last sync: 2024-Nov-25 18:54:24 UTC

Windows virtual machines should have Azure Monitor Agent installed

Azure BuiltIn Policy definition

Source Azure Portal
Display name Windows virtual machines should have Azure Monitor Agent installed
Id c02729e5-e5e7-4458-97fa-2b5ad0661f28
Version 3.2.0
Details on versioning
Versioning Versions supported for Versioning: 2
3.1.0
3.2.0
Built-in Versioning [Preview]
Category Monitoring
Microsoft Learn
Description Windows virtual machines should be monitored and secured through the deployed Azure Monitor Agent. The Azure Monitor Agent collects telemetry data from the guest OS. Windows virtual machines with supported OS and in supported regions are monitored for Azure Monitor Agent deployment. Learn more: https://aka.ms/AMAOverview.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases IF (5)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Compute/imageId Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.id
properties.virtualMachineProfile.storageProfile.imageReference.id
properties.creationData.imageReference.id
True
True
True


False
False
False
Microsoft.Compute/imageOffer Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.offer
properties.virtualMachineProfile.storageProfile.imageReference.offer
properties.creationData.imageReference.id
True
True
True


False
False
False
Microsoft.Compute/imagePublisher Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.publisher
properties.virtualMachineProfile.storageProfile.imageReference.publisher
properties.creationData.imageReference.id
True
True
True


False
False
False
Microsoft.Compute/imageSku Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.sku
properties.virtualMachineProfile.storageProfile.imageReference.sku
properties.creationData.imageReference.id
True
True
True


False
False
False
Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType Microsoft.Compute virtualMachines properties.storageProfile.osDisk.osType True True
THEN-ExistenceCondition (3)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Compute/virtualMachines/extensions/provisioningState Microsoft.Compute virtualMachines/extensions properties.provisioningState True False
Microsoft.Compute/virtualMachines/extensions/publisher Microsoft.Compute virtualMachines/extensions properties.publisher True False
Microsoft.Compute/virtualMachines/extensions/type Microsoft.Compute virtualMachines/extensions properties.type True False
Rule resource types IF (1)
Microsoft.Compute/virtualMachines
Compliance
The following 2 compliance controls are associated with this Policy definition 'Windows virtual machines should have Azure Monitor Agent installed' (c02729e5-e5e7-4458-97fa-2b5ad0661f28)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
ACAT_Security_Policies ACAT_Security_Policies ACAT Security Policies Guidelines for M365 Certification Protecting systems and resources Shared n/a Ensures that apps have strong security and compliance practices in place to protect customer data, security, and privacy. link 16
NL_BIO_Cloud_Theme U.15.1(2) NL_BIO_Cloud_Theme_U.15.1(2) NL_BIO_Cloud_Theme_U.15.1(2) U.15 Logging and monitoring Events Logged n/a The malware protection is carried out on various environments, such as on mail servers, (desktop) computers and when accessing the organization's network. The scan for malware includes: all files received over networks or through any form of storage medium, even before use; all attachments and downloads even before use; virtual machines; network traffic. 46
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
ACAT for Microsoft 365 Certification 80307b86-ab81-45ab-bf4f-4e0b93cf3dd5 Regulatory Compliance GA BuiltIn
NL BIO Cloud Theme V2 d8b2ffbe-c6a8-4622-965d-4ade11d1d2ee Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2024-03-25 19:17:21 change Minor (3.1.0 > 3.2.0)
2023-04-06 17:42:16 change Minor (3.0.0 > 3.1.0)
2022-04-22 19:50:54 change Major (2.0.0 > 3.0.0)
2022-02-04 18:25:37 change Major (1.0.0 > 2.0.0)
2021-10-22 15:42:38 add c02729e5-e5e7-4458-97fa-2b5ad0661f28
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC