Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

ASC Log Analytics Agent auto-provisioning policy

Copper Contributor

If I've understood correctly when I flip the switch on auto-provisioning there is a policy (deployIfNotExists) created behind the scenes. I tried going through the policies and could not find it. I only have the Azure Security Benchmark definition assigned and I don't think it includes any 'modify' or 'deployIfNotExists' policies.

Is this policy hidden somewhere? It somewhat bothers me that I don't seem to have visibility on this policy. I have a Linux box that has had a problem with the OmsAgentForLinux VM Extension. I'd like to see if the policy will re-install the extension. 

3 Replies
This one actually is not based on an Azure Policy. There is a background job that goes over all machines without MMA and deploys it.
It isn't? Based on this article it is, but I think you're right. If it is a policy, it's hidden from the users so that we cannot mess with it.
Thank you for pointing this out. All other auto-provisioning options, except the ALA at the moment, are based on Azure Policy. We probably need to note this in the docs. Thank you.