AzPolicyAdvertizer

last sync: 2024-Sep-18 17:50:24 UTC

Configure Azure Defender for Servers to be enabled ('P1' subplan) for all resources (resource level) with the selected tag

Azure BuiltIn Policy definition

Source

Display name

Configure Azure Defender for Servers to be enabled ('P1' subplan) for all resources (resource level) with the selected tag

9e4879d9-c2a0-4e40-8017-1a5a5327c843

Version

1.0.0
Details on versioning

Versioning

Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]

Category

Security Center - Granular Pricing
Microsoft Learn

Description

Azure Defender for Servers provides real-time threat protection for server workloads and generates hardening recommendations as well as alerts about suspicious activities. This policy will enable the Defender for Servers plan (with 'P1' subplan) for all resources (VMs and ARC Machines) that have the selected tag name and tag value(s).

Mode

Indexed

Type

BuiltIn

Preview

False

Deprecated

False

Effect

Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled

RBAC role(s)

Role Name	Role Id
Security Admin	fb1c8493-542b-48eb-b624-b4c8fea62acd

Rule aliases

THEN-ExistenceCondition (1)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.Security/pricings/pricingTier	Microsoft.Security	pricings	properties.pricingTier	True		False

Rule resource types

IF (2)
Microsoft.Compute/virtualMachines
Microsoft.HybridCompute/machines
THEN-Deployment (1)
Microsoft.Security/pricings

Compliance

Not a Compliance control

Initiatives usage

none

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2024-01-22 17:47:54	add	9e4879d9-c2a0-4e40-8017-1a5a5327c843

JSON compare

n/a

JSON

api-version=2021-06-01
EPAC