From 6cc62c4cec745542f3767635663f24a9fa42cd54 Mon Sep 17 00:00:00 2001
From: Ana Rita Vieira <82380327+anaritavieira@users.noreply.github.com>
Date: Tue, 8 Oct 2024 15:51:41 +0100
Subject: [PATCH] Create
 policy_definition_deny_instalation_deprecated_monitoring_agent_extensions.json

This Policy Definition denies the installation of Microsoft Monitoring Agent (MMA) and OmsAgentForLinux extensions on any virtual machines.
---
 ...eprecated_monitoring_agent_extensions.json | 48 +++++++++++++++++++
 1 file changed, 48 insertions(+)
 create mode 100644 policy_definition_deny_instalation_deprecated_monitoring_agent_extensions.json

diff --git a/policy_definition_deny_instalation_deprecated_monitoring_agent_extensions.json b/policy_definition_deny_instalation_deprecated_monitoring_agent_extensions.json
new file mode 100644
index 00000000..e178c4c9
--- /dev/null
+++ b/policy_definition_deny_instalation_deprecated_monitoring_agent_extensions.json
@@ -0,0 +1,48 @@
+{
+  "name": "Deny-Deprec-Extensions",
+  "type": "Microsoft.Authorization/policyDefinitions",
+  "apiVersion": "2021-06-01",
+  "properties": {
+    "policyType": "Custom",
+    "mode": "Indexed",
+    "displayName": "Deny Installation of Deprecated Monitoring Agent Extensions",
+    "description": "This policy denies the installation of Microsoft Monitoring Agent (MMA) and OmsAgentForLinux extensions on any virtual machines.",
+    "metadata": {
+      "version": "1.0.0",
+      "category": "Monitoring",
+      "source": "Custom Policy for Denying Deprecated Monitoring Extensions"
+    },
+    "parameters": {
+      "effect": {
+        "type": "String",
+        "allowedValues": ["Audit", "Deny", "Disabled"],
+        "defaultValue": "Deny",
+        "metadata": {
+          "displayName": "Effect",
+          "description": "Enable or disable the execution of the policy"
+        }
+      }
+    },
+    "policyRule": {
+      "if": {
+        "allOf": [
+          {
+            "field": "type",
+            "equals": "Microsoft.Compute/virtualMachines/extensions"
+          },
+          {
+            "field": "Microsoft.Compute/virtualMachines/extensions/publisher",
+            "equals": "Microsoft.EnterpriseCloud.Monitoring"
+          },
+          {
+            "field": "Microsoft.Compute/virtualMachines/extensions/type",
+            "in": ["MicrosoftMonitoringAgent", "OmsAgentForLinux"]
+          }
+        ]
+      },
+      "then": {
+        "effect": "[parameters('effect')]"
+      }
+    }
+  }
+}