Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators: <, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx: Learn more
"displayName": "FBI Criminal Justice Information Services (CJIS) v5.9.5",
3
"description": "Standards by the FBI to secure criminal justice information, covering data access, transmission, and storage.",
4
"metadata": {
5
- "version": "1.5.0",
6
"category": "Regulatory Compliance"
7
},
8
- "version": "1.5.0",
9
"parameters": {
10
"effect-81e74cea-30fd-40d5-802f-d72103c2aaaa": {
11
"type": "String",
12
"metadata": {
@@ -3511,17 +3511,18 @@
3511
},
3512
"effect-549814b6-3212-4203-bdc8-1548d342fb67": {
3513
"type": "String",
3514
"metadata": {
3515
- "displayName": "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
3516
- "description": "For more information about effects, visit https://aka.ms/policyeffects"
"displayName": "FBI Criminal Justice Information Services (CJIS) v5.9.5",
3
"description": "Standards by the FBI to secure criminal justice information, covering data access, transmission, and storage.",
4
"metadata": {
5
+ "version": "1.6.0",
6
"category": "Regulatory Compliance"
7
},
8
+ "version": "1.6.0",
9
"parameters": {
10
"effect-81e74cea-30fd-40d5-802f-d72103c2aaaa": {
11
"type": "String",
12
"metadata": {
3511
},
3512
"effect-549814b6-3212-4203-bdc8-1548d342fb67": {
3513
"type": "String",
3514
"metadata": {
3515
+ "displayName": "[Deprecated]: Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
3516
+ "description": "For more information about effects, visit https://aka.ms/policyeffects",
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
description: "The source k8s object for constraint evaluation. 'Original' means only evaluate against the specific GroupVersionKind specified in the policy definition. 'Generated' means only evaluate against k8s objects generated by Gatekeeper ExpansionTemplates. 'All' means evaluate against both the original object and any generated ones."
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
description: "List of Kubernetes namespaces to exclude from policy evaluation. System namespaces "kube-system", "gatekeeper-system" and "azure-arc" are always excluded by design. "azure-extensions-usage-system" is optional to remove."
description: "List of Kubernetes namespaces to only include in policy evaluation. An empty list means the policy is applied to all resources in all namespaces."
description: "The list of InitContainers and Containers to exclude from policy evaluation. The identify is the name of container. Use an empty list to apply this policy to all containers in all namespaces."
description: "The list of InitContainers and Containers to exclude from policy evaluation. The identifier is the image of container. Prefix-matching can be signified with `*`. For example: `myregistry.azurecr.io/istio:*`. It is recommended that users use the fully-qualified Docker image name (e.g. start with a domain name) in order to avoid unexpectedly exempting images from an untrusted repository.",
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Network security: LAN Manager authentication level",
description: "Specify which challenge-response authentication protocol is used for network logons. This choice affects the level of authentication protocol used by clients, the level of session security negotiated, and the level of authentication accepted by servers."
displayName: "Network security: Minimum session security for NTLM SSP based (including secure RPC) clients",
description: "Specifies which behaviors are allowed by clients for applications using the NTLM Security Support Provider (SSP). The SSP Interface (SSPI) is used by applications that need authentication services. See https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers for more information."
displayName: "Network security: Minimum session security for NTLM SSP based (including secure RPC) servers",
description: "Specifies which behaviors are allowed by servers for applications using the NTLM Security Support Provider (SSP). The SSP Interface (SSPI) is used by applications that need authentication services."
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
description: "The source k8s object for constraint evaluation. 'Original' means only evaluate against the specific GroupVersionKind specified in the policy definition. 'Generated' means only evaluate against k8s objects generated by Gatekeeper ExpansionTemplates. 'All' means evaluate against both the original object and any generated ones."
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
description: "List of Kubernetes namespaces to exclude from policy evaluation. System namespaces "kube-system", "gatekeeper-system" and "azure-arc" are always excluded by design. "azure-extensions-usage-system" is optional to remove."
description: "List of Kubernetes namespaces to only include in policy evaluation. An empty list means the policy is applied to all resources in all namespaces."
description: "The list of InitContainers and Containers to exclude from policy evaluation. The identify is the name of container. Use an empty list to apply this policy to all containers in all namespaces."
description: "The list of InitContainers and Containers to exclude from policy evaluation. The identifier is the image of container. Prefix-matching can be signified with `*`. For example: `myregistry.azurecr.io/istio:*`. It is recommended that users use the fully-qualified Docker image name (e.g. start with a domain name) in order to avoid unexpectedly exempting images from an untrusted repository.",
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
description: "The source k8s object for constraint evaluation. 'Original' means only evaluate against the specific GroupVersionKind specified in the policy definition. 'Generated' means only evaluate against k8s objects generated by Gatekeeper ExpansionTemplates. 'All' means evaluate against both the original object and any generated ones."
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
description: "The list of InitContainers and Containers to exclude from policy evaluation. The identifier is the image of container. Prefix-matching can be signified with `*`. For example: `myregistry.azurecr.io/istio:*`. It is recommended that users use the fully-qualified Docker image name (e.g. start with a domain name) in order to avoid unexpectedly exempting images from an untrusted repository.",
description: "List of Kubernetes namespaces to exclude from policy evaluation. System namespaces "kube-system", "gatekeeper-system" and "azure-arc" are always excluded by design. "azure-extensions-usage-system" is optional to remove."
description: "List of Kubernetes namespaces to only include in policy evaluation. An empty list means the policy is applied to all resources in all namespaces."
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects",
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Allow simultaneous connections to the Internet or a Windows Domain",
description: "Specify whether to prevent computers from connecting to both a domain based network and a non-domain based network at the same time. A value of 0 allows simultaneous connections, and a value of 1 blocks them."
displayName: "Turn off multicast name resolution",
description: "Specifies whether LLMNR, a secondary name resolution protocol that transmits using multicast over a local subnet link on a single subnet, is enabled."
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Would you like to restrict specific IP addresses?",
description: "Select (Yes) to allow or forbid a list of IP addresses. If (No), the list of IP addresses won't have any effect in the policy enforcement"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
description: "The Maximum password age setting determines the period of time (in days) that a password can be used before the system requires the user to change it.",
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects",
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects",
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Users or groups that may log on locally",
description: "Specifies which users or groups can interactively log on to the computer. Users who attempt to log on via Remote Desktop Connection or IIS also require this user right."
displayName: "Users and groups that may restore files and directories",
description: "Specifies which users and groups are permitted to bypass file, directory, registry, and other persistent object permissions when restoring backed up files and directories."
displayName: "Users and groups that may shut down the system",
description: "Specifies which users and groups who are logged on locally to the computers in your environment are permitted to shut down the operating system with the Shut Down command."
displayName: "Users or groups that may take ownership of files or other objects",
description: "Specifies which users and groups are permitted to take ownership of files, folders, registry keys, processes, or threads. This user right bypasses any permissions that are in place to protect objects to give ownership to the specified user."
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects",
displayName: "[Deprecated]: Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects",
description: "Resource Id of the virtual network. Example: /subscriptions/YourSubscriptionId/resourceGroups/YourResourceGroupName/providers/Microsoft.Network/virtualNetworks/Name",
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
description: "Specifies whether audit events are generated when changes are made to authentication policy. This setting is useful for tracking changes in domain-level and forest-level trust and privileges that are granted to user accounts or groups."
description: "Specifies whether audit events are generated for assignment and removal of user rights in user right policies, changes in security token object permission, resource attributes changes and Central Access Policy changes for file system objects."
