AzPolicyAdvertizer

last sync: 2024-Sep-18 17:50:24 UTC

Configure Azure Defender for Servers to be enabled (with 'P1' subplan) for all resources (resource level)

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

Configure Azure Defender for Servers to be enabled (with 'P1' subplan) for all resources (resource level)

1b8c0040-b224-4ea1-be6a-47254dd5a207

Version

1.0.0
Details on versioning

Versioning

Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]

Category

Security Center - Granular Pricing
Microsoft Learn

Description

Azure Defender for Servers provides real-time threat protection for server workloads and generates hardening recommendations as well as alerts about suspicious activities. This policy will enable the Defender for Servers plan (with 'P1' subplan) for all resources (VMs and ARC Machines) in the selected scope (subscription or resource group).

Mode

All

Type

BuiltIn

Preview

False

Deprecated

False

Effect

Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled

RBAC role(s)

Role Name	Role Id
Security Admin	fb1c8493-542b-48eb-b624-b4c8fea62acd

Rule aliases

THEN-ExistenceCondition (1)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.Security/pricings/pricingTier	Microsoft.Security	pricings	properties.pricingTier	True		False

Rule resource types

IF (2)
Microsoft.Compute/virtualMachines
Microsoft.HybridCompute/machines
THEN-Deployment (1)
Microsoft.Security/pricings

Compliance

Not a Compliance control

Initiatives usage

none

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2024-01-22 17:47:54	add	1b8c0040-b224-4ea1-be6a-47254dd5a207

JSON compare

n/a

JSON

api-version=2021-06-01
EPAC