Azure / azure-policy

Repository for Azure Resource Policy built-in definitions and samples
MIT License
1.51k stars 1.09k forks source link

Deprecated operationnames used in MS built-in policies -> "Microsoft.Security/securitySolutions/write" & "Microsoft.Security/securitySolutions/delete" #1150

Open BartDecker opened 1 year ago

BartDecker commented 1 year ago

Details of the scenario you tried and the problem that is occurring

I wonder if both operation names related to creating or removing a security solution are deprecated or changed?

These operation names come back in the CIS Initiative and in the monitoring policy like mentioned here: ActivityLog_SecurityOperations_Audit.json

When creating and deleting a security solution the resulting operation names are:

BartDecker commented 1 year ago

I have a confirmation via a support ticket that

"Microsoft.Security/securitySolutions/write" "Microsoft.Security/securitySolutions/delete"

changed to

Microsoft.Security/locations/securitySolutions/write Microsoft.Security/locations/securitySolutions/delete

Is there somebody who could pick this up and have this changed in some of the MS built-in policies which are used in the CIS built-in initiaitve?

RyanHill-MSFT commented 1 year ago

@BartDecker what was your support request number?