Azure Monitor Agent Policies do not include server 2022

[mdowst]

Details of the scenario you tried and the problem that is occurring

I created an Azure Policy Assignment for the initiative Configure Windows machines to run Azure Monitor Agent and associate them to a Data Collection Rule and it does not recognize any Windows Server 2022 servers. I ran the Start-AzPolicyComplianceScan cmdlet and it completed successfully, but none of the 2022 server appear as resources.

When I checked the policy definition for the built-in policy Configure Windows virtual machines to run Azure Monitor Agent I saw that the filter for Microsoft.Compute/imageSKU only goes to Server 2019. Since it does not recognize the 2022 servers the agent is not being installed and they are not being added to the data collection rule. The VMs are using the SKU 2022-datacenter-azure-edition.

Suggested solution to the issue

Add the Server 2022 skus to the AzureMonitor_Agent_Windows_VM_Deploy and AzureMonitor_Agent_Windows_VM_Audit built-in policies.

[nehakulkarni123]

Hi @mdowst, thank you for this feedback-- we'll be sure to pass it along to the Monitoring team to see if it is possible to add 2022 servers to the list of skus in the built-in policy definitions you've mentioned.

To ensure you are unblocked, you can duplicate these built-in policy definitions as custom policy definitions and slightly modify the definition by adding any additional skus you're interested in being evaluated. Adding a link to creating a custom policy assignment just for reference.

[Springstone]

The new 2019 SKUs are now missing, like "2019-Datacenter-gensecond". Looks like the 2022 servers are now included.

[NikolaiKleppe]

The same applies to the initiative "Enable Azure Monitor for VMs". It's missing "-gensecond" Windows SKUs

[chris5287]

Any update here? Do we really have to create a custom policy for this?