged U.15.3 - Events logged 404 not found n/a n/a 6
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
ISO 27001:2013 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 Regulatory Compliance GA BuiltIn
Legacy - Enable Azure Monitor for VMs 55f3eceb-5573-4f18-9695-226972c6d74a Monitoring GA BuiltIn
NL BIO Cloud Theme 6ce73208-883e-490f-a2ac-44aac3b3687f Regulatory Compliance GA BuiltIn
NL BIO Cloud Theme V2 d8b2ffbe-c6a8-4622-965d-4ade11d1d2ee Regulatory Compliance GA BuiltIn
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-03-02 15:11:40 change Major (1.0.1 > 2.0.0)
2020-04-22 04:43:16 change Previous DisplayName: [Preview]: Audit Dependency Agent Deployment - VM Image (OS) unlisted
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC