diff --git a/docs/reference/adventureworks/armTemplates/auxiliary/policies.json b/docs/reference/adventureworks/armTemplates/auxiliary/policies.json index 0699a35c29..1fc396dfa9 100644 --- a/docs/reference/adventureworks/armTemplates/auxiliary/policies.json +++ b/docs/reference/adventureworks/armTemplates/auxiliary/policies.json @@ -20173,7 +20173,7 @@ "Disabled" ], "metadata": { - "displayName": "Cognitive Services accounts should enable data encryption with a customer-managed key (CMK)", + "displayName": "Cognitive Services accounts should enable data encryption with a customer-managed key (CMK)", "description": "Customer-managed keys (CMK) are commonly required to meet regulatory compliance standards. CMKs enable the data stored in Cognitive Services to be encrypted with an Azure Key Vault key created and owned by you. You have full control and responsibility for the key lifecycle, including rotation and management. Learn more about CMK encryption at https://aka.ms/cosmosdb-cmk." } }, diff --git a/docs/reference/contoso/armTemplates/auxiliary/policies.json b/docs/reference/contoso/armTemplates/auxiliary/policies.json index 0699a35c29..1fc396dfa9 100644 --- a/docs/reference/contoso/armTemplates/auxiliary/policies.json +++ b/docs/reference/contoso/armTemplates/auxiliary/policies.json @@ -20173,7 +20173,7 @@ "Disabled" ], "metadata": { - "displayName": "Cognitive Services accounts should enable data encryption with a customer-managed key (CMK)", + "displayName": "Cognitive Services accounts should enable data encryption with a customer-managed key (CMK)", "description": "Customer-managed keys (CMK) are commonly required to meet regulatory compliance standards. CMKs enable the data stored in Cognitive Services to be encrypted with an Azure Key Vault key created and owned by you. You have full control and responsibility for the key lifecycle, including rotation and management. Learn more about CMK encryption at https://aka.ms/cosmosdb-cmk." } }, diff --git a/docs/reference/treyresearch/armTemplates/auxiliary/policies.json b/docs/reference/treyresearch/armTemplates/auxiliary/policies.json index 0699a35c29..1fc396dfa9 100644 --- a/docs/reference/treyresearch/armTemplates/auxiliary/policies.json +++ b/docs/reference/treyresearch/armTemplates/auxiliary/policies.json @@ -20173,7 +20173,7 @@ "Disabled" ], "metadata": { - "displayName": "Cognitive Services accounts should enable data encryption with a customer-managed key (CMK)", + "displayName": "Cognitive Services accounts should enable data encryption with a customer-managed key (CMK)", "description": "Customer-managed keys (CMK) are commonly required to meet regulatory compliance standards. CMKs enable the data stored in Cognitive Services to be encrypted with an Azure Key Vault key created and owned by you. You have full control and responsibility for the key lifecycle, including rotation and management. Learn more about CMK encryption at https://aka.ms/cosmosdb-cmk." } }, diff --git a/docs/reference/wingtip/armTemplates/auxiliary/policies.json b/docs/reference/wingtip/armTemplates/auxiliary/policies.json index 0699a35c29..1fc396dfa9 100644 --- a/docs/reference/wingtip/armTemplates/auxiliary/policies.json +++ b/docs/reference/wingtip/armTemplates/auxiliary/policies.json @@ -20173,7 +20173,7 @@ "Disabled" ], "metadata": { - "displayName": "Cognitive Services accounts should enable data encryption with a customer-managed key (CMK)", + "displayName": "Cognitive Services accounts should enable data encryption with a customer-managed key (CMK)", "description": "Customer-managed keys (CMK) are commonly required to meet regulatory compliance standards. CMKs enable the data stored in Cognitive Services to be encrypted with an Azure Key Vault key created and owned by you. You have full control and responsibility for the key lifecycle, including rotation and management. Learn more about CMK encryption at https://aka.ms/cosmosdb-cmk." } }, diff --git a/eslzArm/eslzArm.json b/eslzArm/eslzArm.json index 8a9afcc136..4af83ed666 100644 --- a/eslzArm/eslzArm.json +++ b/eslzArm/eslzArm.json @@ -581,7 +581,7 @@ "managementManagementGroup": "[tenantResourceId('Microsoft.Management/managementGroups/', variables('mgmtGroups').management)]", "connectivityManagementGroup": "[tenantResourceId('Microsoft.Management/managementGroups/', variables('mgmtGroups').connectivity)]", "identityManagementGroup": "[tenantResourceId('Microsoft.Management/managementGroups/', variables('mgmtGroups').identity)]", - "lzsManaegmentGroup": "[tenantResourceId('Microsoft.Management/managementGroups/', variables('mgmtGroups').lzs)]", + "lzsManagementGroup": "[tenantResourceId('Microsoft.Management/managementGroups/', variables('mgmtGroups').lzs)]", "corpManagementGroup": "[tenantResourceId('Microsoft.Management/managementGroups/', variables('mgmtGroups').corp)]", "onlineManagementGroup": "[tenantResourceId('Microsoft.Management/managementGroups/', variables('mgmtGroups').online)]" }, @@ -607,8 +607,7 @@ "ascConfigPolicyInitiative": "[uri(deployment().properties.templateLink.uri, 'managementGroupTemplates/policyAssignments/DINE-ASCConfigPolicyAssignment.json')]", "azVmMonitorPolicyAssignment": "[uri(deployment().properties.templateLink.uri, 'managementGroupTemplates/policyAssignments/DINE-VMMonitoringPolicyAssignment.json')]", "azVmssMonitorPolicyAssignment": "[uri(deployment().properties.templateLink.uri, 'managementGroupTemplates/policyAssignments/DINE-VMSSMonitoringPolicyAssignment.json')]", - "azBackupLzPolicyAssignment": "[uri(deployment().properties.templateLink.uri, 'managementGroupTemplates/policyAssignments/DINE-VMBackupPolicyAssignment.json')]", - "azBackupIdentityPolicyAssignment": "[uri(deployment().properties.templateLink.uri, 'managementGroupTemplates/policyAssignments/DINE-VMBackupPolicyAssignment.json')]", + "azVmBackupPolicyAssignment": "[uri(deployment().properties.templateLink.uri, 'managementGroupTemplates/policyAssignments/DINE-VMBackupPolicyAssignment.json')]", "azPolicyForAksPolicyAssignment": "[uri(deployment().properties.templateLink.uri, 'managementGroupTemplates/policyAssignments/DINE-AksPolicyPolicyAssignment.json')]", "aksPrivEscalationPolicyAssignment": "[uri(deployment().properties.templateLink.uri, 'managementGroupTemplates/policyAssignments/DENY-AksPrivEscalationPolicyAssignment.json')]", "aksPrivilegedPolicyAssignment": "[uri(deployment().properties.templateLink.uri, 'managementGroupTemplates/policyAssignments/DENY-AksPrivilegedPolicyAssignment.json')]", @@ -624,7 +623,7 @@ "storageHttpsPolicyAssignment": "[uri(deployment().properties.templateLink.uri, 'managementGroupTemplates/policyAssignments/DENY-StorageWithoutHttpsPolicyAssignment.json')]", "subnetNsgPolicyAssignment": "[uri(deployment().properties.templateLink.uri, 'managementGroupTemplates/policyAssignments/DENY-SubnetWithoutNsgPolicyAssignment.json')]", "sqlAuditPolicyAssignment": "[uri(deployment().properties.templateLink.uri, 'managementGroupTemplates/policyAssignments/DINE-SQLAuditingPolicyAssignment.json')]", - "sqlEncryptionPolicyAssignment": "[uri(deployment().properties.templateLink.uri, 'managementGroupTemplates/policyAssignments/DINE-SQLAuditingPolicyAssignment.json')]", + "sqlEncryptionPolicyAssignment": "[uri(deployment().properties.templateLink.uri, 'managementGroupTemplates/policyAssignments/DINE-SQLEncryptionPolicyAssignment.json')]", "ddosPolicyAssignment": "[uri(deployment().properties.templateLink.uri, 'managementGroupTemplates/policyAssignments/MODIFY-DDoSPolicyAssignment.json')]", "corpVnetPeering": "[uri(deployment().properties.templateLink.uri, 'subscriptionTemplates/vnetPeering.json')]", "corpVwanPeering": "[uri(deployment().properties.templateLink.uri, 'subscriptionTemplates/vnetPeeringVwan.json')]", @@ -1919,7 +1918,7 @@ "type": "Microsoft.Resources/deployments", "apiVersion": "2020-10-01", "name": "[variables('deploymentNames').azBackupLzPolicyDeploymentName]", - "scope": "[variables('scopes').lzsManaegmentGroup]", + "scope": "[variables('scopes').lzsManagementGroup]", "location": "[deployment().location]", "dependsOn": [ "[resourceId('Microsoft.Resources/deployments', variables('deploymentNames').policyDeploymentName)]" @@ -1928,7 +1927,7 @@ "mode": "Incremental", "templateLink": { "contentVersion": "1.0.0.0", - "uri": "[variables('deploymentUris').azBackupLzPolicyAssignment]" + "uri": "[variables('deploymentUris').azVmBackupPolicyAssignment]" }, "parameters": { "topLevelManagementGroupPrefix": { @@ -1946,7 +1945,7 @@ "type": "Microsoft.Resources/deployments", "apiVersion": "2020-10-01", "name": "[variables('deploymentNames').ddosLzPolicyDeploymentName]", - "scope": "[variables('scopes').lzsManaegmentGroup]", + "scope": "[variables('scopes').lzsManagementGroup]", "location": "[deployment().location]", "dependsOn": [ "[resourceId('Microsoft.Resources/deployments', variables('deploymentNames').ddosDeploymentName)]" @@ -1976,7 +1975,7 @@ "type": "Microsoft.Resources/deployments", "apiVersion": "2020-10-01", "name": "[variables('deploymentNames').azPolicyForAksPolicyDeploymentName]", - "scope": "[variables('scopes').lzsManaegmentGroup]", + "scope": "[variables('scopes').lzsManagementGroup]", "location": "[deployment().location]", "dependsOn": [ "[resourceId('Microsoft.Resources/deployments', variables('deploymentNames').policyDeploymentName)]" @@ -2003,7 +2002,7 @@ "type": "Microsoft.Resources/deployments", "apiVersion": "2020-10-01", "name": "[variables('deploymentNames').aksPrivEscalationPolicyDeploymentName]", - "scope": "[variables('scopes').lzsManaegmentGroup]", + "scope": "[variables('scopes').lzsManagementGroup]", "location": "[deployment().location]", "dependsOn": [ "[resourceId('Microsoft.Resources/deployments', variables('deploymentNames').policyDeploymentName)]" @@ -2027,7 +2026,7 @@ "type": "Microsoft.Resources/deployments", "apiVersion": "2020-10-01", "name": "[variables('deploymentNames').aksPrivilegedPolicyDeploymentName]", - "scope": "[variables('scopes').lzsManaegmentGroup]", + "scope": "[variables('scopes').lzsManagementGroup]", "location": "[deployment().location]", "dependsOn": [ "[resourceId('Microsoft.Resources/deployments', variables('deploymentNames').policyDeploymentName)]" @@ -2051,7 +2050,7 @@ "type": "Microsoft.Resources/deployments", "apiVersion": "2020-10-01", "name": "[variables('deploymentNames').aksHttpsPolicyDeploymentName]", - "scope": "[variables('scopes').lzsManaegmentGroup]", + "scope": "[variables('scopes').lzsManagementGroup]", "location": "[deployment().location]", "dependsOn": [ "[resourceId('Microsoft.Resources/deployments', variables('deploymentNames').policyDeploymentName)]" @@ -2075,7 +2074,7 @@ "type": "Microsoft.Resources/deployments", "apiVersion": "2020-10-01", "name": "[variables('deploymentNames').tlsSslPolicyDeploymentName]", - "scope": "[variables('scopes').lzsManaegmentGroup]", + "scope": "[variables('scopes').lzsManagementGroup]", "location": "[deployment().location]", "dependsOn": [ "[resourceId('Microsoft.Resources/deployments', variables('deploymentNames').policyDeploymentName)]", @@ -2103,7 +2102,7 @@ "type": "Microsoft.Resources/deployments", "apiVersion": "2020-10-01", "name": "[variables('deploymentNames').ipFwPolicyDeploymentName]", - "scope": "[variables('scopes').lzsManaegmentGroup]", + "scope": "[variables('scopes').lzsManagementGroup]", "location": "[deployment().location]", "dependsOn": [ "[resourceId('Microsoft.Resources/deployments', variables('deploymentNames').policyDeploymentName)]", @@ -2156,7 +2155,7 @@ "type": "Microsoft.Resources/deployments", "apiVersion": "2020-10-01", "name": "[variables('deploymentNames').rdpFromInternetPolicyDeploymentName]", - "scope": "[variables('scopes').lzsManaegmentGroup]", + "scope": "[variables('scopes').lzsManagementGroup]", "location": "[deployment().location]", "dependsOn": [ "[resourceId('Microsoft.Resources/deployments', variables('deploymentNames').policyDeploymentName)]", @@ -2184,7 +2183,7 @@ "type": "Microsoft.Resources/deployments", "apiVersion": "2020-10-01", "name": "[variables('deploymentNames').storageHttpsPolicyDeploymentName]", - "scope": "[variables('scopes').lzsManaegmentGroup]", + "scope": "[variables('scopes').lzsManagementGroup]", "location": "[deployment().location]", "dependsOn": [ "[resourceId('Microsoft.Resources/deployments', variables('deploymentNames').policyDeploymentName)]", @@ -2209,7 +2208,7 @@ "type": "Microsoft.Resources/deployments", "apiVersion": "2020-10-01", "name": "[variables('deploymentNames').subnetNsgPolicyDeploymentName]", - "scope": "[variables('scopes').lzsManaegmentGroup]", + "scope": "[variables('scopes').lzsManagementGroup]", "location": "[deployment().location]", "dependsOn": [ "[resourceId('Microsoft.Resources/deployments', variables('deploymentNames').policyDeploymentName)]", @@ -2237,7 +2236,7 @@ "type": "Microsoft.Resources/deployments", "apiVersion": "2020-10-01", "name": "[variables('deploymentNames').sqlAuditPolicyDeploymentName]", - "scope": "[variables('scopes').lzsManaegmentGroup]", + "scope": "[variables('scopes').lzsManagementGroup]", "location": "[deployment().location]", "dependsOn": [ "[resourceId('Microsoft.Resources/deployments', variables('deploymentNames').policyDeploymentName)]" @@ -2264,7 +2263,7 @@ "type": "Microsoft.Resources/deployments", "apiVersion": "2020-10-01", "name": "[variables('deploymentNames').sqlEncryptionPolicyDeploymentName]", - "scope": "[variables('scopes').lzsManaegmentGroup]", + "scope": "[variables('scopes').lzsManagementGroup]", "location": "[deployment().location]", "dependsOn": [ "[resourceId('Microsoft.Resources/deployments', variables('deploymentNames').policyDeploymentName)]" @@ -2303,7 +2302,7 @@ "mode": "Incremental", "templateLink": { "contentVersion": "1.0.0.0", - "uri": "[variables('deploymentUris').azBackupLzPolicyAssignment]" + "uri": "[variables('deploymentUris').azVmBackupPolicyAssignment]" }, "parameters": { "topLevelManagementGroupPrefix": { @@ -3320,7 +3319,7 @@ "mode": "Incremental", "templateLink": { "contentVersion": "1.0.0.0", - "uri": "[variables('deploymentUris').azBackupLzPolicyAssignment]" + "uri": "[variables('deploymentUris').azVmBackupPolicyAssignment]" }, "parameters": { "topLevelManagementGroupPrefix": { diff --git a/eslzArm/managementGroupTemplates/policyAssignments/DENY-SubnetWithoutNsgPolicyAssignment.json b/eslzArm/managementGroupTemplates/policyAssignments/DENY-SubnetWithoutNsgPolicyAssignment.json index 62386bb0cc..f507d57fdf 100644 --- a/eslzArm/managementGroupTemplates/policyAssignments/DENY-SubnetWithoutNsgPolicyAssignment.json +++ b/eslzArm/managementGroupTemplates/policyAssignments/DENY-SubnetWithoutNsgPolicyAssignment.json @@ -23,7 +23,7 @@ }, "policyAssignmentNames": { "denySubnetWithoutNsg": "Deny-Subnet-Without-Nsg", - "description": "This policy denies the creation of a subsnet with out an Network Security Group. NSG help to protect traffic across subnet-level.", + "description": "This policy denies the creation of a subnet without a Network Security Group to protect traffic across subnets.", "displayName": "Subnets should have a Network Security Group" } }, diff --git a/eslzArm/managementGroupTemplates/policyDefinitions/policies.json b/eslzArm/managementGroupTemplates/policyDefinitions/policies.json index b465ac7e05..ae57164bc4 100644 --- a/eslzArm/managementGroupTemplates/policyDefinitions/policies.json +++ b/eslzArm/managementGroupTemplates/policyDefinitions/policies.json @@ -16281,7 +16281,7 @@ "Disabled" ], "metadata": { - "displayName": "Cognitive Services accounts should enable data encryption with a customer-managed key (CMK)", + "displayName": "Cognitive Services accounts should enable data encryption with a customer-managed key (CMK)", "description": "Customer-managed keys (CMK) are commonly required to meet regulatory compliance standards. CMKs enable the data stored in Cognitive Services to be encrypted with an Azure Key Vault key created and owned by you. You have full control and responsibility for the key lifecycle, including rotation and management. Learn more about CMK encryption at https://aka.ms/cosmosdb-cmk." } },