Skip Navigation

Public preview: Guest Configuration feature for Azure Policy

Published date: 24 September, 2018

A new feature is in preview for Azure Policy. Azure customers now have native tooling that offers visibility inside virtual machines to server and application settings across their subscriptions.

Enterprise organisations have requirements for operating systems, applications and operational environments. This includes industry security baselines such as CIS/STIG and application information such as certificate properties or protocol versions. Organisational requirements can even include performance and capacity specifications. We plan to iterate rapidly together with customers to add new content and functionality.

The first policy available for testing is named [Preview]: Audit Password security settings inside Linux and Windows virtual machines. Find this policy in Azure from the Policy resource. Select Definitions and then filter Type to Guest Configuration.


The initiative combines rules that deploy a new VM extension and audit checks performed inside a virtual machine. There are nine settings in the preview policy. Six settings evaluate password policy inside Windows Server by using the latest version of the Microsoft Desired State Configuration platform. Three settings evaluate password-related settings inside Linux servers by using the Chef’s InSpec language. Any additional policies will be based on customer feedback and interest in expanding both tooling and functionality.

To learn more, connect with our team:

  • Azure Policy
  • Compliance

Related Products