%3CLINGO-SUB%20id%3D%22lingo-sub-1423775%22%20slang%3D%22en-US%22%3EImplementing%20Azure%20Policy%20using%20Terraform%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1423775%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSTRONG%3E%3CU%3EUse%20Case%3A%3C%2FU%3E%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3ETerraform%20is%20a%20tool%20that%20could%20help%20us%20to%20create%20infrastructure%20using%20the%20configuration%20files.%20The%20infrastructure%20could%20later%20be%20updated%20with%20change%20in%20execution%20plan.%20It%20can%20be%20used%20as%20a%20tool%20for%20carrying%20out%20continuous%20%26nbsp%3Bdeployments%20for%20various%20Azure%20Resources%20.Azure%20Policy%20is%20a%20governance%20service%20to%20keep%20our%20environments%20in%20consistent%20shape%20and%20exercise%20control.%3C%2FP%3E%0A%3CP%3EIn%20this%20blog%20post%2C%20we%20would%20be%20understanding%20the%20way%20we%20can%20configure%20Terraform%20to%20create%20and%20assign%20Azure%20policies%20as%20well%20as%20remediate%20existing%20policies.%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3E%3CU%3EConfiguring%20Terraform%20%3A%3C%2FU%3E%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3ETerraform%20can%20be%20configured%20in%20any%20of%20the%20following%20ways%20%3A%3C%2FP%3E%0A%3COL%3E%0A%3CLI%3EInbuilt%20setup%20in%20Azure%20Cloud%20Shell%3C%2FLI%3E%0A%3CLI%3ELocal%20Terraform%20Engine%3C%2FLI%3E%0A%3CLI%3EMarket%20Place%20image%20for%20setting%20up%20Terraform%20on%20IaaS%20VM.%3C%2FLI%3E%0A%3C%2FOL%3E%0A%3CP%3EFor%20this%20setup%2C%20we%20would%20be%20using%20Local%20Terraform%20engine%20to%20carry%20out%20the%20deployments.%20Steps%20to%20setup%20a%20local%20terraform%20engine%20can%20be%20found%20here%20%3A%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fdeveloper%2Fterraform%2Finstall-configure%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fdeveloper%2Fterraform%2Finstall-configure%3C%2FA%3E%3C%2FP%3E%0A%3CP%3EConsidering%20Azure%20Policy%2C%20Terraform%20provides%204%20different%20modules%20for%20different%20purpose.%20To%20find%20the%20arguments%20supported%20please%20refer%20inline%20links%20for%20the%20Terraform%20modules.%3C%2FP%3E%0A%3COL%3E%0A%3CLI%3Eazurerm_policy_assignment%20%3A%20To%20create%20Policy%20Assignments%20using%20Terraform.%3C%2FLI%3E%0A%3C%2FOL%3E%0A%3CP%3ELINk%20%3A%20%3CA%20href%3D%22https%3A%2F%2Fwww.terraform.io%2Fdocs%2Fproviders%2Fazurerm%2Fr%2Fpolicy_assignment.html%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.terraform.io%2Fdocs%2Fproviders%2Fazurerm%2Fr%2Fpolicy_assignment.html%3C%2FA%3E%3C%2FP%3E%0A%3COL%20start%3D%222%22%3E%0A%3CLI%3Eazurerm_policy_definition%20%3A%20To%20create%20Policy%20Definitions%20using%20Terraform.%3C%2FLI%3E%0A%3C%2FOL%3E%0A%3CP%3ELINK%20%3A%20%3CA%20href%3D%22https%3A%2F%2Fwww.terraform.io%2Fdocs%2Fproviders%2Fazurerm%2Fr%2Fpolicy_definition.html%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.terraform.io%2Fdocs%2Fproviders%2Fazurerm%2Fr%2Fpolicy_definition.html%3C%2FA%3E%3C%2FP%3E%0A%3COL%20start%3D%223%22%3E%0A%3CLI%3Eazurerm_policy_remediation%20%3A%20to%20create%20remediation%20tasks%20for%20the%20policy%20assignment.%3C%2FLI%3E%0A%3C%2FOL%3E%0A%3CP%3ELINK%20%3A%20%3CA%20href%3D%22https%3A%2F%2Fwww.terraform.io%2Fdocs%2Fproviders%2Fazurerm%2Fr%2Fpolicy_remediation.html%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.terraform.io%2Fdocs%2Fproviders%2Fazurerm%2Fr%2Fpolicy_remediation.html%3C%2FA%3E%3C%2FP%3E%0A%3COL%20start%3D%224%22%3E%0A%3CLI%3Eazurerm_policy_set_definition%20%3A%20To%20create%20policy%20initiatives.%3C%2FLI%3E%0A%3C%2FOL%3E%0A%3CP%3ELINK%20%3A%20%3CA%20href%3D%22https%3A%2F%2Fwww.terraform.io%2Fdocs%2Fproviders%2Fazurerm%2Fr%2Fpolicy_set_definition.html%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.terraform.io%2Fdocs%2Fproviders%2Fazurerm%2Fr%2Fpolicy_set_definition.html%3C%2FA%3E%3C%2FP%3E%0A%3CP%3EWe%20would%20need%20to%20reference%20the%20modules%20as%20per%20the%20need%20in%20our%20Terraform%20code.%20For%20this%20blog%2C%20we%20would%20be%20creating%20a%20policy%20definition%20using%20an%20inbuilt%20policy%20and%20then%20creating%20an%20assignment%20as%20well%20as%20a%20remediation%20task%20for%20the%20policy.%3C%2FP%3E%0A%3CP%3EOnce%20downloaded%20in%20local%20directory%2C%20Terraform%20configuration%20would%20look%20like%20following%20%3A%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22folder%20structure.jpg%22%20style%3D%22width%3A%20977px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F195016i6BDA2E561735D341%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20title%3D%22folder%20structure.jpg%22%20alt%3D%22folder%20structure.jpg%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3EWe%20can%20use%20cmd%20to%20run%20the%20terraform%20engine%20so%20as%20to%20initiate%20the%20deployments.%20Out%20of%20all%20the%20files%2C%20terraform.log%20file%20can%20come%20handy%20to%20troubleshoot%20deployment%20failures%20from%20debug%20traces%20logged%20in%20the%20file.%3C%2FP%3E%0A%3CP%3EFor%20this%20example%2C%20we%20would%20be%20using%20two%20.tf%20files%20for%20terraform%20deployment.%20Azure.tf%20to%20setup%20the%20variables%20and%20Antimalware.tf%20to%20setup%20policies.%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3E%3CU%3ELifecycle%20of%20Terraform%20Deployment%20%3A%3C%2FU%3E%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3ETerraform%20deployment%20can%20be%20structured%20into%203%20steps%20namely%20%3CSTRONG%3Einit%2C%20plan%20and%20apply%2C%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3ETerraform%20init%3C%2FSTRONG%3E%3A%20This%20would%20initialize%20the%20environment%20for%20local%20terraform%20engine%20so%20as%20to%20initiate%20the%20deployment.%20azurerm%20version%20and%20other%3C%2FP%3E%0A%3CP%3Edetails%20are%20setup%20during%20this%20phase.%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3Eterraform%20plan%3C%2FSTRONG%3E%3A%20This%20is%20one%20of%20the%20most%20popular%20step%20where%20in%20terraform%20plans%20the%20blueprint%20for%20the%20deployment%20to%20occur.%20Majority%20of%20template%3C%2FP%3E%0A%3CP%3Eerrors%20are%20ruled%20out%20in%20this%20step.%20This%20is%20rather%20useful%20since%20user%20can%20correct%20the%20code%20before%20the%20deployment%20starts.%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3ETerraform%20apply%3C%2FSTRONG%3E%20%3A%20Once%20the%20plan%20has%20been%20saved%2C%20user%20can%20go%20ahead%20and%20start%20the%20deployment%20process.%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EManaging%20Permissions%20when%20using%20service%20principal%3A%20%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3EWhenever%20Terraform%20is%20set%20to%20use%20a%20service%20principal%2C%20please%20ensure%20that%20the%20service%20principal%20provided%20has%20resource%20policy%20contributor%20rights%20for%20the%20policy%20assignment%20to%20work.%3C%2FP%3E%0A%3CP%3EYou%20can%20check%20for%20the%20name%20of%20service%20principal%20using%20the%20command%20Get-AzureADObjectbyObjectId%20%3A%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fpowershell%2Fmodule%2Fazuread%2Fget-azureadobjectbyobjectid%3Fview%3Dazureadps-2.0%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fpowershell%2Fmodule%2Fazuread%2Fget-azureadobjectbyobjectid%3Fview%3Dazureadps-2.0%3C%2FA%3E%20.%3C%2FP%3E%0A%3CP%3EIf%20access%20is%20not%20provided%2C%20you%20might%20face%20a%20403%20unauthorized%20error%20while%20trying%20to%20configure%20policies.%20Here%20is%20a%20snip%20from%20the%20cmd%20%3A%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-center%22%20image-alt%3D%22unauthorized.jpg%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F195017iE09160957F93F5A3%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20title%3D%22unauthorized.jpg%22%20alt%3D%22unauthorized.jpg%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ELooking%20for%20the%20ADobject%20with%20the%20Object%20ID%20we%20can%20get%20the%20name%20of%20the%20service%20principal%20that%20would%20be%20required%20for%20checking%20permissions.%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ADObject.jpg%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F195018i47497291D7F8F4AE%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20title%3D%22ADObject.jpg%22%20alt%3D%22ADObject.jpg%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3EFor%20assigning%20policies%2C%20this%20service%20principal%20should%20have%20Resource%20Policy%20Contributor%20access%20over%20the%20subscription.%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3E%3CU%3ERUNNING%20THROUGH%20THE%20TERRAFORM%20FILES%20%3A%3C%2FU%3E%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3EWe%20had%20been%20using%20Inbuilt%20Policy%20in%20this%20example%20that%20would%20deploy%20Antimalware%20extension%20for%20the%20servers.%20This%20would%20also%20need%20remediation%20and%20managed%20identity%20to%20be%20set%20in%20assignment.%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EContents%20of%20Azure.tf%20file%20%3A%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3Eprovider%20%22azurerm%22%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%20version%20%3D%20%22%3D2.3.0%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%20subscription_id%20%3D%20%22%3CENTER%20subscription%3D%22%22%20id%3D%22%22%3E%22%3C%2FENTER%3E%3C%2FP%3E%0A%3CP%3Efeatures%20%7B%7D%3C%2FP%3E%0A%3CP%3E%7D%3C%2FP%3E%0A%3CP%3EYou%20can%20create%20variables%20in%20this%20file%20that%20you%20can%20later%20use%20in%20your%20terraform%20deployment.%20The%20version%202.3.0%20of%20azurerm%20would%20be%20loaded%20into%20the%20session%20when%20terraform%20init%20command%20is%20run.%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EContents%20of%20AntiMalware.tf%20file%20%3A%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3Eresource%20%22azurerm_policy_definition%22%20%22IaaSAntiMalwarePolicy%22%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%20name%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3D%20%22IaaSAntiMalwarePolicy%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%20policy_type%26nbsp%3B%20%3D%20%22Custom%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%20mode%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3D%20%22All%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%20display_name%20%3D%20%22my-policy-definition%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%20policy_rule%20%3D%20%26lt%3B%3CPOLICY_RULE%3E%3C%2FPOLICY_RULE%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22if%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22allOf%22%3A%20%5B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22field%22%3A%20%22type%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22equals%22%3A%20%22Microsoft.Compute%2FvirtualMachines%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22field%22%3A%20%22Microsoft.Compute%2FimagePublisher%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22equals%22%3A%20%22MicrosoftWindowsServer%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22field%22%3A%20%22Microsoft.Compute%2FimageOffer%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22equals%22%3A%20%22WindowsServer%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22field%22%3A%20%22Microsoft.Compute%2FimageSKU%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22in%22%3A%20%5B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%222008-R2-SP1%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%222008-R2-SP1-smalldisk%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%222012-Datacenter%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%222012-Datacenter-smalldisk%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%222012-R2-Datacenter%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%222012-R2-Datacenter