Reporting Azure VM with Extensions + Applications running?

EnterpriseArchitect 4,826

Using PowerShell or any built-in Azure Policy reporting, How can I get the report for any newly deployed Azure Virtual Machine with no specific software running from Virtual Machine | Settings | Extensions + Applications | VM Applications ? Thank you,

1 answer

Anveshreddy Nimmala 2,615 Reputation points Microsoft Vendor

2024-02-13T08:47:45.46+00:00
Hello EnterpriseArchitect, Welcome to Microsoft Q&A,Thankyou for posting your query here. you can use Azure Policy to audit the presence of extensions and applications on virtual machines. This policy definition audits virtual machines that don't have any extensions installed and don't have WinRM configured for HTTPS.

{ "mode": "All", "policyRule": { "if": { "allOf": [ { "field": "type", "equals": "Microsoft.Compute/virtualMachines" }, { "not": { "field": "Microsoft.Compute/virtualMachines/extensions[*].name", "exists": "true" } }, { "not": { "field": "Microsoft.Compute/virtualMachines/resources[*].properties.osProfile.windowsConfiguration.winRM.listeners[*].protocol", "equals": "Https" } } ] }, "then": { "effect": "audit" } }, "parameters": {} }

You can modify this policy definition to audit for specific extensions or applications. To view the report for this policy, you can use the Azure Policy compliance dashboard. example of using PowerShell to get the compliance report for this policy: $policyDefinitionName = "audit-virtual-machines-without-extensions" $policyCompliance = Get-AzPolicyCompliance -PolicyDefinitionName $policyDefinitionName $policyCompliance This will return a list of all virtual machines that are non-compliant with the policy. You can use this information to take action to remediate the non-compliant virtual machines. Hope this is helpful,please consider accepting the answer to help increase visibility of this question for other members of the Microsoft Q&A community. If not, please let us know what is still needed in the comments so the question can be answered. Thank you for helping to improve Microsoft Q&A!.
Please sign in to rate this answer.
Anveshreddy Nimmala 2,615 Reputation points Microsoft Vendor

2024-02-15T05:56:33.9733333+00:00

Hello EnterpriseArchitect, If an answer has been helpful, please consider accepting the answer to help increase visibility of this question for other members of the Microsoft Q&A community. If not, please let us know what is still needed in the comments so the question can be answered. Thank you for helping to improve Microsoft Q&A!.

Anveshreddy Nimmala 2,615 Reputation points Microsoft Vendor

2024-02-16T04:17:55.2766667+00:00

Hello EnterpriseArchitect, If an answer has been helpful, please consider accepting the answer to help increase visibility of this question for other members of the Microsoft Q&A community. If not, please let us know what is still needed in the comments so the question can be answered. Thank you for helping to improve Microsoft Q&A!.

EnterpriseArchitect 4,826 Reputation points

2024-02-16T05:34:18.5866667+00:00

Hi @Anonymous ,
How to configure the JSON below so it will detect or report the extension status from the below software extension name called SecuritySensor Virtual Machine | Settings | Extensions + Applications | VM Applications

{ { }, { } } ] }, } }, }

Thank you.

Anveshreddy Nimmala 2,615 Reputation points Microsoft Vendor

2024-02-19T03:44:30.41+00:00

Hello EnterpriseArchitect, Thankyou for replying back. please find below JSON script, for software extension name called SecuritySensor Virtual Machine | Settings | Extensions + Applications | VM Applications.

{ "mode": "All", "parameters": {}, "policyRule": { "if": { "allOf": [ { "field": "type", "equals": "Microsoft.Compute/virtualMachines" }, { "not": { "field": "Microsoft.Compute/virtualMachines/extensions[*].name", "equals": "SecuritySensor" } } ] }, "then": { "effect": "audit" } } }

If you want to modify this policy definition to audit for a different extension, you can change the "equals" value to the name of the extension you want to audit. For example, if you want to audit for an extension named "MyExtension", you would change "equals": "SecuritySensor" to "equals": "MyExtension". Hope this helps you,please consider accepting the answer to help increase visibility of this question for other members of the Microsoft Q&A community. If not, please let us know what is still needed in the comments so the question can be answered. Thank you for helping to improve Microsoft Q&A!

EnterpriseArchitect 4,826 Reputation points

2024-02-19T04:18:35.8566667+00:00

Hi @Anveshreddy Nimmala ,
May I know the "effect": "audit" consequence or impact?

Anveshreddy Nimmala 2,615 Reputation points Microsoft Vendor

2024-02-20T04:38:41.5433333+00:00

Hello EnterpriseArchitect, Thankyou for replying back. The "effect": "audit" means that the policy will not cause any breaking changes to your environment. It will only alert you to components such as virtual machines that do not comply with the policy definitions within a specified scope, by marking these components as non-compliant in the policy compliance dashboard. the consequence or impact of setting the effect to "audit" is that the policy rule will not actively prevent or modify virtual machines that do not meet the conditions specified in the rule. Instead, it will only generate audit findings or alerts indicating which virtual machines are not compliant with the defined conditions. This allows administrators to review the findings and take appropriate actions manually if necessary.

Anveshreddy Nimmala 2,615 Reputation points Microsoft Vendor

2024-02-22T03:21:20.8966667+00:00

Hello EnterpriseArchitect, If an answer has been helpful, please consider accepting the answer to help increase visibility of this question for other members of the Microsoft Q&A community. If not, please let us know what is still needed in the comments so the question can be answered. Thank you for helping to improve Microsoft Q&A!.

Anveshreddy Nimmala 2,615 Reputation points Microsoft Vendor

2024-02-23T04:35:57.7633333+00:00

Hello EnterpriseArchitect, If an answer has been helpful, please consider accepting the answer to help increase visibility of this question for other members of the Microsoft Q&A community. If not, please let us know what is still needed in the comments so the question can be answered. Thank you for helping to improve Microsoft Q&A!.
Sign in to comment