Hi everyone,
I'm trying to set up an Azure policy to enforce the use of a VM extension, in this case "Custom Script For Linux". What I'd like to achieve is that deploying a linux VM not be possible without adding that extension. I tried several things, but it doesn't seem to work so far.
The snippet below contain the rule. Am I overlooking something or is something wrong with what I'm envisioning?
Thanks!!
{"policyRule": {"if": {"allOf": [
{"field": "type","equals": "Microsoft.Compute/virtualMachines/extensions"
},
{"not": {"field": "Microsoft.Compute/virtualMachines/extensions/publisher","equals": "Microsoft.OSTCExtensions"
}
},
{"not": {"field": "Microsoft.Compute/virtualMachines/extensions/type","equals": "CustomScriptForLinux"
}
}
]
},"then": {"effect": "deny"
}
},"parameters": {},"mode": "all","metadata": {"category": "retux-custom-policies"
}
}