-smalldisk%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%222016-Datacenter%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%222016-Datacenter-Server-Core%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%222016-Datacenter-Server-Core-smalldisk%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%222016-Datacenter-smalldisk%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%222016-Datacenter-with-Containers%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%222016-Datacenter-with-RDSH%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%222019-Datacenter%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%222019-Datacenter-Core%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%222019-Datacenter-Core-smalldisk%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%222019-Datacenter-Core-with-Containers%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%222019-Datacenter-Core-with-Containers-smalldisk%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%222019-Datacenter-smalldisk%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%222019-Datacenter-with-Containers%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%222019-Datacenter-with-Containers-smalldisk%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%5D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%5D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22then%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22effect%22%3A%20%22deployIfNotExists%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22details%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22type%22%3A%20%22Microsoft.Compute%2FvirtualMachines%2Fextensions%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22existenceCondition%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22allOf%22%3A%20%5B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22field%22%3A%20%22Microsoft.Compute%2FvirtualMachines%2Fextensions%2Ftype%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22equals%22%3A%20%22IaaSAntimalware%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22field%22%3A%20%22Microsoft.Compute%2FvirtualMachines%2Fextensions%2Fpublisher%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22equals%22%3A%20%22Microsoft.Azure.Security%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%5D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22roleDefinitionIds%22%3A%20%5B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22%2Fproviders%2Fmicrosoft.authorization%2FroleDefinitions%2F9980e02c-c2be-4d73-94e8-173b1dc7cf3c%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%5D%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22deployment%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22properties%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22mode%22%3A%20%22incremental%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22template%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22%24schema%22%3A%20%22%3CA%20href%3D%22http%3A%2F%2Fschema.management.azure.com%2Fschemas%2F2015-01-01%2FdeploymentTemplate.json%23%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttp%3A%2F%2Fschema.management.azure.com%2Fschemas%2F2015-01-01%2FdeploymentTemplate.json%23%3C%2FA%3E%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22contentVersion%22%3A%20%221.0.0.0%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22parameters%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22vmName%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22type%22%3A%20%22string%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22location%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22type%22%3A%20%22string%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22ExclusionsPaths%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22type%22%3A%20%22string%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22defaultValue%22%3A%20%22%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22metadata%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22description%22%3A%20%22Semicolon%20delimited%20list%20of%20file%20paths%20or%20locations%20to%20exclude%20from%20scanning%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22ExclusionsExtensions%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22type%22%3A%20%22string%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%22defaultValue%22%3A%20%22%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22metadata%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22description%22%3A%20%22Semicolon%20delimited%20list%20of%20file%20extensions%20to%20exclude%20from%20scanning%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22ExclusionsProcesses%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%20%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%22type%22%3A%20%22string%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22defaultValue%22%3A%20%22%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22metadata%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22description%22%3A%20%22Semicolon%20delimited%20list%20of%20process%20names%20to%20exclude%20from%20scanning%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22RealtimeProtectionEnabled%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22type%22%3A%20%22string%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22defaultValue%22%3A%20%22true%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22metadata%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22description%22%3A%20%22Indicates%20whether%20or%20not%20real%20time%20protection%20is%20enabled%20(default%20is%20true)%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22ScheduledScanSettingsIsEnabled%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22type%22%3A%20%22string%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22defaultValue%22%3A%20%22false%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22