AzPolicyAdvertizer

last sync: 2024-Nov-25 18:54:24 UTC

Configure ChangeTracking Extension for Windows virtual machines

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

Configure ChangeTracking Extension for Windows virtual machines

f08f556c-12ff-464d-a7de-40cb5b6cccec

Version

2.1.0
Details on versioning

Versioning

Versions supported for Versioning: 2
2.0.0-preview
2.1.0
Built-in Versioning [Preview]

Category

Security Center
Microsoft Learn

Description

Configure Windows virtual machines to automatically install the ChangeTracking Extension to enable File Integrity Monitoring(FIM) in Azure Security Center. FIM examines operating system files, Windows registries, application software, Linux system files, and more, for changes that might indicate an attack. The extension can be installed in virtual machines and locations supported by Azure Monitor Agent.

Mode

Indexed

Type

BuiltIn

Preview

False

Deprecated

False

Effect

Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled

RBAC role(s)

Role Name	Role Id
Virtual Machine Contributor	9980e02c-c2be-4d73-94e8-173b1dc7cf3c

Rule aliases

IF (6)

Alias	Namespace	ResourceType	Path	PathIsDefault	Modifiable
Microsoft.Compute/imageId	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.id properties.virtualMachineProfile.storageProfile.imageReference.id properties.creationData.imageReference.id	True True True	False False False
Microsoft.Compute/imageOffer	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.offer properties.virtualMachineProfile.storageProfile.imageReference.offer properties.creationData.imageReference.id	True True True	False False False
Microsoft.Compute/imagePublisher	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.publisher properties.virtualMachineProfile.storageProfile.imageReference.publisher properties.creationData.imageReference.id	True True True	False False False
Microsoft.Compute/imageSku	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.sku properties.virtualMachineProfile.storageProfile.imageReference.sku properties.creationData.imageReference.id	True True True	False False False
Microsoft.Compute/virtualMachines/storageProfile.osDisk.createOption	Microsoft.Compute	virtualMachines	properties.storageProfile.osDisk.createOption	True	True
Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType	Microsoft.Compute	virtualMachines	properties.storageProfile.osDisk.osType	True	True

THEN-ExistenceCondition (3)

Alias	Namespace	ResourceType	Path	PathIsDefault	Modifiable
Microsoft.Compute/virtualMachines/extensions/provisioningState	Microsoft.Compute	virtualMachines/extensions	properties.provisioningState	True	False
Microsoft.Compute/virtualMachines/extensions/Publisher	Microsoft.Compute	virtualMachines/extensions	properties.publisher	True	False
Microsoft.Compute/virtualMachines/extensions/type	Microsoft.Compute	virtualMachines/extensions	properties.type	True	False

Rule resource types

IF (3)
Microsoft.Compute/galleries
Microsoft.Compute/images
Microsoft.Compute/virtualMachines
THEN-Deployment (1)
Microsoft.Compute/virtualMachines/extensions

Compliance

Not a Compliance control

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type
[Preview]: Enable ChangeTracking and Inventory for virtual machines	92a36f05-ebc9-4bba-9128-b47ad2ea3354	ChangeTrackingAndInventory	Preview	BuiltIn

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2024-11-01 18:49:23	change	Minor, old suffix: preview (2.0.0-preview > 2.1.0)
2022-12-21 17:43:51	change	Major, suffix remains equal (1.1.0-preview > 2.0.0-preview)
2022-09-23 16:35:49	change	Minor, suffix remains equal (1.0.0-preview > 1.1.0-preview)
2021-11-12 16:23:07	add	f08f556c-12ff-464d-a7de-40cb5b6cccec

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC