The Azure Landing Zones (Enterprise-Scale) architecture provides prescriptive guidance coupled with Azure best practices, and it follows design principles across the critical design areas for organizations to define their Azure architecture
This pull request includes updates to policy definitions and documentation to enhance security and clarity. The most important changes include updating the TLS version for a specific policy, modifying the policy version, and updating the documentation to reflect these changes.
Policy updates:
Updated the AppServiceMinTlsVersion parameter in the Enforce-EncryptTransit_20240509 initiative to include TLS version 1.3. [1][2]
Changed the version of the Enforce-EncryptTransit_20240509 policy from 1.0.0 to 1.1.0.
Documentation updates:
Updated the display name of several Effect parameters to clearly identify the policy they apply to in the initiative "Enforce recommended guardrails for Azure Key Vault."
Added a description for the custom ALZ policy "Deny-Subnet-Without-Penp" to the ALZ Policies Extra wiki page.
Overview/Summary
This pull request includes updates to policy definitions and documentation to enhance security and clarity. The most important changes include updating the TLS version for a specific policy, modifying the policy version, and updating the documentation to reflect these changes.
Policy updates:
AppServiceMinTlsVersionparameter in theEnforce-EncryptTransit_20240509initiative to include TLS version 1.3. [1] [2]Enforce-EncryptTransit_20240509policy from1.0.0to1.1.0.Documentation updates:
Effectparameters to clearly identify the policy they apply to in the initiative "Enforce recommended guardrails for Azure Key Vault."Addresses issue AB#38125