metadata%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22description%22%3A%20%22Indicates%20whether%20or%20not%20custom%20scheduled%20scan%20settings%20are%20enabled%20(default%20is%20false)%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22ScheduledScanSettingsScanType%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22type%22%3A%20%22string%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22defaultValue%22%3A%20%22Quick%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22metadata%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22description%22%3A%20%22Indicates%20whether%20scheduled%20scan%20setting%20type%20is%20set%20to%20Quick%20or%20Full%20(default%20is%20Quick)%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22ScheduledScanSettingsDay%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22type%22%3A%20%22string%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22defaultValue%22%3A%20%227%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22metadata%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22description%22%3A%20%22Day%20of%20the%20week%20for%20scheduled%20scan%20(1-Sunday%2C%202-Monday%2C%20...%2C%207-Saturday)%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22ScheduledScanSettingsTime%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22type%22%3A%20%22string%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22defaultValue%22%3A%20%22120%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22metadata%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22description%22%3A%20%22When%20to%20perform%20the%20scheduled%20scan%2C%20measured%20in%20minutes%20from%20midnight%20(0-1440).%20For%20example%3A%200%20%3D%2012AM%2C%2060%20%3D%201AM%2C%20120%20%3D%202AM.%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22resources%22%3A%20%5B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22name%22%3A%20%22%5Bconcat(parameters('vmName')%2C'%2FIaaSAntimalware')%5D%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22type%22%3A%20%22Microsoft.Compute%2FvirtualMachines%2Fextensions%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22location%22%3A%20%22%5Bparameters('location')%5D%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22apiVersion%22%3A%20%222017-12-01%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22properties%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22publisher%22%3A%20%22Microsoft.Azure.Security%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22type%22%3A%20%22IaaSAntimalware%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22typeHandlerVersion%22%3A%20%221.3%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22autoUpgradeMinorVersion%22%3A%20true%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22settings%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22AntimalwareEnabled%22%3A%20true%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22RealtimeProtectionEnabled%22%3A%20%22%5Bparameters('RealtimeProtectionEnabled')%5D%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22ScheduledScanSettings%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22isEnabled%22%3A%20%22%5Bparameters('ScheduledScanSettingsIsEnabled')%5D%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22day%22%3A%20%22%5Bparameters('ScheduledScanSettingsDay')%5D%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%20%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%22time%22%3A%20%22%5Bparameters('ScheduledScanSettingsTime')%5D%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22scanType%22%3A%20%22%5Bparameters('ScheduledScanSettingsScanType')%5D%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22Exclusions%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22Extensions%22%3A%20%22%5Bparameters('ExclusionsExtensions')%5D%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22Paths%22%3A%20%22%5Bparameters('ExclusionsPaths')%5D%22%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22Processes%22%3A%20%22%5Bparameters('ExclusionsProcesses')%5D%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%5D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22parameters%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22vmName%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22value%22%3A%20%22%5Bfield('name')%5D%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22location%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22value%22%3A%20%22%5Bfield('location')%5D%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22RealtimeProtectionEnabled%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22value%22%3A%20%22true%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22ScheduledScanSettingsIsEnabled%22%3A%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%22value%22%3A%20%22true%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%20%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%7D%3C%2FP%3E%0A%3CP%3EPOLICY_RULE%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%20parameters%20%3D%20%26lt%3B%3CPARAMETERS%3E%3C%2FPARAMETERS%3E%3C%2FP%3E%0A%3CP%3E%7B%3C%2FP%3E%0A%3CP%3E%7D%26nbsp%3B%26nbsp%3B%26nbsp%3B%3C%2FP%3E%0A%3CP%3EPARAMETERS%3C%2FP%3E%0A%3CP%3E%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3Eresource%20%22azurerm_policy_assignment%22%20%22IaaSAntiMalwarePolicyAssignment%22%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%20name%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3D%20%22IaaSAntiMalwarePolicyAssignment%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%20scope%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3D%26nbsp%3B%20%E2%80%9C%2Fsubscriptions%2F00000000-0000-0000-000000000000%E2%80%9D%E2%80%9D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%20policy_definition_id%20%3D%20azurerm_policy_definition.IaaSAntiMalwarePolicy.id%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%20description%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3D%20%22Policy%20Assignment%20created%20via%20an%20Acceptance%20Test%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%20display_name%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3D%20%22IaaSAntiMalwarePolicyAssignment%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%20parameters%20%3D%20%26lt%3B%3CPARAMETERS%3E%3C%2FPARAMETERS%3E%3C%2FP%3E%0A%3CP%3E%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%7D%3C%2FP%3E%0A%3CP%3EPARAMETERS%3C%2FP%3E%0A%3CP%3Elocation%3D%22eastus%22%3C%2FP%3E%0A%3CP%3Eidentity%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3Etype%3D%22SystemAssigned%22%3C%2FP%3E%0A%3CP%3E%7D%3C%2FP%3E%0A%3CP%3E%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3Eresource%20%22azurerm_policy_remediation%22%20%22antimalware%22%20%7B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%20name%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3D%20%22remeditationforantimalwarepolicy%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%20scope%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3D%20azurerm_policy_assignment.IaaSAntiMalwarePolicyAssignment.scope%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%20policy_assignment_id%20%3D%20azurerm_policy_assignment.IaaSAntiMalwarePolicyAssignment.id%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%7D%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EBreaking%20the%20code%20into%20small%20pieces%2C%20the%20first%20section%20would%20create%20a%20policy%20definition%20with%20the%20name%20%3A%20my-policy-definition%3C%2FP%3E%0A%3CP%3ESince%20there%20are%20no%20parameters%2C%20thus%20the%20PARAMETERS%20section%20has%20been%20kept%20blank.%20Here%20is%20the%20snip%20%3A%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22policydef.jpg%22%20style%3D%22width%3A%20646px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F195019i0DD05A0CF21FC51A%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20title%3D%22policydef.jpg%22%20alt%3D%22policydef.jpg%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3ETerraform%20plan%20would%20layout%20the%20execution%20plan%20and%20would%20list%20down%20all%20the%20resources%20that%20would%20be%20provisioned.%20In%20this%20case%20we%20would%20be%20configuring%203%20resources-%20policy%20definition%2C%20policy%20assignment%20and%20remediation%20task.%3C%2FP%3E%0A%3CP%3ESecond%20section%20of%20Terraform%20code%20would%20create%20a%20policy%20assignment%20using%20the%20terraform%20module.%20We%20have%20setup%20the%20identity%20section%20in%20assignment%20so%20as%20to%20setup%20managed%20identity%20through%20terraform.%20Location%20Parameter%20is%20needed%20for%20the%20managed%20identity.%3C%2FP%3E%0A%3CP%3EThird%20section%20would%20be%20creating%20a%20remediation%20task%20on%20the%20policy%20assignment%20scope.%20Since%20we%20are%20doing%20it%20in%20one%20deployment%20there%20would%20not%20be%20any%20resources%20remediated%20by%20the%20time%20this%20policy%20would%20be%20created%20(%20state%20would%20be%20not%20started).%20Here%20is%20snip%20from%20terraform%20window%20after%20final%20deployment%20%3A%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22assignment.jpg%22%20style%3D%22width%3A%20947px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F195020i39AD4F1D74F1CA4B%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20title%3D%22assignment.jpg%22%20alt%3D%22assignment.jpg%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3ELooking%20at%20Azure%20Portal%20%2C%20we%20can%20see%20the%20resources%20to%20be%20created%20%3A%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EPolicy%20Definition%20%3A%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22portaldef.jpg%22%20style%3D%22width%3A%20852px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F195021iD66E579D20C1D352%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20title%3D%22portaldef.jpg%22%20alt%3D%22portaldef.jpg%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EPolicy%20Assignment%20%3A%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22portalassignment.jpg%22%20style%3D%22width%3A%20840px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F195022i2124524C7E4DBEE9%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20title%3D%22portalassignment.jpg%22%20alt%3D%22portalassignment.jpg%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3ERemediation%20Task%20%3A%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22remediation.jpg%22%20style%3D%22width%3A%20847px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F195023iF1A2A5E58F2A514F%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20title%3D%22remediation.jpg%22%20alt%3D%22remediation.jpg%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3EThis%20way%2C%20we%20can%20use%20the%20sections%20separately%20in%20our%20environment%20so%20as%20to%20automate%20the%20work%20of%20assigning%20policies%20or%20creating%20remediation%20tasks%20using%20Terraform.%3C%2FP%3E%0A%3CP%3EHappy%20Learning!%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-1423775%22%20slang%3D%22en-US%22%3E%3CP%3ETerraform%20is%20a%20tool%20that%20could%20help%20us%20to%20create%20infrastructure%20using%20the%20configuration%20files.%20The%20infrastructure%20could%20later%20be%20updated%20with%20change%20in%20execution%20plan.%20It%20can%20be%20used%20as%20a%20tool%20for%20carrying%20out%20continuous%20deployments%20for%20various%20Azure%20Resources%20.Azure%20Policy%20is%20a%20governance%20service%20to%20keep%20our%20environments%20in%20consistent%20shape%20and%20exercise%20control.%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1423775%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20Policy%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%20Resource%20Manager%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ETerraform%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E

Use Case:

Terraform is a tool that could help us to create infrastructure using the configuration files. The infrastructure could later be updated with change in execution plan. It can be used as a tool for carrying out continuous  deployments for various Azure Resources .Azure Policy is a governance service to keep our environments in consistent shape and exercise control.

In this blog post, we would be understanding the way we can configure Terraform to create and assign Azure policies as well as remediate existing policies.

Configuring Terraform :

Terraform can be configured in any of the following ways :

  1. Inbuilt setup in Azure Cloud Shell
  2. Local Terraform Engine
  3. Market Place image for setting up Terraform on IaaS VM.

For this setup, we would be using Local Terraform engine to carry out the deployments. Steps to setup a local terraform engine can be found here : https://docs.microsoft.com/en-us/azure/developer/terraform/install-configure

Considering Azure Policy, Terraform provides 4 different modules for different purpose. To find the arguments supported please refer inline links for the Terraform modules.

  1. azurerm_policy_assignment : To create Policy Assignments using Terraform.

LINk : https://www.terraform.io/docs/providers/azurerm/r/policy_assignment.html

  1. azurerm_policy_definition : To create Policy Definitions using Terraform.

LINK : https://www.terraform.io/docs/providers/azurerm/r/policy_definition.html

  1. azurerm_policy_remediation : to create remediation tasks for the policy assignment.

LINK : https://www.terraform.io/docs/providers/azurerm/r/policy_remediation.html

  1. azurerm_policy_set_definition : To create policy initiatives.

LINK : https://www.terraform.io/docs/providers/azurerm/r/policy_set_definition.html

We would need to reference the modules as per the need in our Terraform code. For this blog, we would be creating a policy definition using an inbuilt policy and then creating an assignment as well as a remediation task for the policy.

Once downloaded in local directory, Terraform configuration would look like following :

folder structure.jpg

We can use cmd to run the terraform engine so as to initiate the deployments. Out of all the files, terraform.log file can come handy to troubleshoot deployment failures from debug traces logged in the file.

For this example, we would be using two .tf files for terraform deployment. Azure.tf to setup the variables and Antimalware.tf to setup policies.

Lifecycle of Terraform Deployment :

Terraform deployment can be structured into 3 steps namely init, plan and apply,

Terraform init: This would initialize the environment for local terraform engine so as to initiate the deployment. azurerm version and other

details are setup during this phase.

terraform plan: This is one of the most popular step where in terraform plans the blueprint for the deployment to occur. Majority of template

errors are ruled out in this step. This is rather useful since user can correct the code before the deployment starts.

Terraform apply : Once the plan has been saved, user can go ahead and start the deployment process.

Managing Permissions when using service principal:

Whenever Terraform is set to use a service principal, please ensure that the service principal provided has resource policy contributor rights for the policy assignment to work.

You can check for the name of service principal using the command Get-AzureADObjectbyObjectId : https://docs.microsoft.com/en-us/powershell/module/azuread/get-azureadobjectbyobjectid?view=azureadp... .

If access is not provided, you might face a 403 unauthorized error while trying to configure policies. Here is a snip from the cmd :

unauthorized.jpg

 

Looking for the ADobject with the Object ID we can get the name of the service principal that would be required for checking permissions.

ADObject.jpg

For assigning policies, this service principal should have Resource Policy Contributor access over the subscription.

RUNNING THROUGH THE TERRAFORM FILES :

We had been using Inbuilt Policy in this example that would deploy Antimalware extension for the servers. This would also need remediation and managed identity to be set in assignment.

Contents of Azure.tf file :

provider "azurerm" {

  version = "=2.3.0"

  subscription_id = "<enter subscription ID>"

features {}

}

You can create variables in this file that you can later use in your terraform deployment. The version 2.3.0 of azurerm would be loaded into the session when terraform init command is run.

Contents of AntiMalware.tf file :

resource "azurerm_policy_definition" "IaaSAntiMalwarePolicy" {

  name         = "IaaSAntiMalwarePolicy"

  policy_type  = "Custom"

  mode         = "All"

  display_name = "my-policy-definition"

 

  policy_rule = <<POLICY_RULE

   {

      "if": {

        "allOf": [

          {

            "field": "type",

            "equals": "Microsoft.Compute/virtualMachines"

          },

          {

            "field": "Microsoft.Compute/imagePublisher",

            "equals": "MicrosoftWindowsServer"

          },

          {

            "field": "Microsoft.Compute/imageOffer",

            "equals": "WindowsServer"

          },

          {

            "field": "Microsoft.Compute/imageSKU",

            "in": [

              "2008-R2-SP1",

              "2008-R2-SP1-smalldisk",

              "2012-Datacenter",

              "2012-Datacenter-smalldisk",

              "2012-R2-Datacenter",

              "2012-R2-Datacenter-smalldisk",

              "2016-Datacenter",

              "2016-Datacenter-Server-Core",

              "2016-Datacenter-Server-Core-smalldisk",

              "2016-Datacenter-smalldisk",

              "2016-Datacenter-with-Containers",

              "2016-Datacenter-with-RDSH",

              "2019-Datacenter",

              "2019-Datacenter-Core",

              "2019-Datacenter-Core-smalldisk",

              "2019-Datacenter-Core-with-Containers",

              "2019-Datacenter-Core-with-Containers-smalldisk",

              "2019-Datacenter-smalldisk",

              "2019-Datacenter-with-Containers",

              "2019-Datacenter-with-Containers-smalldisk"

            ]

          }

        ]

      },

      "then": {

        "effect": "deployIfNotExists",

        "details": {

          "type": "Microsoft.Compute/virtualMachines/extensions",

          "existenceCondition": {

            "allOf": [

              {

                "field": "Microsoft.Compute/virtualMachines/extensions/type",

                "equals": "IaaSAntimalware"

              },

              {

                "field": "Microsoft.Compute/virtualMachines/extensions/publisher",

                "equals": "Microsoft.Azure.Security"

              }

            ]

          },

          "roleDefinitionIds": [

            "/providers/microsoft.authorization/roleDefinitions/9980e02c-c2be-4d73-94e8-173b1dc7cf3c"

          ],

          "deployment": {

            "properties": {

              "mode": "incremental",

              "template": {

                "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",

                "contentVersion": "1.0.0.0",

                "parameters": {

                  "vmName": {

                    "type": "string"

                  },

                  "location": {

                    "type": "string"

                  },

                  "ExclusionsPaths": {

                    "type": "string",

                    "defaultValue": "",

                    "metadata": {

                      "description": "Semicolon delimited list of file paths or locations to exclude from scanning"

                    }

                  },

                  "ExclusionsExtensions": {

                    "type": "string",

                    "defaultValue": "",

                    "metadata": {

                      "description": "Semicolon delimited list of file extensions to exclude from scanning"

                    }

                  },

                  "ExclusionsProcesses": {

                    "type": "string",

                    "defaultValue": "",

                    "metadata": {

                      "description": "Semicolon delimited list of process names to exclude from scanning"

                    }

                  },

                  "RealtimeProtectionEnabled": {

                    "type": "string",

                    "defaultValue": "true",

                    "metadata": {

                      "description": "Indicates whether or not real time protection is enabled (default is true)"

                    }

                  },

                  "ScheduledScanSettingsIsEnabled": {

                    "type": "string",

                    "defaultValue": "false",

                    "metadata": {

                      "description": "Indicates whether or not custom scheduled scan settings are enabled (default is false)"

