bfc27d4abc
updating docs ( #1198 )
...
Co-authored-by: Jack Tracey <41163455+jtracey93@users.noreply.github.com>
2023-02-02 10:43:40 +00:00
6227ad6f13
add jan community call ( #1195 )
2023-02-01 11:23:20 +00:00
02f03db3ac
Update Deny-MachineLearning-PublicAccessWhenBehindVnet.json ( #1183 )
...
* Update Deny-MachineLearning-PublicAccessWhenBehindVnet.json
Fix very small type
* Auto-update Portal experience [anwather/cc34a013]
* Update Whats-new.md
* Update Deny-MachineLearning-PublicAccessWhenBehindVnet.json
* Auto-update Portal experience [anwather/cc34a013]
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
2023-01-24 10:25:25 +00:00
cc34a01382
removed md extensions ( #1180 )
2023-01-20 15:05:27 +00:00
4276fc853c
fix: Wiki Az Policy Titles ( #1177 )
2023-01-20 06:45:43 +00:00
2ee2aca682
ALZ Contribution Guide - Policy Naming Convention ( #1176 )
...
* policy naming convention
* added note
* More comments
2023-01-19 17:12:53 +00:00
94e4a3b79c
Low level document for updating ALZ custom policies ( #1154 )
...
* feat: 1st draft of updating alz custom policies
* Auto-update Portal experience [DaFitRobsta/18993f93]
* fix: Grammatical suggestions
* fix: updated wiki based on Jan's feedback.
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
2023-01-19 15:22:30 +01:00
1816c81e22
Issue #672 - Fix SQL Vulnerability Assessment Policy ( #1167 )
...
* Added RBAC role to write to blob
* added storage account contributor rbac for keys
* added to whats new
* Auto-update Portal experience [JamJarchitect/36543943]
* updated patch version of policy and whats new
* Auto-update Portal experience [JamJarchitect/a4de7169]
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
2023-01-04 10:06:03 +00:00
a4de71690d
Update Version Fixing #1166 ( #1168 )
2023-01-03 14:22:31 +00:00
36543943cc
Patch/issue1162 - duplicate of PR 1163 ( #1165 )
...
* blinQ: Fix issue 1162, add parameter minimalSeverity to template definition in deployment definition for policy definition Deploy-ASC-SecurityContacts
* Remove double brakets ]]
* Update policy version
* Update What's New
* Update PR template to reference contribution guidance
* Auto-update Portal experience [krowlandson/fc93df70]
Co-authored-by: Hein Tonny Køien <hein.koien@blinq.no>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
2022-12-28 12:00:28 +00:00
fc93df704a
Update contributing guidance ( #1095 )
...
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: JamJarchitect <53943045+JamJarchitect@users.noreply.github.com>
Co-authored-by: Jack Tracey <41163455+jtracey93@users.noreply.github.com>
2022-12-28 11:11:42 +00:00
0ed88dffca
Add is it maintained badges ( #1158 )
...
* Add is it maintained badges
* Update README.md
2022-12-20 11:50:51 +00:00
3bb0a9443d
Removed Activity Log Solution in LAW ( #1151 )
2022-12-19 21:25:44 +00:00
a80e7dffe1
Add ALZ Custom RBAC Role Defs to ALZ Portal Accelerators ( #1156 )
...
* add role defs
* fixes 1
* fixes 2
* cleanup
* convert to follow policy model
* fixes
* last one i think
* helps if you build the bicep file
* Add readme and cleanup
* update whats new
* updates from KR review
2022-12-19 12:26:51 +00:00
3d3f903a4c
Data factory Diagnostic settings policy now goes into compliance ( #1155 )
...
* Data factory Diagnostic settings policy was never going into compliance since it was checking for all logs being enabled, but the policy itself was missing two new ones: SandboxPipelineRuns and SandboxActivityRuns. Those have been added to the policy and will now be compliant after a remediation task
* Updated documentation to reflect change to policy
* Auto-update Portal experience [ericvruder/18993f93]
* Update src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-DataFactory.json
* Update src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-DataFactory.json
* Update docs/wiki/Whats-new.md
* Auto-update Portal experience [jtracey93/18993f93]
* increase version
* Auto-update Portal experience [jtracey93/18993f93]
Co-authored-by: Eric Ruder <ERRU@ABENADATA.DK>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Jack Tracey <41163455+jtracey93@users.noreply.github.com>
2022-12-16 15:52:23 +00:00
18993f93a3
Replace deprecated storage account diagnostic settings policy in initiative ( #1146 )
...
* Replaced deprecated policy in initiative
* Revert unintended changes in Whats-new
* Auto-update Portal experience [chrholt/364d1d17]
* Remove MCSB Overrides in Assignment (#1143 )
* Remove parameters from ASB policy assignment
* Punctuation in ASB assignment.
* Update to What's New
* Update to What's New
* Update to What's New - TOC Cleanup
* Another attempt at cleaning TOC
* Updated whats-new after new section
* Increase policy initiative version to v2.0.0
* Auto-update Portal experience [chrholt/915bd7ab]
Co-authored-by: Holt, Christoffer <christoffer.holt@skatteetaten.no>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Sacha Narinx <Springstone@users.noreply.github.com>
2022-12-06 12:22:46 +00:00
915bd7ab4d
Remove MCSB Overrides in Assignment ( #1143 )
...
* Remove parameters from ASB policy assignment
* Punctuation in ASB assignment.
* Update to What's New
* Update to What's New
* Update to What's New - TOC Cleanup
* Another attempt at cleaning TOC
2022-12-05 11:10:27 +00:00
364d1d173b
Fix #1073 - Update Private DNS Zones for Private Link ( #1141 )
...
* fix 1073 and update whats new
* remove whitespace in array
* added DNS zones
2022-11-28 18:38:06 +00:00
ff07fc89f6
User -SignedIn to get current user ( #1140 )
2022-11-28 14:09:09 +00:00
f4e7d01be9
Minor typo correction MCSB v1 not v2 ( #1139 )
2022-11-28 11:31:24 +00:00
5437e4d7d6
Rename Azure Security Benchmark to Microsoft Cloud Security Benchmark ( #1137 )
2022-11-25 19:53:19 +00:00
da4c1830ef
Wiki update ( #1135 )
...
* Wiki update to cover changes from #1132 and #1120
* updated
* Auto-update Portal experience [prjelesi/d222736c]
* Update docs/wiki/Whats-new.md
* Apply suggestions from code review
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Jack Tracey <41163455+jtracey93@users.noreply.github.com>
2022-11-24 11:24:26 +00:00
d222736cb2
US 24400 - Links to superseded policies ( #1134 )
...
* links to superseded policies
* updated whats new
* Auto-update Portal experience [JamJarchitect/f303a6ec]
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
2022-11-24 09:36:08 +00:00
f303a6ec9e
Patch `PrivateDnsZoneId` parameters ( #1133 )
...
* Add `defaultValue` for `PrivateDnsZoneId` parameters
Update formatting for consistency
* Bump policy initiative `version`
* Auto-update Portal experience [krowlandson/4f23cea5]
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
2022-11-23 22:27:04 +00:00
4f23cea522
Update DNS for private endpoint ( #1109 )
...
* Added new built-in policies into the initiative
* Update corresponding assignment
* Update What's New page
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Kevin Rowlandson <kevin.rowlandson@microsoft.com>
2022-11-23 20:33:48 +00:00
e04594ec0a
MDFC security contacts policy update ( #1120 )
...
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Jack Tracey <41163455+jtracey93@users.noreply.github.com>
2022-11-23 17:37:08 +00:00
d4d714bb85
Patch policy initiatives ( #1132 )
...
* Add default values to enable in-place update
* Update `alzCloudEnvironments` metadata
* Auto-update Portal experience [krowlandson/84ab0288]
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
2022-11-22 11:32:43 +00:00
84ab028861
Documentation on how to migrate from ALZ custom policy to built-in ( #1131 )
...
* Initial sync
* Update
* update
* Push first draft
* sync with fork
* Latest updates
* rename file
* Auto-update Portal experience [jfaurskov/b6899fbe]
* Update docs/wiki/migrate-alz-policies-to-builtin.md
Co-authored-by: Jack Tracey <41163455+jtracey93@users.noreply.github.com>
* fix links
* Update sidebar and whats-new
* fix heading
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Jack Tracey <41163455+jtracey93@users.noreply.github.com>
2022-11-22 10:15:20 +01:00
77fd165ec3
Added policy "Deploy Diagnostic Settings for Log Analytics to Log Analytics workspace" ( #1129 )
...
* Added Deploy-Diagnostics-LogAnalytics
Signed-off-by: Jan Egil Ring <janegilring@microsoft.com>
* Auto-update Portal experience [janegilring/d0fde789]
* Added Deploy-Diagnostics-LogAnalytics.json to loadPolicyDefinitions array
Signed-off-by: Jan Egil Ring <janegilring@microsoft.com>
* Auto-update Portal experience [janegilring/b6899fbe]
* Auto-update Portal experience [janegilring/b6899fbe]
* Update Whats-new.md
Signed-off-by: Jan Egil Ring <janegilring@microsoft.com>
Co-authored-by: Jan Egil Ring <janegilring@microsoft.com>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Jack Tracey <41163455+jtracey93@users.noreply.github.com>
2022-11-21 18:11:53 +00:00
b6899fbe73
Update databricks diagnostic setting policy ( #1126 )
...
* Added missing log categories for Databricks diagnostic settings
* Version increment and updated Whats-new.md
* Auto-update Portal experience [chrholt/812afd55]
Co-authored-by: Holt, Christoffer <christoffer.holt@skatteetaten.no>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
2022-11-21 11:19:42 +00:00
d0fde789f7
Correcting link pointing to old location. ( #1128 )
...
* Correcting link pointing to old location.
Link to see complete list of built-in and custom policies on line 19 in the markdown points off to an old page which then references this page again.
Updated anchor in link to move user to correct section on this page.
* Update docs/wiki/ALZ-Policies.md
Co-authored-by: Jack Tracey <41163455+jtracey93@users.noreply.github.com>
2022-11-18 12:27:30 +00:00
812afd550c
Update Deploy-Sql-SecurityAlertPolicies.json (hotfix) ( #1122 )
...
* Update Deploy-Sql-SecurityAlertPolicies.json
* Auto-update Portal experience [jtracey93/135294c5]
* Update Whats-new.md
* typo
* Auto-update Portal experience [jtracey93/135294c5]
* Empty-Commit
* Auto-update Portal experience [jtracey93/135294c5]
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
2022-11-17 09:52:44 +00:00
135294c564
Update SQL policies to fix #695 ( #1085 )
2022-11-16 21:10:48 +00:00
3988ae388a
Add AZFWFlowTrace category for AzFW ( #1119 )
...
* add AZFWFlowTrace category
* Auto-update Portal experience [jtracey93/409999b5]
* Update Whats-new.md
* update missing docs from previous policy PR
* Auto-update Portal experience [jtracey93/dd8971a9]
* empty
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
2022-11-15 15:10:51 +00:00
dd8971a9b2
Replace Deny-PublicIP with Not Allowed Resources ( #1103 )
...
* Initial commit
* Whatsnew and deprecated state
* Auto-update Portal experience [jfaurskov/6b9b9b5e]
* fix parameters
* Auto-update Portal experience [jfaurskov/6b9b9b5e]
* Array format
* Auto-update Portal experience [jfaurskov/3ec1251d]
* Add deny-PublicIP to deprecated policies list
* Remove unused columns
* Remove deprecated parameter
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
2022-11-14 17:50:28 +00:00
409999b53a
image links ( #1118 )
2022-11-14 15:29:45 +00:00
3ec1251d35
Update Available AZs in Portal Experience ( #1116 )
...
* update available AZs portal
* update whats new
2022-11-11 15:05:42 +00:00
8931a6c1d6
policy updated based on workitems 25022 ( #1115 )
...
* policy updated based on workitems 25022
* Auto-update Portal experience [prjelesi/2c577beb]
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
2022-11-11 14:55:26 +00:00
2c577beb43
images and nav ( #1110 )
...
* images and nav
* sidebar update
* amendments
2022-11-09 16:43:16 +00:00
45bfce01eb
ESLZ Policies docs migration ( #1106 )
...
* doc amendments and migrations
* tidy up
* amendments
* updates
2022-11-09 16:02:41 +00:00
b6efe33e0a
Minor policy doc update ( #1108 )
...
* Minor policy doc update
* Minor policy doc update (missed count update)
2022-11-09 12:57:22 +00:00
7a61b5559e
24458 Update ALZ Portal Accelerator with DDoS Std Rename to DDoS Netw… ( #1102 )
...
* 24458 Update ALZ Portal Accelerator with DDoS Std Rename to DDoS Network Protection
* Added changes per https://github.com/Azure/Enterprise-Scale/pull/1102#pullrequestreview-1166035972
* Auto-update Portal experience [kausd1/6b9b9b5e]
* Made changes to what-is-enterprise-scale
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
2022-11-03 17:54:59 +00:00
6b9b9b5e67
Deprecated NSG Flow Log Policies ( #1099 )
...
* deprecated nsg flow logs by built-ins
* Auto-update Portal experience [JamJarchitect/fa0840c5]
* added documentation and sidebar
* what's new
* table
* policy subheading
* table of content
* missed one
* Auto-update Portal experience [JamJarchitect/2acb47ca]
* added november
* one too many deprecations
* Auto-update Portal experience [JamJarchitect/2acb47ca]
* Empty-Commit
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
2022-11-02 13:21:18 +00:00
2acb47ca43
Enable Defender For Cosmos DB SKU to fix #1081 ( #1100 )
...
* Fixes issue 1081 by enabling defender for cosmos
* Auto-update Portal experience [dburlinson/fa0840c5]
* update assignment
* portal arm template update
* update test params
* update portal
* update whats new
Co-authored-by: David Burlinson <david.burlinson@microsoft.com>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Jack Tracey <41163455+jtracey93@users.noreply.github.com>
2022-11-01 09:33:16 +00:00
fa0840c5af
Push policy update notification ( #1098 )
2022-10-27 16:43:45 +02:00
460b21ec57
Add profile name parameter to diag policies ( #1059 )
...
* Add profile name parameter to diag policies
* Bump policy versions
* Auto-update Portal experience [krowlandson/03d0a873]
* Auto-update Portal experience [krowlandson/205b304b]
* Bump version for WVD policies
* Auto-update Portal experience [anwather/dc8a4177]
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Kevin Rowlandson <kevin.rowlandson@microsoft.com>
2022-10-25 16:23:38 +02:00
d35199af81
Add FAQ & Portal Warning for #1080 ( #1094 )
...
* fixes for 1080
* jf review comment
2022-10-25 09:57:59 +01:00
dc8a4177ad
Create Invoke-AlzCustomPolicyCheckAgainstBuiltIn.ps1 ( #1091 )
...
* Create Invoke-AlzCustomPolicyCheckAgainstBuiltIn.ps1
detect ALZ policy definitions where
* policyRule is equal to a BuiltIn Policy definition
* policyRuleIf is equal to a BuiltIn Policy definition
* policyRuleThen is equal to a BuiltIn Policy definition
Next iteration should include the BuiltIn Policy definition state (GA, preview, deprecated)
* linter fixes 1
* add PSScriptAnalyser Suppression
* additional suppression
Co-authored-by: Jack Tracey <41163455+jtracey93@users.noreply.github.com>
2022-10-21 18:58:08 +01:00
1f2455b96e
Fix multiline input for `Edit-LineEndings` function ( #1090 )
2022-10-21 13:44:30 +01:00
205b304b48
Update to target HEAD ref ( #1088 )
...
* Update workflows
* Update to HEAD ref
2022-10-21 09:24:34 +01:00
maheshbenke
Jack Tracey
Anthony Watherston
JamJarchitect
Robert Lightner
Kevin Rowlandson
Luis Alfonso Chaves
Eric Ruder
Christoffer Holt
Sacha Narinx
Björn Sundling
Predrag Jelesijevic
Panagiotis Korologos
Jan Faurskov
Jan Egil Ring
Karl Cooke
kausd1
dburlinson
quoteee