我创建了一个策略定义,以便在 Windows 机器上安装 Microsoft Antimalware 扩展。当我转到 VM > 扩展时,没有扩展:
但是,当我转到 VM > Policies 并选择适当的策略时,我没有看到此 VM?
我执行了以下两个命令来创建定义和分配策略。
定义:
az policy definition create --name 'Microsoft-Antimalware-extension-windows-server' --display-name 'Deploy default Microsoft IaaSAntimalware extension for Windows Server' --description 'This policy deploys a Microsoft IaaSAntimalware extension with a default configuraion when a VM is not configured with the antimalware extension.' --rules 'https://raw.githubusercontent.com/Azure/azure-policy/master/samples/built-in-policy/deploy-default-antimalware-extension-for-windows-server/azurepolicy.rules.json' --params 'https://raw.githubusercontent.com/Azure/azure-policy/master/samples/built-in-policy/deploy-default-antimalware-extension-for-windows-server/azurepolicy.parameters.json' --mode All
任务:
az policy assignment create --scope /subscriptions/xxxxxxxxxxxxxxxxxxxxxxxxxxxx --policy "Microsoft-Antimalware-extension-windows-server"
另外,请注意,我在定义策略并将其分配给订阅后手动创建了 VM。