moved meraki metadata to top of the file, prerequisites to array

MasterPlaybooks/Remediation-Host/CiscoMeraki-Remediation-Host/azuredeploy.json

@@ -1,6 +1,24 @@
 {
     "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
     "contentVersion": "1.0.0.0",
+    "metadata":{
+        "title": "Cisco Meraki Block Device Client Playbook",
+        "description": " When this playbook gets triggered and performs the below actions: 1. Fetches a list of device clients with suspicious activity. 2. For each client in the list, checks if the client is blocked by any network of the organization.  - If client does not exist in network, then  comment is created saying client not found.  - If client exists in network, check policy rule associated with client. If client policy does not exist in the network, then comment is created saying client policy not found. If client policy exists in the network as Blocked, then comment is created saying client blocked using client policy. If client policy exists in the network as Whitelisted, then comment is created saying client allowed using client policy. If client policy exists in the network as group policy, then check the group policy details and comment is created saying client blocked using client policy. If client policy exists in the network as Normal, then client is blocked by playbook.Comment is created saying Client blocked by playbook. - Add incident Comment from all the cases. 3. Responses with status 'Closed' and reason as  - For allowed Client - 'BenignPositive - SuspiciousButExpected'  - For blocked Client - 'TruePositive - SuspiciousActivity'",
+        "prerequisites": [
+            "1. Deploy the Cisco Meraki Custom Connector before the deployment of this playbook under the same subscription and same resource group. Capture the name of the connector during deployment.",
+            "2. Cisco Meraki API Key should be known to establish a connection with Cisco Meraki Custom Connector. [Refer here](https://developer.cisco.com/meraki/api-v1/#!getting-started/authorization)",
+            "3. Organization name should be known. [Refer here](https://developer.cisco.com/meraki/api-v1/#!getting-started/find-your-organization-id) 4. Network name should be known.[Refer here](https://developer.cisco.com/meraki/api-v1/#!getting-started/find-your-network-id)\n5. Network Group Policy name should be known. [Refer here](./Images/Scheduling-FromOneDay.png)"
+        ],
+        "lastUpdateTime": "2022-08-29T10:43:00Z",
+        "entities": ["host"],
+        "tags": ["Remediation", "Incident management"],
+        "support": {
+            "tier": "microsoft"
+        },
+        "author": {
+            "name": "microsoft"
+        }
+    },
     "parameters": {
         "PlaybookName": {
             "defaultValue": "Block-Device-Client-Meraki-Nested",
@@ -922,19 +940,5 @@
                 }
             }
         }
-    ],
-    "metadata":{
-        "title": "Cisco Meraki Block Device Client Playbook",
-        "description": " When this playbook gets triggered and performs the below actions: 1. Fetches a list of device clients with suspicious activity. 2. For each client in the list, checks if the client is blocked by any network of the organization.  - If client does not exist in network, then  comment is created saying client not found.  - If client exists in network, check policy rule associated with client. If client policy does not exist in the network, then comment is created saying client policy not found. If client policy exists in the network as Blocked, then comment is created saying client blocked using client policy. If client policy exists in the network as Whitelisted, then comment is created saying client allowed using client policy. If client policy exists in the network as group policy, then check the group policy details and comment is created saying client blocked using client policy. If client policy exists in the network as Normal, then client is blocked by playbook.Comment is created saying Client blocked by playbook. - Add incident Comment from all the cases. 3. Responses with status 'Closed' and reason as  - For allowed Client - 'BenignPositive - SuspiciousButExpected'  - For blocked Client - 'TruePositive - SuspiciousActivity'",
-        "prerequisites": "1. Deploy the Cisco Meraki Custom Connector before the deployment of this playbook under the same subscription and same resource group. Capture the name of the connector during deployment. 2. Cisco Meraki API Key should be known to establish a connection with Cisco Meraki Custom Connector. [Refer here](https://developer.cisco.com/meraki/api-v1/#!getting-started/authorization) 3. Organization name should be known. [Refer here](https://developer.cisco.com/meraki/api-v1/#!getting-started/find-your-organization-id) 4. Network name should be known.[Refer here](https://developer.cisco.com/meraki/api-v1/#!getting-started/find-your-network-id)\n5. Network Group Policy name should be known. [Refer here](./Images/Scheduling-FromOneDay.png)",
-        "lastUpdateTime": "2022-08-29T10:43:00Z",
-        "entities": ["host"],
-        "tags": ["Remediation", "Incident management"],
-        "support": {
-            "tier": "microsoft"
-        },
-        "author": {
-            "name": "microsoft"
-        }
-    }
+    ]
 }

MasterPlaybooks/Remediation-Host/MDEIsolate-Remediation-Host/azurdeploy.json

@@ -4,7 +4,9 @@
     "metadata": {
         "title": "Isolate endpoint - MDE",
         "description": "This playbook will isolate (full) the machine in Microsoft Defender for Endpoint.",
-        "prerequisites": "You will need to grant Machine.Isolate permissions to the managed identity.",
+        "prerequisites": [
+            "You will need to grant Machine.Isolate permissions to the managed identity."
+        ],
         "lastUpdateTime": "2022-08-29T10:43:00Z",
         "entities": [ "Host" ],
         "tags": [ "Remediation" ],