The enforcement mode of machine configuration (previously guest configuration) is now generally available. This represents the ApplyAndMonitor and ApplyAndAutocorrect auditing modes. The customer experience within Azure has not changed as a result of the renaming. Machine configuration continues to provide a native capability to audit or configure operating system settings as code, both for machines running in Azure and hybrid Azure Arc-enabled servers, directly per-machine or at-scale orchestrated through Azure Automanage, Microsoft Defender for Cloud, or Azure Policy.
You will now be able to:
- Apply and monitor configurations: Set the required configuration on your machines and remediate on demand.
- Apply and autocorrect configurations: Set the required configuration at scale and autoremediate in the event of a configuration drift.
- Apply configurations to machines at management group level.
- Set TLS 1.2 to machines through our newly released built-in policy.
- Create, delete, and monitor the compliance of your configurations through the Azure portal.
Learn more about the renaming in the blog and about machine configuration in the documentation.