                    }

                  },

                  "ScheduledScanSettingsScanType": {

                    "type": "string",

                    "defaultValue": "Quick",

                    "metadata": {

                      "description": "Indicates whether scheduled scan setting type is set to Quick or Full (default is Quick)"

                    }

                  },

                  "ScheduledScanSettingsDay": {

                    "type": "string",

                    "defaultValue": "7",

                    "metadata": {

                      "description": "Day of the week for scheduled scan (1-Sunday, 2-Monday, ..., 7-Saturday)"

                    }

                  },

                  "ScheduledScanSettingsTime": {

                    "type": "string",

                    "defaultValue": "120",

                    "metadata": {

                      "description": "When to perform the scheduled scan, measured in minutes from midnight (0-1440). For example: 0 = 12AM, 60 = 1AM, 120 = 2AM."

                    }

                  }

                },

                "resources": [

                  {

                    "name": "[concat(parameters('vmName'),'/IaaSAntimalware')]",

                    "type": "Microsoft.Compute/virtualMachines/extensions",

                    "location": "[parameters('location')]",

                    "apiVersion": "2017-12-01",

                    "properties": {

                      "publisher": "Microsoft.Azure.Security",

                      "type": "IaaSAntimalware",

                      "typeHandlerVersion": "1.3",

                      "autoUpgradeMinorVersion": true,

                      "settings": {

                        "AntimalwareEnabled": true,

                        "RealtimeProtectionEnabled": "[parameters('RealtimeProtectionEnabled')]",

                        "ScheduledScanSettings": {

                          "isEnabled": "[parameters('ScheduledScanSettingsIsEnabled')]",

                          "day": "[parameters('ScheduledScanSettingsDay')]",

                          "time": "[parameters('ScheduledScanSettingsTime')]",

                          "scanType": "[parameters('ScheduledScanSettingsScanType')]"

                        },

                        "Exclusions": {

                          "Extensions": "[parameters('ExclusionsExtensions')]",

                          "Paths": "[parameters('ExclusionsPaths')]",

                          "Processes": "[parameters('ExclusionsProcesses')]"

                        }

                      }

                    }

                  }

                ]

              },

              "parameters": {

                "vmName": {

                  "value": "[field('name')]"

                },

                "location": {

                  "value": "[field('location')]"

                },

                "RealtimeProtectionEnabled": {

                  "value": "true"

                },

                "ScheduledScanSettingsIsEnabled": {

                  "value": "true"

                }

              }

            }

          }

        }

      }

    }

POLICY_RULE

 

  parameters = <<PARAMETERS

{

}   

PARAMETERS

}

 

resource "azurerm_policy_assignment" "IaaSAntiMalwarePolicyAssignment" {

  name                 = "IaaSAntiMalwarePolicyAssignment"

  scope                =  “/subscriptions/00000000-0000-0000-000000000000””

  policy_definition_id = azurerm_policy_definition.IaaSAntiMalwarePolicy.id

  description          = "Policy Assignment created via an Acceptance Test"

  display_name         = "IaaSAntiMalwarePolicyAssignment"

 

  parameters = <<PARAMETERS

{

 

}

PARAMETERS

location="eastus"

identity {

 

type="SystemAssigned"

}

}

 

resource "azurerm_policy_remediation" "antimalware" {

  name                 = "remeditationforantimalwarepolicy"

  scope                = azurerm_policy_assignment.IaaSAntiMalwarePolicyAssignment.scope

  policy_assignment_id = azurerm_policy_assignment.IaaSAntiMalwarePolicyAssignment.id

 

}

 

Breaking the code into small pieces, the first section would create a policy definition with the name : my-policy-definition

Since there are no parameters, thus the PARAMETERS section has been kept blank. Here is the snip :

policydef.jpg

Terraform plan would layout the execution plan and would list down all the resources that would be provisioned. In this case we would be configuring 3 resources- policy definition, policy assignment and remediation task.

Second section of Terraform code would create a policy assignment using the terraform module. We have setup the identity section in assignment so as to setup managed identity through terraform. Location Parameter is needed for the managed identity.

Third section would be creating a remediation task on the policy assignment scope. Since we are doing it in one deployment there would not be any resources remediated by the time this policy would be created ( state would be not started). Here is snip from terraform window after final deployment :

assignment.jpg

Looking at Azure Portal , we can see the resources to be created :

Policy Definition :

portaldef.jpg

Policy Assignment :

portalassignment.jpg

Remediation Task :

remediation.jpg

This way, we can use the sections separately in our environment so as to automate the work of assigning policies or creating remediation tasks using Terraform.

Happy Learning!