Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs: update incorrect values in docs #1925

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

docs: update incorrect values in docs #1925

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
7bf30d8
Update incorrect values
oZakari Feb 14, 2025
350a1bf
Update name
oZakari Feb 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 7 additions & 5 deletions docs/wiki/ALZ-Policies.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,8 +70,9 @@ This management group is a parent to all the other management groups created wit

| **Policy Type** | **Count** |
| :--- | :---: |
| `Policy Definition Sets` | **13** |
| `Policy Definitions` | **3** |
| `Policy Definition Sets` | **12** |
| `Policy Definitions` | **4** |

</td></tr> </table>

The table below provides the specific **Custom** and **Built-in** **policy definitions** and **policy definitions sets** assigned at the **Intermediate Root Management Group**.
Expand All @@ -81,8 +82,8 @@ The table below provides the specific **Custom** and **Built-in** **policy defin
| **Deploy Microsoft Defender for Cloud configuration** | **Deploy Microsoft Defender for Cloud configuration** | `Policy Definition Set`, **Custom** | Configures all the MDFC settings, such as Microsoft Defender for Cloud per individual service, security contacts, and export from MDFC to Log Analytics workspace | DeployIfNotExists |
| **[Preview]: Deploy Microsoft Defender for Endpoint agent** | **[Preview]: Deploy Microsoft Defender for Endpoint agent** | `Policy Definition Set`, **Built-in** | Deploy Microsoft Defender for Endpoint agent on applicable images. | DeployIfNotExists |
| **Configure multiple Microsoft Defender for Endpoint integration settings with Microsoft Defender for Cloud** | **Configure multiple Microsoft Defender for Endpoint integration settings with Microsoft Defender for Cloud** | `Policy Definition Set`, **Built-in** | Configure multiple Microsoft Defender for Endpoint integration settings with Microsoft Defender for Cloud images. | DeployIfNotExists |
| **Deploy-Diag-Logs** | **Deploy Diagnostic Settings to Azure Services** | `Policy Definition Set`, **Custom** | This policy set deploys the configurations of application Azure resources to forward diagnostic logs and metrics to an Azure Log Analytics workspace. | DeployIfNotExists |
| **Enable Monitoring in Azure Security Center** | **Azure Security Benchmark** | `Policy Definition Set`, **Built-in** | The Microsoft Cloud Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft Cloud Security Benchmark v1, see https://aka.ms/azsecbm. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | Audit, AuditIfNotExists, Disabled |
| **"Enable allLogs category group resource logging for supported resources to Log Analytics** or | **Deploy Diagnostic Settings to Azure Services** | `Policy Definition Set`, **Custom** | This policy set deploys the configurations of application Azure resources to forward diagnostic logs and metrics to an Azure Log Analytics workspace. | DeployIfNotExists |
| **Enable Monitoring in Microsoft Defender for Cloud** | **Azure Security Benchmark** | `Policy Definition Set`, **Built-in** | The Microsoft Cloud Security Benchmark initiative represents the policies and controls implementing security recommendations defined in Microsoft Cloud Security Benchmark v1, see <https://aka.ms/azsecbm>. This also serves as the Azure Security Center default policy initiative. You can directly assign this initiative, or manage its policies and compliance results within Azure Security Center. | Audit, AuditIfNotExists, Disabled |
| **Configure Azure Defender to be enabled on SQL Servers and SQL Managed Instances** | **Configure Azure Defender to be enabled on SQL Servers and SQL Managed Instances** | `Policy Definition Set`, **Built-in** | Enable Azure Defender on your SQL Servers and SQL Managed Instances to detect anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. | DeployIfNotExists |
| **Configure Advanced Threat Protection to be enabled on open-source relational databases** | **Configure Advanced Threat Protection to be enabled on open-source relational databases** | `Policy Definition Set`, **Built-in** | Enable Advanced Threat Protection on your non-Basic tier open-source relational databases to detect anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. See https://aka.ms/AzDforOpenSourceDBsDocu. | DeployIfNotExists |
| **Deploy Diagnostic Settings for Activity Log to Log Analytics workspace** | **Configure Azure Activity logs to stream to specified Log Analytics workspace** | `Policy Definition`, **Built-in** | Deploys the diagnostic settings for Azure Activity to stream subscriptions audit logs to a Log Analytics workspace to monitor subscription-level events | DeployIfNotExists |
Expand Down Expand Up @@ -229,7 +230,8 @@ This is the parent management group for all the landing zone child management gr
| **Policy Type** | **Count** |
| :--- | :---: |
| `Policy Definition Sets` | **13** |
| `Policy Definitions` | **15** |
| `Policy Definitions` | **20** |

</td></tr> </table>

The table below provides the specific **Custom** and **Built-in** **policy definitions** and **policy definitions sets** assigned at the **Landing Zones Management Group**.
Expand Down