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Windows Firewall (Domain): Use profile settings",
description: "Specifies whether Windows Firewall with Advanced Security uses the settings for the Domain profile to filter network traffic. If you select Off, Windows Firewall with Advanced Security will not use any of the firewall rules or connection security rules for this profile."
displayName: "Windows Firewall (Domain): Behavior for outbound connections",
description: "Specifies the behavior for outbound connections for the Domain profile that do not match an outbound firewall rule. The default value of 0 means to allow connections, and a value of 1 means to block connections."
displayName: "Windows Firewall (Domain): Apply local connection security rules",
description: "Specifies whether local administrators are allowed to create connection security rules that apply together with connection security rules configured by Group Policy for the Domain profile."
displayName: "Windows Firewall (Domain): Apply local firewall rules",
description: "Specifies whether local administrators are allowed to create local firewall rules that apply together with firewall rules configured by Group Policy for the Domain profile."
description: "Specifies whether Windows Firewall with Advanced Security displays notifications to the user when a program is blocked from receiving inbound connections, for the Domain profile."
displayName: "Windows Firewall (Private): Use profile settings",
description: "Specifies whether Windows Firewall with Advanced Security uses the settings for the Private profile to filter network traffic. If you select Off, Windows Firewall with Advanced Security will not use any of the firewall rules or connection security rules for this profile."
displayName: "Windows Firewall (Private): Behavior for outbound connections",
description: "Specifies the behavior for outbound connections for the Private profile that do not match an outbound firewall rule. The default value of 0 means to allow connections, and a value of 1 means to block connections."
displayName: "Windows Firewall (Private): Apply local connection security rules",
description: "Specifies whether local administrators are allowed to create connection security rules that apply together with connection security rules configured by Group Policy for the Private profile."
displayName: "Windows Firewall (Private): Apply local firewall rules",
description: "Specifies whether local administrators are allowed to create local firewall rules that apply together with firewall rules configured by Group Policy for the Private profile."
description: "Specifies whether Windows Firewall with Advanced Security displays notifications to the user when a program is blocked from receiving inbound connections, for the Private profile."
displayName: "Windows Firewall (Public): Use profile settings",
description: "Specifies whether Windows Firewall with Advanced Security uses the settings for the Public profile to filter network traffic. If you select Off, Windows Firewall with Advanced Security will not use any of the firewall rules or connection security rules for this profile."
displayName: "Windows Firewall (Public): Behavior for outbound connections",
description: "Specifies the behavior for outbound connections for the Public profile that do not match an outbound firewall rule. The default value of 0 means to allow connections, and a value of 1 means to block connections."
displayName: "Windows Firewall (Public): Apply local connection security rules",
description: "Specifies whether local administrators are allowed to create connection security rules that apply together with connection security rules configured by Group Policy for the Public profile."
displayName: "Windows Firewall (Public): Apply local firewall rules",
description: "Specifies whether local administrators are allowed to create local firewall rules that apply together with firewall rules configured by Group Policy for the Public profile."
description: "Specifies whether Windows Firewall with Advanced Security displays notifications to the user when a program is blocked from receiving inbound connections, for the Public profile."
description: "Specifies whether Windows Firewall with Advanced Security permits the local computer to receive unicast responses to its outgoing multicast or broadcast messages; for the Domain profile."
description: "Specifies whether Windows Firewall with Advanced Security permits the local computer to receive unicast responses to its outgoing multicast or broadcast messages; for the Private profile."
description: "Specifies whether Windows Firewall with Advanced Security permits the local computer to receive unicast responses to its outgoing multicast or broadcast messages; for the Public profile."
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
description: "A semicolon-separated list of the names of the applications that should be installed. e.g. 'Microsoft SQL Server 2014 (64-bit); Microsoft Visual Studio Code' or 'Microsoft SQL Server 2014*' (to match any application starting with 'Microsoft SQL Server 2014')",
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects",
description: "Resource Id of the virtual network gateway. Example: /subscriptions/YourSubscriptionId/resourceGroups/YourResourceGroup/providers/Microsoft.Network/virtualNetworkGateways/Name",
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
description: "The source k8s object for constraint evaluation. 'Original' means only evaluate against the specific GroupVersionKind specified in the policy definition. 'Generated' means only evaluate against k8s objects generated by Gatekeeper ExpansionTemplates. 'All' means evaluate against both the original object and any generated ones."
