MDFC vulnerability scanning update - Githubissues

Azure / Enterprise-Scale

The Azure Landing Zones (Enterprise-Scale) architecture provides prescriptive guidance coupled with Azure best practices, and it follows design principles across the critical design areas for organizations to define their Azure architecture

https://aka.ms/alz

MIT License

1.72k stars 978 forks source link

MDFC vulnerability scanning update #1537

Closed Springstone closed 9 months ago

Springstone commented 9 months ago

Overview/Summary

Added built-in policy to Deploy-MDFC-Config initiative and default assignment to Setup subscriptions to transition to an alternative vulnerability assessment solution

This PR fixes/adds/changes/removes

Added built-in policy to Deploy-MDFC-Config initiative and default assignment to Setup subscriptions to transition to an alternative vulnerability assessment solution
Removed previous policies/assignments that configure vulnerability scanning for virtual machines.

Breaking Changes

Deploy-MDFC-Config has removed 2 parameters and policies related to MDFC vulnerability scanning for VMs (replaced by new subscription level policy). This requires removal of Deploy-MDFC-Config assignment and initiative, re-deployment and assignment of the updated initiative.

Testing Evidence

Please provide any testing evidence to show that your Pull Request works/fixes as described and planned (include screenshots, if appropriate).

Testing URLs

Azure Public

As part of this Pull Request I have

[X] Checked for duplicate Pull Requests
[X] Associated it with relevant issues, for tracking and closure.
[X] Ensured my code/branch is up-to-date with the latest changes in the main branch
[X] Performed testing and provided evidence.
[X] Ensured contribution guidance is followed.
[X] Updated relevant and associated documentation.
[X] Updated the "What's New?" wiki page (located: /docs/wiki/whats-new.md)