Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Created easily readable AMA policy table #1569

Merged
merged 4 commits into from
Feb 8, 2024
Merged

Created easily readable AMA policy table #1569

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
b58c9ce
Included routing intent link
paulgrimley Oct 17, 2023
802a7d0
Merge branch 'main' of https://github.com/paulgrimley/Enterprise-Scal…
paulgrimley Feb 8, 2024
14096cc
Update policy definitions and assignments to table format
paulgrimley Feb 8, 2024
706a5dc
Update policy definition and assignment table formatting
paulgrimley Feb 8, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
45 changes: 24 additions & 21 deletions docs/wiki/ALZ-AMA-Update.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,26 +60,29 @@ The migration from MMA to AMA has been a mayor project across multiple teams wit
- dcr-vminsights-prod-<region>-001

## New Custom Policy Definitions
- Configure periodic checking for missing system updates on azure virtual machines and Arc-enabled virtual machines.
- Windows: /providers/Microsoft.Authorization/policyDefinitions/59efceea-0c96-497e-a4a1-4eb2290dac15
- Linux: /providers/Microsoft.Authorization/policyDefinitions/59efceea-0c96-497e-a4a1-4eb2290dac15
- Windows: /providers/Microsoft.Authorization/policyDefinitions/bfea026e-043f-4ff4-9d1b-bf301ca7ff46
- Linux: /providers/Microsoft.Authorization/policyDefinitions/bfea026e-043f-4ff4-9d1b-bf301ca7ff46
- Configure SQL VMs and Arc-enabled SQL Servers to install Microsoft Defender for SQL and AMA with a user-defined LA workspace
- Configure Arc-enabled SQL Servers with Data Collection Rule Association to Microsoft Defender for SQL user-defined DCR
- Configure Arc-enabled SQL Servers to automatically install Microsoft Defender for SQL and DCR with a user-defined LA workspace
- Configure SQL Virtual Machines to automatically install Azure Monitor Agent
- Configure SQL Virtual Machines to automatically install Microsoft Defender for SQL and DCR with a user-defined LA workspace
- Configure SQL Virtual Machines to automatically install Microsoft Defender for SQL
- Deploy User Assigned Managed Identity for VM Insights
| Parent Policy Initiative | Policy Definition |
|---|---|
| [Configure periodic checking for missing system updates on azure virtual machines and Arc-enabled virtual machines](https://www.azadvertizer.net/azpolicyinitiativesadvertizer/Deploy-AUM-CheckUpdates.html) |
| | Windows: [/providers/Microsoft.Authorization/policyDefinitions/59efceea-0c96-497e-a4a1-4eb2290dac15](https://www.azadvertizer.net/azpolicyadvertizer/59efceea-0c96-497e-a4a1-4eb2290dac15.html) <br> Linux: [/providers/Microsoft.Authorization/policyDefinitions/59efceea-0c96-497e-a4a1-4eb2290dac15](https://www.azadvertizer.net/azpolicyadvertizer/59efceea-0c96-497e-a4a1-4eb2290dac15.html) |
| | Windows: [/providers/Microsoft.Authorization/policyDefinitions/bfea026e-043f-4ff4-9d1b-bf301ca7ff46](https://www.azadvertizer.net/azpolicyadvertizer/bfea026e-043f-4ff4-9d1b-bf301ca7ff46.html) <br> Linux: [/providers/Microsoft.Authorization/policyDefinitions/bfea026e-043f-4ff4-9d1b-bf301ca7ff46](https://www.azadvertizer.net/azpolicyadvertizer/bfea026e-043f-4ff4-9d1b-bf301ca7ff46.html) |
| [Configure SQL VMs and Arc-enabled SQL Servers to install Microsoft Defender for SQL and AMA with a user-defined LA workspace](https://www.azadvertizer.net/azpolicyinitiativesadvertizer/Deploy-MDFC-DefenderSQL-AMA.html) |
| | [Configure Arc-enabled SQL Servers with Data Collection Rule Association to Microsoft Defender for SQL user-defined DCR](https://www.azadvertizer.net/azpolicyadvertizer/Deploy-MDFC-Arc-SQL-DCR-Association.html) |
| | [Configure Arc-enabled SQL Servers to automatically install Microsoft Defender for SQL and DCR with a user-defined LA workspace](https://www.azadvertizer.net/azpolicyadvertizer/Deploy-MDFC-Arc-Sql-DefenderSQL-DCR.html)|
| | [Configure SQL Virtual Machines to automatically install Azure Monitor Agent](https://www.azadvertizer.net/azpolicyadvertizer/Deploy-MDFC-SQL-AMA.html) |
| | [Configure SQL Virtual Machines to automatically install Microsoft Defender for SQL and DCR with a user-defined LA workspace](https://www.azadvertizer.net/azpolicyadvertizer/Deploy-MDFC-SQL-DefenderSQL-DCR.html) |
| | [Configure SQL Virtual Machines to automatically install Microsoft Defender for SQL](https://www.azadvertizer.net/azpolicyadvertizer/Deploy-MDFC-SQL-DefenderSQL.html) |
| | [Deploy User Assigned Managed Identity for VM Insights](https://www.azadvertizer.net/azpolicyadvertizer/Deploy-UserAssignedManagedIdentity-VMInsights.html)|

## New Policy Assignments
- Enable Azure Monitor for VMSS with Azure Monitoring Agent(AMA)
- Enable Azure Monitor for VMs with Azure Monitoring Agent(AMA)
- Enable Azure Monitor for Hybrid VMs with AMA
- Configure periodic checking for missing system updates on azure virtual machines and Arc-enabled virtual machines.
- Deploy User Assigned Managed Identity for VM Insights
- Configure SQL VMs and Arc-enabled SQL Servers to install Microsoft Defender for SQL and AMA with a user-defined LA workspace
- Enable Change Tracking and Inventory for Arc-enabled virtual machines
- Enable Change Tracking and Inventory for virtual machines
- Enable ChangeTracking and Inventory for virtual machine scale sets

| Policy Definition / Policy Initiative (Set Definition) | Name |
|---|---|
| Policy Initiative | [Enable Azure Monitor for VMSS with Azure Monitoring Agent(AMA)](https://www.azadvertizer.net/azpolicyinitiativesadvertizer/f5bf694c-cca7-4033-b883-3a23327d5485.html) |
| Policy Initiative | [Enable Azure Monitor for VMs with Azure Monitoring Agent(AMA)](https://www.azadvertizer.net/azpolicyinitiativesadvertizer/924bfe3a-762f-40e7-86dd-5c8b95eb09e6.html) |
| Policy Initiative | [Enable Azure Monitor for Hybrid VMs with AMA](https://www.azadvertizer.net/azpolicyinitiativesadvertizer/2b00397d-c309-49c4-aa5a-f0b2c5bc6321.html) |
| Policy Initiative (Custom) | [Configure periodic checking for missing system updates on azure virtual machines and Arc-enabled virtual machines](https://www.azadvertizer.net/azpolicyinitiativesadvertizer/Deploy-AUM-CheckUpdates.html) |
| Policy Initiative (Custom) | [Deploy User Assigned Managed Identity for VM Insights](https://www.azadvertizer.net/azpolicyadvertizer/Deploy-UserAssignedManagedIdentity-VMInsights.html) |
| Policy Initiative (Custom) | [Configure SQL VMs and Arc-enabled SQL Servers to install Microsoft Defender for SQL and AMA with a user-defined LA workspace](https://www.azadvertizer.net/azpolicyinitiativesadvertizer/Deploy-MDFC-DefenderSQL-AMA.html) |
| Policy Initiative | [Enable Change Tracking and Inventory for Arc-enabled virtual machines](https://www.azadvertizer.net/azpolicyinitiativesadvertizer/53448c70-089b-4f52-8f38-89196d7f2de1.html) |
| Policy Initiative | [Enable Change Tracking and Inventory for virtual machines](https://www.azadvertizer.net/azpolicyinitiativesadvertizer/92a36f05-ebc9-4bba-9128-b47ad2ea3354.html) |
| Policy Initiative | [Enable ChangeTracking and Inventory for virtual machine scale sets](https://www.azadvertizer.net/azpolicyinitiativesadvertizer/c4a70814-96be-461c-889f-2b27429120dc.html) |
Loading