![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 96%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENB%3C/text%3E%3C/svg%3E)
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
8,588 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 4%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKM%3C/text%3E%3C/svg%3E)
Hello, @Naresh Babu !
What Azure Policy should I use with VM Applications for installing a particular application on my VM?
You can use the Azure Policy deployIfNotExists. There's an Azure Dev Blog that goes into this in detail, including policy templates, explanations, and pitfalls:
https://devblogs.microsoft.com/azure-vm-runtime/managing-vm-applications-with-azure-policies/
Summary:
{
"properties": {
"displayName": "Ensure Snoopy",
"policyType": "Custom",
"mode": "All",
"parameters": {},
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals": "Microsoft.Compute/virtualMachines"
},
{
"field": "Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType",
"equals": "Windows"
}
]
},
"then": {
"effect": "deployIfNotExists",
"details": {
"type": "Microsoft.Compute/virtualMachines",
"name": "[field('name')]",
"existenceCondition": {
"allOf": [
{
"count": {
"field": "Microsoft.Compute/virtualMachines/applicationProfile.galleryApplications[*]",
"where": {
"field": "Microsoft.Compute/virtualMachines/applicationProfile.galleryApplications[*].packageReferenceId",
"equals": "/subscriptions/6C87EEF9-845B-4460-A87F-03416E2C466C/resourceGroups/policytest/providers/Microsoft.Compute/galleries/MyFirstGallery/applications/Snoopy/versions/1.0.0"
}
},
"greater": 0
}
]
},
"roleDefinitionIds": [
"/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635"
],
"deployment": {
"properties": {
"mode": "incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json",
"contentVersion": "1.0.0.0",
"parameters": {
"vmName": {
"type": "string"
},
"location": {
"type": "string"
}
},
"resources": [
{
"apiVersion": "2021-07-01",
"type": "Microsoft.Compute/virtualMachines/VMapplications",
"name": "[concat(parameters('vmName'),'/Snoopy')]",
"location": "[parameters('location')]",
"properties": {
"packageReferenceId": "/subscriptions/6C87EEF9-845B-4460-A87F-03416E2C466C/resourceGroups/policytest/providers/Microsoft.Compute/galleries/MyFirstGallery/applications/Snoopy/versions/1.0.0"
}
}
]
},
"parameters": {
"vmName": {
"value": "[field('name')]"
},
"location": {
"value": "[field('location')]"
}
}
}
}
}
}
}
}
}
- New application ("Snoopy, v 1.0.0)
- Run on Windows VMs
- Provide the resourceId of the VM Application you want to install
- roleDefinitionId provided for full access
I hope this has been helpful! Your feedback is important so please take a moment to accept answers.
If you still have questions, please let us know what is needed in the comments so the question can be answered. Thank you for helping to improve Microsoft Q&A!