Skip to content

Instantly share code, notes, and snippets.

@ljtill

ljtill/azuredeploy.json

Last active July 18, 2023 12:59
Show Gist options
  • Save ljtill/bd68e4ba23a2863866c44b10ae7e9a93 to your computer and use it in GitHub Desktop.
Save ljtill/bd68e4ba23a2863866c44b10ae7e9a93 to your computer and use it in GitHub Desktop.
Download ZIP
Provides the ability to deploy policy definition via arm template
Raw
azuredeploy.json
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"input": {
"value": {
"Name": "Audit-Linux-SSH-Password",
"ResourceId": "/providers/Microsoft.Management/managementGroups/LT/providers/Microsoft.Authorization/policyDefinitions/Audit-Linux-SSH-Password",
"ResourceName": "Audit-Linux-SSH-Password",
"ResourceType": "Microsoft.Authorization/policyDefinitions",
"SubscriptionId": null,
"PolicyDefinitionId": "/providers/Microsoft.Management/managementGroups/LT/providers/Microsoft.Authorization/policyDefinitions/Audit-Linux-SSH-Password",
"Properties": {
"Description": "Policy to audit for Linux VM SSH Password authentication.",
"DisplayName": "Audit-Linux-SSH-Password",
"Mode": "All",
"Parameters": {},
"PolicyRule": {
"if": {
"allof": [
{
"field": "type",
"equals": "Microsoft.Compute/virtualMachines"
},
{
"field": "Microsoft.Compute/virtualMachines/osProfile.linuxConfiguration",
"exists": "True"
},
{
"field": "Microsoft.Compute/virtualMachines/osProfile.linuxConfiguration.disablePasswordAuthentication",
"equals": "false"
}
]
},
"then": {
"effect": "audit"
}
}
}
}
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment