This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls.
Unknown, no evidence if PolicySet definition is/not available in AzureUSGovernment
Type
BuiltIn
Deprecated
False
Preview
False
Policy-used summary
Policy types
Policy states
Policy categories
Total Policies: 234
Builtin Policies: 234
Static Policies: 0
GA: 221 Preview: 13
45 categories:
API for FHIR: 2 API Management: 1 App Configuration: 1 App Service: 22 Automation: 2 Azure Ai Services: 2 Azure Data Explorer: 3 Azure Databricks: 5 Azure Edge Hardware Center: 1 Backup: 2 Batch: 3 Bot Service: 1 Cache: 2 CDN: 2 Cognitive Services: 1 Compute: 7 Container Instance: 1 Container Registry: 3 Cosmos DB: 4 Data Box: 2 Data Factory: 2 Data Lake: 2 Event Grid: 2 Event Hub: 3 General: 3 Guest Configuration: 5 HDInsight: 3 Internet of Things: 3 Key Vault: 5 Kubernetes: 21 Logic Apps: 2 Machine Learning: 7 Monitoring: 12 Network: 4 Search: 3 Security Center: 39 Service Bus: 3 Service Fabric: 2 SignalR: 1 SQL: 26 Storage: 12 Stream Analytics: 2 Synapse: 3 VM Image Builder: 1 Web PubSub: 1
Policy-used
Rows: 1-10 / 234
Records:
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators: <, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx: Learn more
"description": "This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls.",
4
"metadata": {
5
- "version": "1.12.0",
6
"category": "Regulatory Compliance"
7
},
8
- "version": "1.12.0",
9
"parameters": {
10
"listOfAllowedLocations": {
11
"type": "Array",
12
"metadata": {
@@ -1557,16 +1557,17 @@
1557
},
1558
"effect-0fda3595-9f2b-4592-8675-4231d6fa82fe": {
1559
"type": "String",
1560
"metadata": {
1561
- "displayName": "Effect for policy: Azure Cognitive Search services should use private link",
1562
"description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
1563
},
1564
"allowedValues": [
1565
"Audit",
1566
"Disabled"
1567
],
1568
- "defaultValue": "Audit"
1569
},
1570
"effect-1b8ca024-1d5c-4dec-8995-b1a932b41780": {
1571
"type": "String",
1572
"metadata": {
@@ -1906,16 +1907,17 @@
1906
},
1907
"effect-cddd188c-4b82-4c48-a19d-ddf74ee66a01": {
1908
"type": "String",
1909
"metadata": {
1910
- "displayName": "Effect for policy: Cognitive Services should use private link",
1911
"description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
"description": "This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls.",
4
"metadata": {
5
+ "version": "1.13.0",
6
"category": "Regulatory Compliance"
7
},
8
+ "version": "1.13.0",
9
"parameters": {
10
"listOfAllowedLocations": {
11
"type": "Array",
12
"metadata": {
1557
},
1558
"effect-0fda3595-9f2b-4592-8675-4231d6fa82fe": {
1559
"type": "String",
1560
"metadata": {
1561
+ "deprecated": true,
1562
+ "displayName": "[Deprecated]: Effect for policy: Azure Cognitive Search services should use private link",
1563
"description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
1564
},
1565
"allowedValues": [
1566
"Audit",
1567
"Disabled"
1568
],
1569
+ "defaultValue": "Disabled"
1570
},
1571
"effect-1b8ca024-1d5c-4dec-8995-b1a932b41780": {
1572
"type": "String",
1573
"metadata": {
1907
},
1908
"effect-cddd188c-4b82-4c48-a19d-ddf74ee66a01": {
1909
"type": "String",
1910
"metadata": {
1911
+ "deprecated": true,
1912
+ "displayName": "[Deprecated]: Effect for policy: Cognitive Services should use private link",
1913
"description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
description: "This initiative includes policies that address the Dutch Baseline Informatiebeveiliging (BIO) controls specifically for the 'thema-uitwerking Clouddiensten' and include policies covered under the SOC2 and ISO 27001:2013 controls.",
displayName: "Include Arc connected servers for Guest Configuration policies",
description: "Optionally choose to audit settings inside Arc connected servers using Guest Configuration policies. By selecting this option, you agree to be charged monthly per Arc connected machine."
displayName: "Status if Windows Defender is not available on machine",
description: "Windows Defender Exploit Guard is only available starting with Windows 10/Windows Server with update 1709. Setting this value to 'Non-Compliant' shows machines with older versions on which Windows Defender Exploit Guard is not available (such as Windows Server 2012 R2) as non-compliant. Setting this value to 'Compliant' shows these machines as compliant."
displayName: "Effect for policy: SQL databases should have vulnerability findings resolved",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Audit Windows machines that do not store passwords using reversible encryption",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Function App should only be accessible over HTTPS",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Web Application should only be accessible over HTTPS",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: Virtual machines should encrypt temp disks, caches, and data flows between Compute and Storage resources",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects",
displayName: "Effect for policy: Automation account variables should be encrypted",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Only secure connections to your Azure Cache for Redis should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Secure transfer to storage accounts should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Service Fabric clusters should have the ClusterProtectionLevel property set to EncryptAndSign",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Transparent Data Encryption on SQL databases should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: All network ports should be restricted on network security groups associated to your virtual machine",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Storage accounts should restrict network access",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: A maximum of 3 owners should be designated for your subscription",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: There should be more than one owner assigned to your subscription",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Audit Linux machines that have accounts without passwords",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Audit Linux machines that allow remote connections from accounts without passwords",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Storage accounts should be migrated to new Azure Resource Manager resources",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Virtual machines should be migrated to new Azure Resource Manager resources",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Dependency agent should be enabled for listed virtual machine images",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Dependency agent should be enabled in virtual machine scale sets for listed virtual machine images",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: [Preview]: Log Analytics Extension should be enabled for listed virtual machine images",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects",
displayName: "[Deprecated]: Effect for policy: Log Analytics extension should be enabled in virtual machine scale sets for listed virtual machine images",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects",
displayName: "Effect for policy: Auditing on SQL server should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: Monitor missing Endpoint Protection in Azure Security Center",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects",
displayName: "[Deprecated]: Effect for policy: System updates should be installed on your machines",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects",
displayName: "[Deprecated]: Effect for policy: Vulnerabilities in security configuration on your machines should be remediated",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects",
displayName: "Effect for policy: A vulnerability assessment solution should be enabled on your virtual machines",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Edge Hardware Center devices should have double encryption support enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Batch pools should have disk encryption enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure HDInsight clusters should use encryption at host to encrypt data at rest",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Infrastructure encryption should be enabled for Azure Database for PostgreSQL servers",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Infrastructure encryption should be enabled for Azure Database for MySQL servers",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Virtual machines and virtual machine scale sets should have encryption at host enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure HDInsight clusters should use encryption in transit to encrypt communication between Azure HDInsight cluster nodes",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Double encryption should be enabled on Azure Data Explorer",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Data Box jobs should enable double encryption for data at rest on the device",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Monitor Logs clusters should be created with infrastructure-encryption enabled (double encryption)",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Storage accounts should have infrastructure encryption",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Disk encryption should be enabled on Azure Data Explorer",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Temp disks and cache for agent node pools in Azure Kubernetes Service clusters should be encrypted at host",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: App Service Environment should enable internal encryption",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Service Fabric clusters should only use Azure Active Directory for client authentication",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Cognitive Services accounts should have local authentication methods disabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: An Azure Active Directory administrator should be provisioned for SQL servers",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Audit usage of custom RBAC rules",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Managed identity should be used in your Function App",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Managed identity should be used in your Web App",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Windows Defender Exploit Guard should be enabled on your machines",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Defender for servers should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: Endpoint protection solution should be installed on virtual machine scale sets",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects",
displayName: "Effect for policy: Azure Web Application Firewall should be enabled for Azure Front Door entry-points",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure DDoS Protection should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: IP Forwarding on your virtual machine should be disabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Backup should be enabled for Virtual Machines",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Vulnerability assessment should be enabled on your Synapse workspaces",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Key vaults should have purge protection enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Key vaults should have soft delete enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Kubernetes clusters should be accessible only over HTTPS",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
description: "List of Kubernetes namespaces to exclude from policy evaluation. System namespaces "kube-system", "gatekeeper-system" and "azure-arc" are always excluded by design. "azure-extensions-usage-system" is optional to remove."
description: "List of Kubernetes namespaces to only include in policy evaluation. An empty list means the policy is applied to all resources in all namespaces."
description: "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all resources.",
description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty.",
displayName: "Effect for policy: FTPS only should be required in your Function App",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: FTPS should be required in your Web App",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Windows web machines should be configured to use secure communication protocols",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Enforce SSL connection should be enabled for PostgreSQL database servers",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Enforce SSL connection should be enabled for MySQL database servers",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Latest TLS version should be used in your Web App",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Latest TLS version should be used in your Function App",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure API for FHIR should use a customer-managed key to encrypt data at rest",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: SQL servers should use customer-managed keys to encrypt data at rest",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Container Instance container group should use customer-managed key for encryption",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: PostgreSQL servers should use customer-managed keys to encrypt data at rest",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Monitor Logs clusters should be encrypted with customer-managed key",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Cosmos DB accounts should use customer-managed keys to encrypt data at rest",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Logic Apps Integration Service Environment should be encrypted with customer-managed keys",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Service Bus Premium namespaces should use a customer-managed key for encryption",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: [Preview]: Azure Recovery Services vaults should use customer-managed keys for encrypting backup data",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: [Preview]: IoT Hub device provisioning service data should be encrypted using customer-managed keys (CMK)",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure data factories should be encrypted with a customer-managed key",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Bot Service should be encrypted with a customer-managed key",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Automation accounts should use customer-managed keys to encrypt data at rest",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Container registries should be encrypted with a customer-managed key",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure HDInsight clusters should use customer-managed keys to encrypt data at rest",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Cognitive Services accounts should enable data encryption with a customer-managed key",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
description: "The list of excluded API kinds for customer-managed key, default is the list of API kinds that don't have data stored in Cognitive Services"
displayName: "Effect for policy: Storage accounts should use customer-managed key for encryption",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: OS and data disks should be encrypted with a customer-managed key",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Both operating systems and data disks in Azure Kubernetes Service clusters should be encrypted by customer-managed keys",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Data Explorer encryption at rest should use a customer-managed key",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: MySQL servers should use customer-managed keys to encrypt data at rest",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Data Box jobs should use a customer-managed key to encrypt the device unlock password",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Stream Analytics jobs should use customer-managed keys to encrypt data",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: HPC Cache accounts should use customer-managed key for encryption",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Batch account should use customer-managed keys to encrypt data",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Event Hub namespaces should use a customer-managed key for encryption",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: SQL managed instances should use customer-managed keys to encrypt data at rest",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Storage account encryption scopes should use customer-managed keys to encrypt data at rest",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Machine Learning workspaces should be encrypted with a customer-managed key",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Managed disks should be double encrypted with both platform-managed and customer-managed keys",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Synapse workspaces should use customer-managed keys to encrypt data at rest",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Saved-queries in Azure Monitor should be saved in customer storage account for logs encryption",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Cognitive Services accounts should restrict network access",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: Cognitive Services accounts should disable public network access",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects",
displayName: "Effect for policy: Authorized IP ranges should be defined on Kubernetes Services",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: Azure Cognitive Search services should use private link",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Public network access on Azure SQL Database should be disabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Service Bus namespaces should use private link",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure File Sync should use private link",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure API for FHIR should use private link",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: VM Image Builder templates should use private link",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Management ports should be closed on your virtual machines",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Storage accounts should restrict network access using virtual network rules",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Event Grid topics should use private link",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: [Preview]: Storage account public access should be disallowed",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Key Vault should disable public network access",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Would you like to restrict specific IP addresses?",
description: "Select (Yes) to allow or forbid a list of IP addresses. If (No), the list of IP addresses won't have any effect in the policy enforcement"
displayName: "Effect for policy: Web Application Firewall (WAF) should be enabled for Application Gateway",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: CosmosDB accounts should use private link",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Storage accounts should use private link",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Synapse workspaces should use private link",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Private endpoint connections on Azure SQL Database should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Cache for Redis should use private link",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Cosmos DB accounts should have firewall rules",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Data Factory should use private link",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Event Grid domains should use private link",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Cognitive Search service should use a SKU that supports private link",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Management ports of virtual machines should be protected with just-in-time network access control",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Public network access should be disabled for PostgreSQL servers",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Event Hub namespaces should use private link",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Non-internet-facing virtual machines should be protected with network security groups",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: App Configuration should use private link",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: Cognitive Services should use private link",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Container registries should not allow unrestricted network access",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Public network access should be disabled for MySQL servers",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: IoT Hub device provisioning service instances should use private link",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Subnets should be associated with a Network Security Group",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Container registries should use private link",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Cognitive Search services should disable public network access",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: API Management services should use a virtual network",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Disk access resources should use private link",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Internet-facing virtual machines should be protected with network security groups",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Public network access should be disabled for MariaDB servers",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Vulnerability assessment should be enabled on your SQL servers",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Vulnerability assessment should be enabled on SQL Managed Instance",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: Running container images should have vulnerability findings resolved",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects",
displayName: "[Deprecated]: Effect for policy: Container registry images should have vulnerability findings resolved",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects",
displayName: "Effect for policy: Azure Defender for Key Vault should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Microsoft Defender for Containers should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Defender for App Service should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: Azure Defender for Storage should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects",
displayName: "Effect for policy: Microsoft Defender for Storage should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Defender for SQL servers on machines should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: Azure Defender for DNS should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects",
displayName: "Effect for policy: Azure Defender for Resource Manager should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: [Preview]: Azure Arc enabled Kubernetes clusters should have Azure Defender's extension installed",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Defender for SQL should be enabled for unprotected Azure SQL servers",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Azure Defender for SQL should be enabled for unprotected SQL Managed Instances",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: Vulnerabilities in security configuration on your virtual machine scale sets should be remediated",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects",
displayName: "Effect for policy: Azure Defender for Azure SQL Database servers should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: System updates on virtual machine scale sets should be installed",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects",
displayName: "Effect for policy: Ensure that 'HTTP Version' is the latest, if used to run the Function app",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Kubernetes Services should be upgraded to a non-vulnerable Kubernetes version",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: [Preview]: Network traffic data collection agent should be installed on Linux virtual machines",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Resource logs in Azure Data Lake Store should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy:Kubernetes cluster containers should only use allowed images",
description: "'Audit' allows a non-compliant resource to be created, but flags it as non-compliant. 'Deny' blocks the resource creation. 'Disable' turns off the policy.",
displayName: "Allowed registry or registries regex",
description: "The RegEx rule used to match allowed container image field in a Kubernetes cluster. For example, to allow any Azure Container Registry image by matching partial path: ^[^\/]+\.azurecr\.io\/.+$ and for multiple registries: ^([^\/]+\.azurecr\.io|registry\.io)\/.+$"
description: "The list of InitContainers and Containers to exclude from policy evaluation. The identify is the name of container. Use an empty list to apply this policy to all containers in all namespaces."
displayName: "Effect for policy:Kubernetes cluster should not allow privileged containers",
description: "'Audit' allows a non-compliant resource to be created, but flags it as non-compliant. 'Deny' blocks the resource creation. 'Disable' turns off the policy."
description: "The list of InitContainers and Containers to exclude from policy evaluation. The identifier is the image of container. Prefix-matching can be signified with `*`. For example: `myregistry.azurecr.io/istio:*`. It is recommended that users use the fully-qualified Docker image name (e.g. start with a domain name) in order to avoid unexpectedly exempting images from an untrusted repository.",
displayName: "Effect for policy:Kubernetes cluster services should listen only on allowed ports",
description: "'Audit' allows a non-compliant resource to be created, but flags it as non-compliant. 'Deny' blocks the resource creation. 'Disable' turns off the policy."
displayName: "Effect for policy:Kubernetes cluster containers CPU and memory resource limits should not exceed the specified limits",
description: "'Audit' allows a non-compliant resource to be created, but flags it as non-compliant. 'Deny' blocks the resource creation. 'Disable' turns off the policy."
displayName: "Effect for policy:Kubernetes cluster pods and containers should only run with approved user and group IDs",
description: "'Audit' allows a non-compliant resource to be created, but flags it as non-compliant. 'Deny' blocks the resource creation. 'Disable' turns off the policy."
description: "The 'RunAsUser' rule that containers are allowed to run with. MustRunAs requires at least one range to be specified. MustRunAsNonRoot requires the pod be submitted with non-zero runAsUser or have USER directive defined (using a numeric UID) in the image. RunAsAny allows any runAsUser to be specified",
description: "The user ID ranges that are allowed for containers to use. Set 'max' as '-1' to skip max limit evaluation. Empty array blocks every defined value for 'MustRunAs'.",
description: "The 'RunAsGroup' rule that containers are allowed to run with. MustRunAs requires at least one range to be specified. MayRunAs does not require that 'RunAsGroup' be specified. RunAsAny allows any",
description: "The group ID ranges that are allowed for containers to use. Set 'max' as '-1' to skip max limit evaluation. Empty array blocks every defined value for 'MustRunAs' and 'MayRunAs'.",
description: "The 'SupplementalGroups' rule that containers are allowed to run with. MustRunAs requires at least one range to be specified. MayRunAs does not require that 'SupplementalGroups' be specified. RunAsAny allows any",
displayName: "Allowed supplemental group ID ranges",
description: "The supplemental group ID ranges that are allowed for containers to use. Set 'max' as '-1' to skip max limit evaluation. Empty array blocks every defined value for 'MustRunAs' and 'MayRunAs'.",
description: "The 'FSGroup' rule that containers are allowed to run with. MustRunAs requires at least one range to be specified. MayRunAs does not require that 'FSGroup' be specified. RunAsAny allows any",
displayName: "Allowed file system group ID ranges",
description: "The file system group ranges that are allowed for pods to use. Set 'max' as '-1' to skip max limit evaluation. Empty array blocks every defined value for 'MustRunAs' and 'MayRunAs'.",
displayName: "Effect for policy:Kubernetes clusters should not allow container privilege escalation",
description: "'Audit' allows a non-compliant resource to be created or updated, but flags it as non-compliant. 'Deny' blocks the non-compliant resource creation or update. 'Disabled' turns off the policy.",
displayName: "Effect for policy:Kubernetes cluster containers should not share host process ID or host IPC namespace",
description: "'Audit' allows a non-compliant resource to be created or updated, but flags it as non-compliant. 'Deny' blocks the non-compliant resource creation or update. 'Disabled' turns off the policy.",
displayName: "Effect for policy:Kubernetes cluster containers should run with a read only root file system",
description: "'Audit' allows a non-compliant resource to be created or updated, but flags it as non-compliant. 'Deny' blocks the non-compliant resource creation or update. 'Disabled' turns off the policy.",
displayName: "Effect for policy:Kubernetes cluster containers should only use allowed capabilities",
description: "'Audit' allows a non-compliant resource to be created or updated, but flags it as non-compliant. 'Deny' blocks the non-compliant resource creation or update. 'Disabled' turns off the policy.",
displayName: "Effect for policy:Kubernetes cluster containers should only use allowed AppArmor profiles",
description: "'Audit' allows a non-compliant resource to be created or updated, but flags it as non-compliant. 'Deny' blocks the non-compliant resource creation or update. 'Disabled' turns off the policy.",
description: "The list of AppArmor profiles that containers are allowed to use. E.g. [ "runtime/default", "docker/default" ]. Provide empty list as input to block everything.",
displayName: "Effect for policy:Kubernetes cluster pods should only use approved host network and port range",
description: "'Audit' allows a non-compliant resource to be created or updated, but flags it as non-compliant. 'Deny' blocks the non-compliant resource creation or update. 'Disabled' turns off the policy.",
displayName: "Effect for policy:Kubernetes cluster pod hostPath volumes should only use allowed host paths",
description: "'Audit' allows a non-compliant resource to be created or updated, but flags it as non-compliant. 'Deny' blocks the non-compliant resource creation or update. 'Disabled' turns off the policy.",
displayName: "Effect for policy:Kubernetes clusters should not use the default namespace",
description: "'Audit' allows a non-compliant resource to be created or updated, but flags it as non-compliant. 'Deny' blocks the non-compliant resource creation or update. 'Disabled' turns off the policy.",
displayName: "Effect for policy:Kubernetes clusters should disable automounting API credentials",
description: "'Audit' allows a non-compliant resource to be created or updated, but flags it as non-compliant. 'Deny' blocks the non-compliant resource creation or update. 'Disabled' turns off the policy.",
displayName: "Effect for policy:Kubernetes clusters should not grant CAP_SYS_ADMIN security capabilities",
description: "'Audit' allows a non-compliant resource to be created or updated, but flags it as non-compliant. 'Deny' blocks the non-compliant resource creation or update. 'Disabled' turns off the policy.",
displayName: "Effect for policy: Resource logs in Logic Apps should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Resource logs in IoT Hub should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Resource logs in Batch accounts should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: Auto provisioning of the Log Analytics agent should be enabled on your subscription",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects",
displayName: "Effect for policy: Resource logs in Event Hub should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: [Preview]: Log Analytics extension should be installed on your Linux Azure Arc machines",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "[Deprecated]: Effect for policy: Log Analytics agent should be installed on your virtual machine scale sets for Azure Security Center monitoring",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects",
displayName: "[Deprecated]: Effect for policy: Log Analytics agent should be installed on your virtual machine for Azure Security Center monitoring",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects",
displayName: "Effect for policy: Guest Configuration extension should be installed on your machines",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Resource logs in Search services should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Network Watcher should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "NetworkWatcher resource group name",
description: "Name of the resource group of NetworkWatcher, such as NetworkWatcherRG. This is the resource group where the Network Watchers are located."
displayName: "Effect for policy: Resource logs in Data Lake Analytics should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Resource logs in Key Vault should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Virtual machines' Guest Configuration extension should be deployed with system-assigned managed identity",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: [Preview]: Log Analytics extension should be installed on your Windows Azure Arc machines",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Resource logs in Service Bus should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Resource logs in Azure Stream Analytics should be enabled",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Ensure that 'Java version' is the latest, if used as a part of the Web app",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Ensure that 'Python version' is the latest, if used as a part of the Web app",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Ensure that 'Python version' is the latest, if used as a part of the Function app",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Ensure that 'PHP version' is the latest, if used as a part of the WEB app",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Ensure that 'HTTP Version' is the latest, if used to run the Web app",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
displayName: "Effect for policy: Ensure that 'Java version' is the latest, if used as a part of the Function app",
description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
