Path	Lines of Code
CODE_OF_CONDUCT.md	6
README.md	50
SECURITY.md	24
SUPPORT.md	17
eslzArm/README-AzureChina.md	277
eslzArm/README.md	4
eslzArm/eslzArm.json	9259
eslzArm/eslzArm.terraform-sync.param.json	620
eslzArm/eslzArm.test.param.hns.json	753
eslzArm/eslzArm.test.param.json	309
eslzArm/eslzArm.test.param.std.json	620
eslzArm/eslzArm.test.param.vwan.json	679
eslzArm/fairfaxeslz-portal.json	2235
eslzArm/managementGroupTemplates/diagSettingsMGs/diagSettingsMGs.json	34
eslzArm/managementGroupTemplates/mgmtGroupStructure/mgmtGroups.json	170
eslzArm/managementGroupTemplates/mgmtGroupStructure/mgmtGroupsLite.json	130
eslzArm/managementGroupTemplates/policyAssignments/AUDIT-AppGwWafPolicyAssignment.json	68
eslzArm/managementGroupTemplates/policyAssignments/AUDIT-PeDnsZonesPolicyAssignment.json	148
eslzArm/managementGroupTemplates/policyAssignments/AUDIT-ResourceRGLocationPolicyAssignment.json	56
eslzArm/managementGroupTemplates/policyAssignments/AUDIT-TrustedLaunchPolicyAssignment.json	72
eslzArm/managementGroupTemplates/policyAssignments/AUDIT-UnusedResourcesPolicyAssignment.json	94
eslzArm/managementGroupTemplates/policyAssignments/AUDIT-ZoneResilientPolicyAssignment.json	80
eslzArm/managementGroupTemplates/policyAssignments/DENY-AksPrivEscalationPolicyAssignment.json	45
eslzArm/managementGroupTemplates/policyAssignments/DENY-AksPrivilegedPolicyAssignment.json	45
eslzArm/managementGroupTemplates/policyAssignments/DENY-AksWithoutHttpsPolicyAssignment.json	45
eslzArm/managementGroupTemplates/policyAssignments/DENY-ClassicResourceTypesPolicyAssignment.json	128
eslzArm/managementGroupTemplates/policyAssignments/DENY-DINE-APPEND-TLS-SSL-PolicyAssignment.json	80
eslzArm/managementGroupTemplates/policyAssignments/DENY-HybridNetworkingPolicyAssignment.json	80
eslzArm/managementGroupTemplates/policyAssignments/DENY-IPForwardingPolicyAssignment.json	54
eslzArm/managementGroupTemplates/policyAssignments/DENY-MgmtPortsFromInternetPolicyAssignment.json	58
eslzArm/managementGroupTemplates/policyAssignments/DENY-PublicEndpointPolicyAssignment.json	60
eslzArm/managementGroupTemplates/policyAssignments/DENY-PublicIpAddressOnNICPolicyAssignment.json	54
eslzArm/managementGroupTemplates/policyAssignments/DENY-PublicIpAddressPolicyAssignment.json	64
eslzArm/managementGroupTemplates/policyAssignments/DENY-StorageWithoutHttpsPolicyAssignment.json	59
eslzArm/managementGroupTemplates/policyAssignments/DENY-SubnetWithoutNsgPolicyAssignment.json	58
eslzArm/managementGroupTemplates/policyAssignments/DENY-VMUnmanagedDiskPolicyAssignment.json	60
eslzArm/managementGroupTemplates/policyAssignments/DENYACTION-DeleteUAMIAMAPolicyAssignment.json	75
eslzArm/managementGroupTemplates/policyAssignments/DINE-ASBPolicyAssignment.json	59
eslzArm/managementGroupTemplates/policyAssignments/DINE-ActivityLogPolicyAssignment.json	110
eslzArm/managementGroupTemplates/policyAssignments/DINE-AtpOssDbPolicyAssignment.json	82
eslzArm/managementGroupTemplates/policyAssignments/DINE-AtpSqlDbPolicyAssignment.json	82
eslzArm/managementGroupTemplates/policyAssignments/DINE-ChangeTrackingVMArcPolicyAssignment.json	154
eslzArm/managementGroupTemplates/policyAssignments/DINE-ChangeTrackingVMPolicyAssignment.json	229
eslzArm/managementGroupTemplates/policyAssignments/DINE-ChangeTrackingVMSSPolicyAssignment.json	229
eslzArm/managementGroupTemplates/policyAssignments/DINE-MDEndpointsAMAPolicyAssignment.json	82
eslzArm/managementGroupTemplates/policyAssignments/DINE-MDEndpointsPolicyAssignment.json	104
eslzArm/managementGroupTemplates/policyAssignments/DINE-MDFCConfigPolicyAssignment.json	237
eslzArm/managementGroupTemplates/policyAssignments/DINE-MDFCDefenderSQLAMAPolicyAssignment.json	280
eslzArm/managementGroupTemplates/policyAssignments/DINE-PrivateDNSZonesPolicyAssignment.json	445
eslzArm/managementGroupTemplates/policyAssignments/DINE-ResourceDiagnosticsPolicyAssignment.json	113
eslzArm/managementGroupTemplates/policyAssignments/DINE-SQLAuditingPolicyAssignment.json	110
eslzArm/managementGroupTemplates/policyAssignments/DINE-SQLEncryptionPolicyAssignment.json	81
eslzArm/managementGroupTemplates/policyAssignments/DINE-SQLThreatPolicyAssignment.json	81
eslzArm/managementGroupTemplates/policyAssignments/DINE-VMBackupPolicyAssignment.json	98
eslzArm/managementGroupTemplates/policyAssignments/DINE-VMHybridMonitoringPolicyAssignment.json	150
eslzArm/managementGroupTemplates/policyAssignments/DINE-VMMonitoringPolicyAssignment.json	235
eslzArm/managementGroupTemplates/policyAssignments/DINE-VMSSMonitoringPolicyAssignment.json	235
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-ALZ-DecommissionedPolicyAssignment.json	96
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-ALZ-SandboxPolicyAssignment.json	78
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-AcsbPolicyAssignment.json	79
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-BackupPolicyAssignment.json	58
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-EncryptionCMKPolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsAPIMPolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsAppServicesPolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsAutomationPolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsBotServicePolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsCognitiveServicesPolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsComputePolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsContainerAppsPolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsContainerInstancePolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsContainerRegistryPolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsCosmosDbPolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsDataExplorerPolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsDataFactoryPolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsEventGridPolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsEventHubPolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsKeyVaultPolicyAssignment.json	53
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsKeyVaultSupPolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsKubernetesPolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsMachineLearningPolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsMySQLPolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsNetworkPolicyAssignment.json	92
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsOpenAIPolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsPostgreSQLPolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsSQLPolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsServiceBusPolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsStoragePolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsSynapsePolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-GuardrailsVirtualDesktopPolicyAssignment.json	83
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-RegulatoryCompliancePolicyAssignment.json	4350
eslzArm/managementGroupTemplates/policyAssignments/ENFORCE-SubnetPrivatePolicyAssignment.json	68
eslzArm/managementGroupTemplates/policyAssignments/MODIFY-AUM-CheckUpdatesPolicyAssignment.json	171
eslzArm/managementGroupTemplates/policyAssignments/MODIFY-DDoSPolicyAssignment.json	90
eslzArm/managementGroupTemplates/policyAssignments/china/mcDINE-MDFCConfigPolicyAssignment.json	124
eslzArm/managementGroupTemplates/policyAssignments/gov/fairfaxDINE-MDFCConfigPolicyAssignment.json	157
eslzArm/managementGroupTemplates/policyAssignments/gov/fairfaxDINE-PrivateDNSZonesPolicyAssignment.json	163
eslzArm/managementGroupTemplates/policyDefinitions/README.md	11
eslzArm/managementGroupTemplates/roleAssignments/roleAssignment.json	34
eslzArm/managementGroupTemplates/roleDefinitions/README.md	11
eslzArm/managementGroupTemplates/roleDefinitions/customRoleDefinitions.json	169
eslzArm/managementGroupTemplates/subscriptionOrganization/subscriptionOrganization.json	29
eslzArm/prerequisites/deployPrerequisites.json	250
eslzArm/resourceGroupTemplates/azureFirewall.json	1
eslzArm/resourceGroupTemplates/dataCollectionRule-CT.json	327
eslzArm/resourceGroupTemplates/dataCollectionRule-DefenderSQL.json	107
eslzArm/resourceGroupTemplates/dataCollectionRule-VmInsights.json	108
eslzArm/resourceGroupTemplates/ddosProtection.json	28
eslzArm/resourceGroupTemplates/expressRouteCircuit.json	1
eslzArm/resourceGroupTemplates/privateDnsZones.json	73
eslzArm/resourceGroupTemplates/userAssignedIdentity.json	53
eslzArm/resourceGroupTemplates/vnetRouteTable.json	73
eslzArm/subscriptionTemplates/ascConfiguration.json	506
eslzArm/subscriptionTemplates/avnmConfiguration.json	696
eslzArm/subscriptionTemplates/avnmPolicy.json	1322
eslzArm/subscriptionTemplates/azActivityDiagnostics.json	64
eslzArm/subscriptionTemplates/azFw-basepolicy.json	117
eslzArm/subscriptionTemplates/corp-vnet-peering.json	119
eslzArm/subscriptionTemplates/hubspoke-connectivity.json	590
eslzArm/subscriptionTemplates/logAnalyticsWorkspace.json	82
eslzArm/subscriptionTemplates/mdfcConfiguration.json	683
eslzArm/subscriptionTemplates/nvahubspoke-connectivity.json	435
eslzArm/subscriptionTemplates/resourceGroup.json	28
eslzArm/subscriptionTemplates/vnetPeering.json	210
eslzArm/subscriptionTemplates/vnetPeeringHub.json	113
eslzArm/subscriptionTemplates/vnetPeeringVwan.json	167
eslzArm/subscriptionTemplates/vpnGateway.json	1
eslzArm/subscriptionTemplates/vwan-connectivity.json	615
examples/10-create-managementgroup.parameters.json	14
examples/20-create-child-managementgroup.parameters.json	88
examples/30-create-policydefinition-at-managementgroup.parameters.json	191
examples/40-create-policyassignment-at-managementgroup.parameters.json	107
examples/README.md	16
examples/landing-zones/README.md	83
examples/landing-zones/connected-subscription/README.md	154
examples/landing-zones/connected-subscription/connectedSubscription.json	313
examples/landing-zones/empty-subscription/README.md	61
examples/landing-zones/empty-subscription/emptySubscription.json	39
examples/landing-zones/subscription-into-managementGroup/README.md	60
examples/landing-zones/subscription-into-managementGroup/subscriptionIntoManagementGroup.json	138
examples/landing-zones/subscription-with-rbac/README.md	77
examples/landing-zones/subscription-with-rbac/portal-subscriptionWithRbac.json	201
examples/landing-zones/subscription-with-rbac/subscriptionWithRbac.json	235
examples/landing-zones/tagged-subscription/README.md	68
examples/landing-zones/tagged-subscription/taggedSubscription.json	184
examples/management-groups/README.md	43
examples/management-groups/child-group/child-group.json	34
examples/policies/policy-definition/README.md	49
examples/policies/policy-definition/policy-definition.json	46
src/portal/release.json	6
src/resources/Microsoft.Authorization/policyDefinitions/Append-AppService-httpsonly.json	59
src/resources/Microsoft.Authorization/policyDefinitions/Append-AppService-latestTLS.json	73
src/resources/Microsoft.Authorization/policyDefinitions/Append-KV-SoftDelete.json	50
src/resources/Microsoft.Authorization/policyDefinitions/Append-Redis-disableNonSslPort.json	63
src/resources/Microsoft.Authorization/policyDefinitions/Append-Redis-sslEnforcement.json	76
src/resources/Microsoft.Authorization/policyDefinitions/Audit-AzureHybridBenefit.json	88
src/resources/Microsoft.Authorization/policyDefinitions/Audit-Disks-UnusedResourcesCostOptimization.json	69
src/resources/Microsoft.Authorization/policyDefinitions/Audit-MachineLearning-PrivateEndpointId.json	64
src/resources/Microsoft.Authorization/policyDefinitions/Audit-PrivateLinkDnsZones.json	127
src/resources/Microsoft.Authorization/policyDefinitions/Audit-PublicIpAddresses-UnusedResourcesCostOptimization.json	89
src/resources/Microsoft.Authorization/policyDefinitions/Audit-ServerFarms-UnusedResourcesCostOptimization.json	57
src/resources/Microsoft.Authorization/policyDefinitions/Audit-Tags-Mandatory-Rg.json	91
src/resources/Microsoft.Authorization/policyDefinitions/Audit-Tags-Mandatory.json	66
src/resources/Microsoft.Authorization/policyDefinitions/Deny-AA-child-resources.json	56
src/resources/Microsoft.Authorization/policyDefinitions/Deny-AFSPaasPublicIP.AzureChinaCloud.json	52
src/resources/Microsoft.Authorization/policyDefinitions/Deny-APIM-TLS.json	70
src/resources/Microsoft.Authorization/policyDefinitions/Deny-AppGW-Without-WAF.json	54
src/resources/Microsoft.Authorization/policyDefinitions/Deny-AppGw-Without-Tls.json	78
src/resources/Microsoft.Authorization/policyDefinitions/Deny-AppService-without-BYOC.json	62
src/resources/Microsoft.Authorization/policyDefinitions/Deny-AppServiceApiApp-http.json	58
src/resources/Microsoft.Authorization/policyDefinitions/Deny-AppServiceFunctionApp-http.json	58
src/resources/Microsoft.Authorization/policyDefinitions/Deny-AppServiceWebApp-http.json	58
src/resources/Microsoft.Authorization/policyDefinitions/Deny-AzFw-Without-Policy.json	54
src/resources/Microsoft.Authorization/policyDefinitions/Deny-CognitiveServices-NetworkAcls.json	66
src/resources/Microsoft.Authorization/policyDefinitions/Deny-CognitiveServices-Resource-Kinds.json	95
src/resources/Microsoft.Authorization/policyDefinitions/Deny-CognitiveServices-RestrictOutboundNetworkAccess.json	62
src/resources/Microsoft.Authorization/policyDefinitions/Deny-Databricks-NoPublicIp.json	52
src/resources/Microsoft.Authorization/policyDefinitions/Deny-Databricks-Sku.json	52
src/resources/Microsoft.Authorization/policyDefinitions/Deny-Databricks-VirtualNetwork.json	64
src/resources/Microsoft.Authorization/policyDefinitions/Deny-EH-MINTLS.json	70
src/resources/Microsoft.Authorization/policyDefinitions/Deny-EH-Premium-CMK.json	60
src/resources/Microsoft.Authorization/policyDefinitions/Deny-FileServices-InsecureAuth.json	66
src/resources/Microsoft.Authorization/policyDefinitions/Deny-FileServices-InsecureKerberos.json	66
src/resources/Microsoft.Authorization/policyDefinitions/Deny-FileServices-InsecureSmbChannel.json	67
src/resources/Microsoft.Authorization/policyDefinitions/Deny-FileServices-InsecureSmbVersions.json	70
src/resources/Microsoft.Authorization/policyDefinitions/Deny-KeyVaultPaasPublicIP.AzureChinaCloud.json	59
src/resources/Microsoft.Authorization/policyDefinitions/Deny-LogicApp-Public-Network.json	66
src/resources/Microsoft.Authorization/policyDefinitions/Deny-LogicApps-Without-Https.json	66
src/resources/Microsoft.Authorization/policyDefinitions/Deny-MachineLearning-Aks.json	64
src/resources/Microsoft.Authorization/policyDefinitions/Deny-MachineLearning-Compute-SubnetId.json	67
src/resources/Microsoft.Authorization/policyDefinitions/Deny-MachineLearning-Compute-VmSize.json	148
src/resources/Microsoft.Authorization/policyDefinitions/Deny-MachineLearning-ComputeCluster-RemoteLoginPortPublicAccess.json	64
src/resources/Microsoft.Authorization/policyDefinitions/Deny-MachineLearning-ComputeCluster-Scale.json	92
src/resources/Microsoft.Authorization/policyDefinitions/Deny-MachineLearning-HbiWorkspace.json	60
src/resources/Microsoft.Authorization/policyDefinitions/Deny-MachineLearning-PublicAccessWhenBehindVnet.json	60
src/resources/Microsoft.Authorization/policyDefinitions/Deny-MachineLearning-PublicNetworkAccess.json	54
src/resources/Microsoft.Authorization/policyDefinitions/Deny-MgmtPorts-From-Internet.json	255
src/resources/Microsoft.Authorization/policyDefinitions/Deny-MySql-http.json	80
src/resources/Microsoft.Authorization/policyDefinitions/Deny-PostgreSql-http.json	80
src/resources/Microsoft.Authorization/policyDefinitions/Deny-Private-DNS-Zones.json	46
src/resources/Microsoft.Authorization/policyDefinitions/Deny-PublicEndpoint-MariaDB.json	56
src/resources/Microsoft.Authorization/policyDefinitions/Deny-PublicIP.json	48
src/resources/Microsoft.Authorization/policyDefinitions/Deny-RDP-From-Internet.json	126
src/resources/Microsoft.Authorization/policyDefinitions/Deny-Redis-http.json	75
src/resources/Microsoft.Authorization/policyDefinitions/Deny-Service-Endpoints.json	60
src/resources/Microsoft.Authorization/policyDefinitions/Deny-Sql-minTLS.json	75
src/resources/Microsoft.Authorization/policyDefinitions/Deny-SqlMi-minTLS.json	75
src/resources/Microsoft.Authorization/policyDefinitions/Deny-Storage-ContainerDeleteRetentionPolicy.json	74
src/resources/Microsoft.Authorization/policyDefinitions/Deny-Storage-CopyScope.json	74
src/resources/Microsoft.Authorization/policyDefinitions/Deny-Storage-CorsRules.json	102
src/resources/Microsoft.Authorization/policyDefinitions/Deny-Storage-LocalUser.json	62
src/resources/Microsoft.Authorization/policyDefinitions/Deny-Storage-NetworkAclsBypass.json	90
src/resources/Microsoft.Authorization/policyDefinitions/Deny-Storage-NetworkAclsVirtualNetworkRules.json	56
src/resources/Microsoft.Authorization/policyDefinitions/Deny-Storage-ResourceAccessRulesResourceId.json	66
src/resources/Microsoft.Authorization/policyDefinitions/Deny-Storage-ResourceAccessRulesTenantId.json	60
src/resources/Microsoft.Authorization/policyDefinitions/Deny-Storage-SFTP.json	54
src/resources/Microsoft.Authorization/policyDefinitions/Deny-Storage-ServicesEncryption.json	102
src/resources/Microsoft.Authorization/policyDefinitions/Deny-Storage-minTLS.json	93
src/resources/Microsoft.Authorization/policyDefinitions/Deny-StorageAccount-CustomDomain.json	62
src/resources/Microsoft.Authorization/policyDefinitions/Deny-Subnet-Without-Nsg.json	100
src/resources/Microsoft.Authorization/policyDefinitions/Deny-Subnet-Without-Penp.json	101
src/resources/Microsoft.Authorization/policyDefinitions/Deny-Subnet-Without-Udr.json	98
src/resources/Microsoft.Authorization/policyDefinitions/Deny-UDR-With-Specific-NextHop.json	87
src/resources/Microsoft.Authorization/policyDefinitions/Deny-VNET-Peer-Cross-Sub.json	70
src/resources/Microsoft.Authorization/policyDefinitions/Deny-VNET-Peering-To-Non-Approved-VNETs.json	88
src/resources/Microsoft.Authorization/policyDefinitions/Deny-VNet-Peering.json	46
src/resources/Microsoft.Authorization/policyDefinitions/DenyAction-ActivityLogs.json	38
src/resources/Microsoft.Authorization/policyDefinitions/DenyAction-DeleteResources.json	72
src/resources/Microsoft.Authorization/policyDefinitions/DenyAction-DiagnosticLogs.json	38
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-ASC-SecurityContacts.json	150
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-ActivityLogs-to-LA-workspace.AzureChinaCloud.json	158
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Budget.json	238
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Custom-Route-Table.json	213
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-DDoSProtection.json	150
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Default-Udr.AzureChinaCloud.json	133
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Default-Udr.AzureUSGovernment.json	133
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-AA.json	202
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-ACI.json	163
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-ACR.json	194
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-APIMgmt.json	213
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-AVDScalingPlans.json	155
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-AnalysisService.json	194
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-ApiForFHIR.json	190
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-ApplicationGateway.json	198
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-Bastion.json	190
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-CDNEndpoints.json	158
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-CognitiveServices.json	198
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-CosmosDB.json	222
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-DLAnalytics.json	194
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-DataExplorerCluster.json	214
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-DataFactory.json	230
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-Databricks.json	273
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-EventGridSub.json	163
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-EventGridSystemTopic.json	190
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-EventGridTopic.json	198
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-ExpressRoute.json	190
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-Firewall.json	265
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-FrontDoor.json	194
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-Function.json	198
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-HDInsight.json	163
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-LoadBalancer.json	194
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-LogAnalytics.json	190
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-LogicAppsISE.json	158
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-MariaDB.json	194
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-MediaService.json	190
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-MlWorkspace.json	289
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-MySQL.json	194
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-NIC.json	162
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-NetworkSecurityGroups.json	162
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-PostgreSQL.json	241
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-PowerBIEmbedded.json	190
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-RedisCache.json	163
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-Relay.json	190
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-SQLElasticPools.json	163
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-SQLMI.json	165
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-SignalR.json	186
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-TimeSeriesInsights.json	194
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-TrafficManager.json	190
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-VM.json	162
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-VMSS.json	162
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-VNetGW.json	206
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-VWanS2SVPNGW.json	202
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-VirtualNetwork.json	189
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-WVDAppGroup.json	165
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-WVDHostPools.json	189
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-WVDWorkspace.json	169
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-WebServerFarm.json	163
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-Website.json	267
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Diagnostics-iotHub.json	242
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-FirewallPolicy.json	167
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-LogicApp-TLS.json	95
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-MDFC-Arc-SQL-DCR-Association.json	202
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-MDFC-Arc-SQL-DefenderSQL-DCR.json	406
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-MDFC-SQL-AMA.json	177
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-MDFC-SQL-DefenderSQL-DCR.json	465
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-MDFC-SQL-DefenderSQL.json	242
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-MySQL-sslEnforcement.json	138
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-MySQLCMKEffect.AzureChinaCloud.json	62
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Nsg-FlowLogs-to-LA.json	235
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Nsg-FlowLogs.json	197
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-PostgreSQL-sslEnforcement.json	139
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-PostgreSQLCMKEffect.AzureChinaCloud.json	62
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Private-DNS-Azure-File-Sync.AzureChinaCloud.json	121
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Private-DNS-Azure-KeyVault.AzureChinaCloud.json	122
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Private-DNS-Azure-Web.AzureChinaCloud.json	120
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Private-DNS-Generic.json	167
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-SQL-minTLS.json	125
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Sql-AuditingSettings.json	125
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Sql-SecurityAlertPolicies.json	123
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Sql-Tde.json	126
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Sql-vulnerabilityAssessments.json	145
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Sql-vulnerabilityAssessments_20230706.json	148
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-SqlMi-minTLS.json	126
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Storage-sslEnforcement.json	138
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-UserAssignedManagedIdentity-VMInsights.json	405
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-VNET-HubSpoke.json	309
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Vm-autoShutdown.json	196
src/resources/Microsoft.Authorization/policyDefinitions/Deploy-Windows-DomainJoin.json	261
src/resources/Microsoft.Authorization/policyDefinitions/Modify-NSG.json	129
src/resources/Microsoft.Authorization/policyDefinitions/Modify-UDR.json	103
src/resources/Microsoft.Authorization/policySetDefinitions/Audit-TrustedLaunch.json	61
src/resources/Microsoft.Authorization/policySetDefinitions/Audit-UnusedResourcesCostOptimization.json	106
src/resources/Microsoft.Authorization/policySetDefinitions/Deny-PublicPaaSEndpoints.AzureChinaCloud.json	231
src/resources/Microsoft.Authorization/policySetDefinitions/Deny-PublicPaaSEndpoints.AzureUSGovernment.json	231
src/resources/Microsoft.Authorization/policySetDefinitions/Deny-PublicPaaSEndpoints.json	1018
src/resources/Microsoft.Authorization/policySetDefinitions/DenyAction-DeleteProtection.json	39
src/resources/Microsoft.Authorization/policySetDefinitions/Deploy-AUM-CheckUpdates.json	157
src/resources/Microsoft.Authorization/policySetDefinitions/Deploy-Diagnostics-LogAnalytics.AzureChinaCloud.json	1817
src/resources/Microsoft.Authorization/policySetDefinitions/Deploy-Diagnostics-LogAnalytics.AzureUSGovernment.json	1817
src/resources/Microsoft.Authorization/policySetDefinitions/Deploy-Diagnostics-LogAnalytics.json	1971
src/resources/Microsoft.Authorization/policySetDefinitions/Deploy-MDFC-Config.AzureChinaCloud.json	161
src/resources/Microsoft.Authorization/policySetDefinitions/Deploy-MDFC-Config.AzureUSGovernment.json	227
src/resources/Microsoft.Authorization/policySetDefinitions/Deploy-MDFC-Config.json	450
src/resources/Microsoft.Authorization/policySetDefinitions/Deploy-MDFC-Config_20240319.json	451
src/resources/Microsoft.Authorization/policySetDefinitions/Deploy-MDFC-DefenderSQL-AMA.json	239
src/resources/Microsoft.Authorization/policySetDefinitions/Deploy-Private-DNS-Zones.AzureChinaCloud.json	488
src/resources/Microsoft.Authorization/policySetDefinitions/Deploy-Private-DNS-Zones.AzureUSGovernment.json	466
src/resources/Microsoft.Authorization/policySetDefinitions/Deploy-Private-DNS-Zones.json	1736
src/resources/Microsoft.Authorization/policySetDefinitions/Deploy-Sql-Security.json	136
src/resources/Microsoft.Authorization/policySetDefinitions/Deploy-Sql-Security_20240529.json	139
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-ACSB.json	97
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-ALZ-Decomm.json	53
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-ALZ-Sandbox.json	86
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Backup.json	141
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-EncryptTransit.json	643
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-EncryptTransit_20240509.json	978
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-EncryptTransit_20241211.json	956
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Encryption-CMK.AzureChinaCloud.json	342
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Encryption-CMK.AzureUSGovernment.json	298
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Encryption-CMK.json	682
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Encryption-CMK_20250218.json	680
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-APIM.json	245
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-AppServices.json	386
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-Automation.json	143
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-BotService.json	111
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-CognitiveServices.json	201
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-Compute.json	66
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-ContainerApps.json	66
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-ContainerInstance.json	46
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-ContainerRegistry.json	261
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-CosmosDb.json	130
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-DataExplorer.json	105
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-DataFactory.json	125
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-EventGrid.json	181
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-EventHub.json	105
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-KeyVault-Sup.json	64
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-KeyVault.json	824
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-Kubernetes.json	360
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-MachineLearning.json	296
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-MySQL.json	65
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-Network.json	551
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-OpenAI.json	241
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-PostgreSQL.json	45
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-SQL.json	111
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-ServiceBus.json	105
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-Storage.json	484
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-Synapse.json	210
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-VirtualDesktop.json	64
src/resources/Microsoft.Authorization/roleDefinitions/Application-Owners.json	28
src/resources/Microsoft.Authorization/roleDefinitions/Network-Management.json	26
src/resources/Microsoft.Authorization/roleDefinitions/OssDb-Owners.json	29
src/resources/Microsoft.Authorization/roleDefinitions/Security-Operations.json	34
src/resources/Microsoft.Authorization/roleDefinitions/Subscription-Owner.json	29
workloads/README.md	2