last sync: 2024-Nov-25 18:54:24 UTC

Configure Azure Defender for Servers to be disabled for all resources (resource level)

Azure BuiltIn Policy definition

Source Azure Portal
Display name Configure Azure Defender for Servers to be disabled for all resources (resource level)
Id f6ff485a-7630-4730-854d-cd3ad855435e
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]
Category Security Center - Granular Pricing
Microsoft Learn
Description Azure Defender for Servers provides real-time threat protection for server workloads and generates hardening recommendations as well as alerts about suspicious activities. This policy will disable the Defender for Servers plan for all resources (VMs, VMSSs and ARC Machines) in the selected scope (subscription or resource group).
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
Security Admin fb1c8493-542b-48eb-b624-b4c8fea62acd
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Security/pricings/pricingTier Microsoft.Security pricings properties.pricingTier True False
Rule resource types IF (3)
Microsoft.Compute/virtualMachines
Microsoft.Compute/virtualMachineScaleSets
Microsoft.HybridCompute/machines
THEN-Deployment (1)
Microsoft.Security/pricings
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2024-01-22 17:47:54 add f6ff485a-7630-4730-854d-cd3ad855435e
JSON compare n/a
JSON
api-version=2021-06-01
EPAC