AzPolicyAdvertizer

last sync: 2024-Sep-18 17:50:24 UTC

Configure Azure Defender for Servers to be disabled for all resources (resource level)

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

Configure Azure Defender for Servers to be disabled for all resources (resource level)

f6ff485a-7630-4730-854d-cd3ad855435e

Version

1.0.0
Details on versioning

Versioning

Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]

Category

Security Center - Granular Pricing
Microsoft Learn

Description

Azure Defender for Servers provides real-time threat protection for server workloads and generates hardening recommendations as well as alerts about suspicious activities. This policy will disable the Defender for Servers plan for all resources (VMs, VMSSs and ARC Machines) in the selected scope (subscription or resource group).

Mode

All

Type

BuiltIn

Preview

False

Deprecated

False

Effect

Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled

RBAC role(s)

Role Name	Role Id
Security Admin	fb1c8493-542b-48eb-b624-b4c8fea62acd

Rule aliases

THEN-ExistenceCondition (1)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.Security/pricings/pricingTier	Microsoft.Security	pricings	properties.pricingTier	True		False

Rule resource types

IF (3)
Microsoft.Compute/virtualMachines
Microsoft.Compute/virtualMachineScaleSets
Microsoft.HybridCompute/machines
THEN-Deployment (1)
Microsoft.Security/pricings

Compliance

Not a Compliance control

Initiatives usage

none

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2024-01-22 17:47:54	add	f6ff485a-7630-4730-854d-cd3ad855435e

JSON compare

n/a

JSON

api-version=2021-06-01
EPAC