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
description: "List of Kubernetes namespaces to exclude from policy evaluation. System namespaces "kube-system", "gatekeeper-system" and "azure-arc" are always excluded by design. "azure-extensions-usage-system" is optional to remove."
description: "List of Kubernetes namespaces to only include in policy evaluation. An empty list means the policy is applied to all resources in all namespaces."
description: "The list of InitContainers and Containers to exclude from policy evaluation. The identifier is the image of container. Prefix-matching can be signified with `*`. For example: `myregistry.azurecr.io/istio:*`. It is recommended that users use the fully-qualified Docker image name (e.g. start with a domain name) in order to avoid unexpectedly exempting images from an untrusted repository.",
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
description: "Specifies limits on password reuse - how many times a new password must be created for a user account before the password can be repeated."
description: "Specifies the maximum number of days that may elapse before a user account password must be changed. The format of the value is two integers separated by a comma, denoting an inclusive range."
displayName: "Password must meet complexity requirements",
description: "Specifies whether a user account password must be complex. If required, a complex password must not contain part of user's account name or full name; be at least 6 characters long; contain a mix of uppercase, lowercase, number, and non-alphabetic characters."
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects",
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
description: "A semicolon-separated list of certificate thumbprints that should exist under the Trusted Root certificate store (Cert:\LocalMachine\Root). e.g. THUMBPRINT1;THUMBPRINT2;THUMBPRINT3",
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
description: "List of Kubernetes namespaces to exclude from policy evaluation. System namespaces "kube-system", "gatekeeper-system" and "azure-arc" are always excluded by design. "azure-extensions-usage-system" is optional to remove."
description: "List of Kubernetes namespaces to only include in policy evaluation. An empty list means the policy is applied to all resources in all namespaces."
description: "The list of InitContainers and Containers to exclude from policy evaluation. The identify is the name of container. Use an empty list to apply this policy to all containers in all namespaces."
description: "The list of InitContainers and Containers to exclude from policy evaluation. The identifier is the image of container. Prefix-matching can be signified with `*`. For example: `myregistry.azurecr.io/istio:*`. It is recommended that users use the fully-qualified Docker image name (e.g. start with a domain name) in order to avoid unexpectedly exempting images from an untrusted repository.",
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
description: "The resource ID of the virtual network subnet that should have a rule enabled. Example: /subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Default/providers/Microsoft.Network/virtualNetworks/testvnet/subnets/testsubnet",
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects",
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects",
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects",
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
description: "Specifies which registry paths will be accessible over the network, regardless of the users or groups listed in the access control list (ACL) of the `winreg` registry key."
displayName: "Network access: Remotely accessible registry paths and sub-paths",
description: "Specifies which registry paths and sub-paths will be accessible over the network, regardless of the users or groups listed in the access control list (ACL) of the `winreg` registry key."
displayName: "Network access: Shares that can be accessed anonymously",
description: "Specifies which network shares can be accessed by anonymous users. The default configuration for this policy setting has little effect because all users have to be authenticated before they can access shared resources on the server."
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
description: "The source k8s object for constraint evaluation. 'Original' means only evaluate against the specific GroupVersionKind specified in the policy definition. 'Generated' means only evaluate against k8s objects generated by Gatekeeper ExpansionTemplates. 'All' means evaluate against both the original object and any generated ones."
displayName: "Effect for policy: An activity log alert should exist for specific Administrative operations (Microsoft.ClassicNetwork/networkSecurityGroups/securityRules/write)",
description: "For more information about effects, visit https://aka.ms/policyeffects"
description: "List of Kubernetes namespaces to exclude from policy evaluation. System namespaces "kube-system", "gatekeeper-system" and "azure-arc" are always excluded by design. "azure-extensions-usage-system" is optional to remove."
description: "List of Kubernetes namespaces to only include in policy evaluation. An empty list means the policy is applied to all resources in all namespaces."