From 58ebeef0f35643692ff937cbbdae7dc3a0a4f068 Mon Sep 17 00:00:00 2001 From: Richard Tunega Date: Wed, 30 Jul 2025 15:49:58 +0200 Subject: [PATCH 1/3] Add Latest Windows Server images into Configure Windows virtual machines to run AMA with cross subscription user-assigned managed identity-based authentication policy --- .../azurepolicy.json | 11 +++++++++++ .../azurepolicy.rules.json | 11 +++++++++++ 2 files changed, 22 insertions(+) diff --git a/policyDefinitions/Monitoring/configure-ama-on-windows-vm-with-cross-subscription-uami/azurepolicy.json b/policyDefinitions/Monitoring/configure-ama-on-windows-vm-with-cross-subscription-uami/azurepolicy.json index cbe5774f..c1eb6265 100644 --- a/policyDefinitions/Monitoring/configure-ama-on-windows-vm-with-cross-subscription-uami/azurepolicy.json +++ b/policyDefinitions/Monitoring/configure-ama-on-windows-vm-with-cross-subscription-uami/azurepolicy.json @@ -1,3 +1,5 @@ +// Consent for Sharing +//I, Richard Tunega, provide consent for this policy to be shared and used within the Azure Community Policy repository. { "name": "bdffab46-452d-5c4d-aacb-bdf9e45fd363", "type": "Microsoft.Authorization/policyDefinitions", @@ -193,7 +195,12 @@ { "field": "Microsoft.Compute/imageSku", "like": "2022-*" + }, + { + "field": "Microsoft.Compute/imageSku", + "like": "2025-*" } + ] } ] @@ -238,6 +245,10 @@ }, { "anyOf": [ + { + "field": "Microsoft.Compute/imageOffer", + "like": "*-WS2025" + }, { "field": "Microsoft.Compute/imageOffer", "like": "*-WS2022" diff --git a/policyDefinitions/Monitoring/configure-ama-on-windows-vm-with-cross-subscription-uami/azurepolicy.rules.json b/policyDefinitions/Monitoring/configure-ama-on-windows-vm-with-cross-subscription-uami/azurepolicy.rules.json index 490ae89f..ba420700 100644 --- a/policyDefinitions/Monitoring/configure-ama-on-windows-vm-with-cross-subscription-uami/azurepolicy.rules.json +++ b/policyDefinitions/Monitoring/configure-ama-on-windows-vm-with-cross-subscription-uami/azurepolicy.rules.json @@ -1,3 +1,5 @@ +// Consent for Sharing +//I, Richard Tunega, provide consent for this policy to be shared and used within the Azure Community Policy repository. { "if": { "allOf": [ @@ -58,7 +60,12 @@ { "field": "Microsoft.Compute/imageSku", "like": "2022-*" + }, + { + "field": "Microsoft.Compute/imageSku", + "like": "2025-*" } + ] } ] @@ -103,6 +110,10 @@ }, { "anyOf": [ + { + "field": "Microsoft.Compute/imageOffer", + "like": "*-WS2025" + }, { "field": "Microsoft.Compute/imageOffer", "like": "*-WS2022" From f046ed4606a1dff63536448ea577b7ac311d2fee Mon Sep 17 00:00:00 2001 From: Richard Tunega Date: Mon, 11 Aug 2025 10:40:55 +0200 Subject: [PATCH 2/3] Removed consent declaration comment from JSON configuration as per Azure Policy community recommendation. Comments are not supported in JSON and were causing parsing errors. --- .../azurepolicy.json | 2 -- .../azurepolicy.rules.json | 2 -- 2 files changed, 4 deletions(-) diff --git a/policyDefinitions/Monitoring/configure-ama-on-windows-vm-with-cross-subscription-uami/azurepolicy.json b/policyDefinitions/Monitoring/configure-ama-on-windows-vm-with-cross-subscription-uami/azurepolicy.json index c1eb6265..5931cc2a 100644 --- a/policyDefinitions/Monitoring/configure-ama-on-windows-vm-with-cross-subscription-uami/azurepolicy.json +++ b/policyDefinitions/Monitoring/configure-ama-on-windows-vm-with-cross-subscription-uami/azurepolicy.json @@ -1,5 +1,3 @@ -// Consent for Sharing -//I, Richard Tunega, provide consent for this policy to be shared and used within the Azure Community Policy repository. { "name": "bdffab46-452d-5c4d-aacb-bdf9e45fd363", "type": "Microsoft.Authorization/policyDefinitions", diff --git a/policyDefinitions/Monitoring/configure-ama-on-windows-vm-with-cross-subscription-uami/azurepolicy.rules.json b/policyDefinitions/Monitoring/configure-ama-on-windows-vm-with-cross-subscription-uami/azurepolicy.rules.json index ba420700..014cc32b 100644 --- a/policyDefinitions/Monitoring/configure-ama-on-windows-vm-with-cross-subscription-uami/azurepolicy.rules.json +++ b/policyDefinitions/Monitoring/configure-ama-on-windows-vm-with-cross-subscription-uami/azurepolicy.rules.json @@ -1,5 +1,3 @@ -// Consent for Sharing -//I, Richard Tunega, provide consent for this policy to be shared and used within the Azure Community Policy repository. { "if": { "allOf": [ From c9ac4026527d08bd1049119aaac792bcd5d50d2a Mon Sep 17 00:00:00 2001 From: Richard Tunega Date: Fri, 15 Aug 2025 13:52:43 +0200 Subject: [PATCH 3/3] change name to the unique guid --- .../azurepolicy.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/policyDefinitions/Monitoring/configure-ama-on-windows-vm-with-cross-subscription-uami/azurepolicy.json b/policyDefinitions/Monitoring/configure-ama-on-windows-vm-with-cross-subscription-uami/azurepolicy.json index 5931cc2a..d374e89d 100644 --- a/policyDefinitions/Monitoring/configure-ama-on-windows-vm-with-cross-subscription-uami/azurepolicy.json +++ b/policyDefinitions/Monitoring/configure-ama-on-windows-vm-with-cross-subscription-uami/azurepolicy.json @@ -1,5 +1,5 @@ { - "name": "bdffab46-452d-5c4d-aacb-bdf9e45fd363", + "name": "a7adb719-061a-49ff-bba7-8e23e10e1133", "type": "Microsoft.Authorization/policyDefinitions", "properties": { "displayName": "Configure Windows virtual machines to run AMA with cross subscription user-assigned managed identity-based authentication",