Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Built-in Policy Release 908282b2 #1376

Merged
merged 1 commit into from
Sep 3, 2024
Merged

Built-in Policy Release 908282b2 #1376

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 5 additions & 3 deletions ...icies/policyDefinitions/Azure Government/Monitoring/AzureMonitor_DCRA_Arc_Linux_DINE.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,10 @@
"mode": "Indexed",
"description": "Deploy Association to link Linux Arc machines to the specified Data Collection Rule or the specified Data Collection Endpoint. The list of locations are updated over time as support is increased.",
"metadata": {
"version": "2.1.0",
"version": "2.1.1",
"category": "Monitoring"
},
"version": "2.1.0",
"version": "2.1.1",
"parameters": {
"effect": {
"type": "String",
Expand All @@ -27,7 +27,8 @@
"metadata": {
"displayName": "Data Collection Rule Resource Id or Data Collection Endpoint Resource Id",
"description": "Resource Id of the Data Collection Rule or the Data Collection Endpoint to be applied on the Linux machines in scope.",
"portalReview": "true"
"portalReview": "true",
"assignPermissions": true
}
},
"resourceType": {
Expand Down Expand Up @@ -157,6 +158,7 @@
}
},
"versions": [
"2.1.1",
"2.1.0",
"2.0.0"
]
Expand Down
8 changes: 5 additions & 3 deletions ...ies/policyDefinitions/Azure Government/Monitoring/AzureMonitor_DCRA_Arc_Windows_DINE.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,10 @@
"mode": "Indexed",
"description": "Deploy Association to link Windows Arc machines to the specified Data Collection Rule or the specified Data Collection Endpoint. The list of locations are updated over time as support is increased.",
"metadata": {
"version": "2.1.0",
"version": "2.1.1",
"category": "Monitoring"
},
"version": "2.1.0",
"version": "2.1.1",
"parameters": {
"effect": {
"type": "String",
Expand All @@ -27,7 +27,8 @@
"metadata": {
"displayName": "Data Collection Rule Resource Id or Data Collection Endpoint Resource Id",
"description": "Resource Id of the Data Collection Rule or the Data Collection Endpoint to be applied on the Linux machines in scope.",
"portalReview": "true"
"portalReview": "true",
"assignPermissions": true
}
},
"resourceType": {
Expand Down Expand Up @@ -157,6 +158,7 @@
}
},
"versions": [
"2.1.1",
"2.1.0",
"2.0.0"
]
Expand Down
8 changes: 5 additions & 3 deletions ...-policies/policyDefinitions/Azure Government/Monitoring/AzureMonitor_DCRA_Linux_DINE.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,10 @@
"mode": "Indexed",
"description": "Deploy Association to link Linux virtual machines, virtual machine scale sets, and Arc machines to the specified Data Collection Rule or the specified Data Collection Endpoint. The list of locations and OS images are updated over time as support is increased.",
"metadata": {
"version": "2.1.0",
"version": "2.1.1",
"category": "Monitoring"
},
"version": "2.1.0",
"version": "2.1.1",
"parameters": {
"effect": {
"type": "String",
Expand Down Expand Up @@ -47,7 +47,8 @@
"metadata": {
"displayName": "Data Collection Rule Resource Id or Data Collection Endpoint Resource Id",
"description": "Resource Id of the Data Collection Rule or the Data Collection Endpoint to be applied on the Linux machines in scope.",
"portalReview": "true"
"portalReview": "true",
"assignPermissions": true
}
},
"resourceType": {
Expand Down Expand Up @@ -656,6 +657,7 @@
}
},
"versions": [
"2.1.1",
"2.1.0",
"2.0.0"
]
Expand Down
8 changes: 5 additions & 3 deletions ...cies/policyDefinitions/Azure Government/Monitoring/AzureMonitor_DCRA_VMSS_Linux_DINE.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,10 @@
"mode": "Indexed",
"description": "Deploy Association to link Linux virtual machine scale sets to the specified Data Collection Rule or the specified Data Collection Endpoint. The list of locations and OS images are updated over time as support is increased.",
"metadata": {
"version": "2.1.0",
"version": "2.1.1",
"category": "Monitoring"
},
"version": "2.1.0",
"version": "2.1.1",
"parameters": {
"effect": {
"type": "String",
Expand Down Expand Up @@ -47,7 +47,8 @@
"metadata": {
"displayName": "Data Collection Rule Resource Id or Data Collection Endpoint Resource Id",
"description": "Resource Id of the Data Collection Rule or the Data Collection Endpoint to be applied on the Linux machines in scope.",
"portalReview": "true"
"portalReview": "true",
"assignPermissions": true
}
},
"resourceType": {
Expand Down Expand Up @@ -562,6 +563,7 @@
}
},
"versions": [
"2.1.1",
"2.1.0",
"2.0.0"
]
Expand Down
8 changes: 5 additions & 3 deletions ...es/policyDefinitions/Azure Government/Monitoring/AzureMonitor_DCRA_VMSS_Windows_DINE.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,10 @@
"mode": "Indexed",
"description": "Deploy Association to link Windows virtual machine scale sets to the specified Data Collection Rule or the specified Data Collection Endpoint. The list of locations and OS images are updated over time as support is increased.",
"metadata": {
"version": "2.4.0",
"version": "2.4.1",
"category": "Monitoring"
},
"version": "2.4.0",
"version": "2.4.1",
"parameters": {
"effect": {
"type": "String",
Expand Down Expand Up @@ -47,7 +47,8 @@
"metadata": {
"displayName": "Data Collection Rule Resource Id or Data Collection Endpoint Resource Id",
"description": "Resource Id of the Data Collection Rule or the Data Collection Endpoint to be applied on the Linux machines in scope.",
"portalReview": "true"
"portalReview": "true",
"assignPermissions": true
}
},
"resourceType": {
Expand Down Expand Up @@ -357,6 +358,7 @@
}
},
"versions": [
"2.4.1",
"2.4.0",
"2.3.0",
"2.2.0"
Expand Down
8 changes: 5 additions & 3 deletions ...licies/policyDefinitions/Azure Government/Monitoring/AzureMonitor_DCRA_VM_Linux_DINE.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,10 @@
"mode": "Indexed",
"description": "Deploy Association to link Linux virtual machines to the specified Data Collection Rule or the specified Data Collection Endpoint. The list of locations and OS images are updated over time as support is increased.",
"metadata": {
"version": "2.1.0",
"version": "2.1.1",
"category": "Monitoring"
},
"version": "2.1.0",
"version": "2.1.1",
"parameters": {
"effect": {
"type": "String",
Expand Down Expand Up @@ -47,7 +47,8 @@
"metadata": {
"displayName": "Data Collection Rule Resource Id or Data Collection Endpoint Resource Id",
"description": "Resource Id of the Data Collection Rule or the Data Collection Endpoint to be applied on the Linux machines in scope.",
"portalReview": "true"
"portalReview": "true",
"assignPermissions": true
}
},
"resourceType": {
Expand Down Expand Up @@ -562,6 +563,7 @@
}
},
"versions": [
"2.1.1",
"2.1.0",
"2.0.0"
]
Expand Down
8 changes: 5 additions & 3 deletions ...cies/policyDefinitions/Azure Government/Monitoring/AzureMonitor_DCRA_VM_Windows_DINE.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,10 @@
"mode": "Indexed",
"description": "Deploy Association to link Windows virtual machines to the specified Data Collection Rule or the specified Data Collection Endpoint. The list of locations and OS images are updated over time as support is increased.",
"metadata": {
"version": "2.4.0",
"version": "2.4.1",
"category": "Monitoring"
},
"version": "2.4.0",
"version": "2.4.1",
"parameters": {
"effect": {
"type": "String",
Expand Down Expand Up @@ -47,7 +47,8 @@
"metadata": {
"displayName": "Data Collection Rule Resource Id or Data Collection Endpoint Resource Id",
"description": "Resource Id of the Data Collection Rule or the Data Collection Endpoint to be applied on the Linux machines in scope.",
"portalReview": "true"
"portalReview": "true",
"assignPermissions": true
}
},
"resourceType": {
Expand Down Expand Up @@ -357,6 +358,7 @@
}
},
"versions": [
"2.4.1",
"2.4.0",
"2.3.0",
"2.2.0"
Expand Down
8 changes: 5 additions & 3 deletions ...olicies/policyDefinitions/Azure Government/Monitoring/AzureMonitor_DCRA_Windows_DINE.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,10 @@
"mode": "Indexed",
"description": "Deploy Association to link Windows virtual machines, virtual machine scale sets, and Arc machines to the specified Data Collection Rule or the specified Data Collection Endpoint. The list of locations and OS images are updated over time as support is increased.",
"metadata": {
"version": "2.2.0",
"version": "2.2.1",
"category": "Monitoring"
},
"version": "2.2.0",
"version": "2.2.1",
"parameters": {
"effect": {
"type": "String",
Expand Down Expand Up @@ -47,7 +47,8 @@
"metadata": {
"displayName": "Data Collection Rule Resource Id or Data Collection Endpoint Resource Id",
"description": "Resource Id of the Data Collection Rule or the Data Collection Endpoint to be applied on the Linux machines in scope.",
"portalReview": "true"
"portalReview": "true",
"assignPermissions": true
}
},
"resourceType": {
Expand Down Expand Up @@ -451,6 +452,7 @@
}
},
"versions": [
"2.2.1",
"2.2.0",
"2.1.0"
]
Expand Down
15 changes: 3 additions & 12 deletions built-in-policies/policySetDefinitions/Azure Government/Regulatory Compliance/CISv1_1_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,10 @@
"policyType": "BuiltIn",
"description": "The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.1.0 controls. For more information, visit https://aka.ms/cisazure110-initiative",
"metadata": {
"version": "15.4.0",
"version": "15.5.0",
"category": "Regulatory Compliance"
},
"version": "15.4.0",
"version": "15.5.0",
"policyDefinitionGroups": [
{
"name": "CIS_Azure_1.1.0_1.1",
Expand Down Expand Up @@ -617,16 +617,6 @@
"CIS_Azure_1.1.0_2.4"
]
},
{
"policyDefinitionReferenceId": "CISv110x2x5CISv110x7x6",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/af6cd1bd-1635-48cb-bde7-5b15693900b9",
"definitionVersion": "3.*.*",
"parameters": {},
"groupNames": [
"CIS_Azure_1.1.0_2.5",
"CIS_Azure_1.1.0_7.6"
]
},
{
"policyDefinitionReferenceId": "CISv110x2x9",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e71308d3-144b-4262-b144-efdc3cc90517",
Expand Down Expand Up @@ -1183,6 +1173,7 @@
}
],
"versions": [
"15.5.0",
"15.4.0",
"15.3.0",
"15.2.0"
Expand Down
23 changes: 6 additions & 17 deletions built-in-policies/policySetDefinitions/Azure Government/Regulatory Compliance/CISv1_3_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,10 @@
"policyType": "BuiltIn",
"description": "The Center for Internet Security (CIS) is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' CIS benchmarks are configuration baselines and best practices for securely configuring a system. These policies address a subset of CIS Microsoft Azure Foundations Benchmark v1.3.0 controls. For more information, visit https://aka.ms/cisazure130-initiative",
"metadata": {
"version": "7.6.0",
"version": "7.7.0",
"category": "Regulatory Compliance"
},
"version": "7.6.0",
"version": "7.7.0",
"policyDefinitionGroups": [
{
"name": "CIS_Azure_1.3.0_1.1",
Expand Down Expand Up @@ -1449,14 +1449,15 @@
},
"effect-af6cd1bd-1635-48cb-bde7-5b15693900b9": {
"type": "String",
"defaultValue": "AuditIfNotExists",
"defaultValue": "Disabled",
"allowedValues": [
"AuditIfNotExists",
"Disabled"
],
"metadata": {
"displayName": "Effect for policy: Monitor missing Endpoint Protection in Azure Security Center",
"description": "For more information about effects, visit https://aka.ms/policyeffects"
"description": "For more information about effects, visit https://aka.ms/policyeffects",
"deprecated": true
}
},
"effect-0b60c0b2-2dc2-4e1c-b5c9-abbed971de53": {
Expand Down Expand Up @@ -2680,19 +2681,6 @@
"CIS_Azure_1.3.0_7.5"
]
},
{
"policyDefinitionReferenceId": "af6cd1bd-1635-48cb-bde7-5b15693900b9",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/af6cd1bd-1635-48cb-bde7-5b15693900b9",
"definitionVersion": "3.*.*",
"parameters": {
"effect": {
"value": "[parameters('effect-af6cd1bd-1635-48cb-bde7-5b15693900b9')]"
}
},
"groupNames": [
"CIS_Azure_1.3.0_7.6"
]
},
{
"policyDefinitionReferenceId": "0b60c0b2-2dc2-4e1c-b5c9-abbed971de53",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0b60c0b2-2dc2-4e1c-b5c9-abbed971de53",
Expand Down Expand Up @@ -2886,6 +2874,7 @@
}
],
"versions": [
"7.7.0",
"7.6.0",
"7.5.0",
"7.4.0"
Expand Down
Loading