built-in-policies/policyDefinitions/Security Center/ASC_OpenTOUPortsOnVirtualMachines_Audit.json

{
  "properties": {
    "displayName": "[Preview]: Machines should have ports closed that might expose attack vectors",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "Azure's Terms Of Use prohibit the use of Azure services in ways that could damage, disable, overburden, or impair any Microsoft server, or the network. The exposed ports identified by this recommendation need to be closed for your continued security. For each identified port, the recommendation also provides an explanation of the potential threat.",
    "metadata": {
      "category": "Security Center",
      "version": "1.0.0-preview",
      "preview": true
    },
    "version": "1.0.0-preview",
    "parameters": {
      "effect": {
        "type": "string",
        "defaultValue": "AuditIfNotExists",
        "allowedValues": [
          "AuditIfNotExists",
          "Disabled"
        ],
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        }
      }
    },
    "policyRule": {
      "if": {
        "field": "type",
        "equals": "Microsoft.Compute/virtualMachines"
      },
      "then": {
        "effect": "[parameters('effect')]",
        "details": {
          "type": "Microsoft.Security/assessments",
          "name": "bbff27d2-73db-4c2d-8b1a-5f20b1f1da7e",
          "existenceCondition": {
            "field": "Microsoft.Security/assessments/status.code",
            "in": [
              "NotApplicable",
              "Healthy"
            ]
          }
        }
      }
    },
    "versions": [
      "1.0.0-PREVIEW"
    ]
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/af99038c-02fd-4a2f-ac24-386b62bf32de",
  "name": "af99038c-02fd-4a2f-ac24-386b62bf32de"
}