-
Notifications
You must be signed in to change notification settings - Fork 1.1k
/
ASC_AzureSecurityLinuxAgent_Arc_AINE.json
69 lines (69 loc) · 2.12 KB
/
ASC_AzureSecurityLinuxAgent_Arc_AINE.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
{
"properties": {
"displayName": "[Preview]: Azure Security agent should be installed on your Linux Arc machines",
"policyType": "BuiltIn",
"mode": "Indexed",
"description": "Install the Azure Security agent on your Linux Arc machines in order to monitor your machines for security configurations and vulnerabilities. Results of the assessments can seen and managed in Azure Security Center.",
"metadata": {
"category": "Security Center",
"version": "1.0.0-preview",
"preview": true
},
"version": "1.0.0-preview",
"parameters": {
"effect": {
"type": "string",
"defaultValue": "AuditIfNotExists",
"allowedValues": [
"AuditIfNotExists",
"Disabled"
],
"metadata": {
"displayName": "Effect",
"description": "Enable or disable the execution of the policy"
}
}
},
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals": "Microsoft.HybridCompute/machines"
},
{
"field": "Microsoft.HybridCompute/imageOffer",
"like": "linux*"
}
]
},
"then": {
"effect": "[parameters('effect')]",
"details": {
"type": "Microsoft.HybridCompute/machines/extensions",
"existenceCondition": {
"allOf": [
{
"field": "Microsoft.HybridCompute/machines/extensions/type",
"equals": "AzureSecurityLinuxAgent"
},
{
"field": "Microsoft.HybridCompute/machines/extensions/Publisher",
"equals": "Microsoft.Azure.Security.Monitoring"
},
{
"field": "Microsoft.HybridCompute/machines/extensions/provisioningState",
"equals": "Succeeded"
}
]
}
}
}
},
"versions": [
"1.0.0-PREVIEW"
]
},
"id": "/providers/Microsoft.Authorization/policyDefinitions/1f300abb-f5a0-41c3-a163-91bd3ed35de7",
"name": "1f300abb-f5a0-41c3-a163-91bd3ed35de7"
}