Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Implement MS.AAD.3.4v1 - Migration Authentication Method policy (#445)
* Implement AAD 3.4 * Remove MS Graph 2.0 from GitHub Action, Run PowerShell Tests (#446) * Remove MS Graph 2.0 * Add MS Graph 2.0 removal to SmokeTest * Add path to run smoke test * Fix YAML error * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * Initial drop of secure baseline automation (#336) * initial teams drop * Add markdown check * Fix spelling * Check action * Test Action * Check version * Fix Markdown test * Add path *.md * Update anchor func * Update AAD * WIP * WIP * WIP * WIP * WIP * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * WIP * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * initial teams drop * Update AAD * WIP * WIP * WIP * WIP * WIP * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * initial teams drop * Update AAD * WIP * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * Fix UT errors * Default baseline for testing * Updates based on review comments * Call Import-SecureBaseline once * Update for review comments * Review updates * Add help comment * remove unused import * Fix OPA check issues * fix opa tests action * Update action to test * Action update * Sum PS/Bug as Errors * Update darkmode colors * Fix UT after Rebase * Fix UT * Fix error log * Update UT for NewReport * Update link color --------- Co-authored-by: Andrew Huynh <[email protected]> Co-authored-by: Addam Schroll <[email protected]> Co-authored-by: Sloane4 <[email protected]> * Add quiet mode for invoke-scuba (#357) * Add quiet option * Invert Stance on Defender Preset Policies in Markdown (#355) * Inverted 2.1, removed applicable controls * Ironed out baselines for the using the preset policies * Minor wording updates to MS.DEFENDER.1.1v1 rationale * Minor wording updates to MS.DEFENDER.2.3v1 policy statement * Minor wording updates to MS.DEFENDER.2.3v1 rationale * Update to MS.DEFENDER.2.4v1 license restrictions in GCC high and DoD regions * Minor wording updates to MS.DEFENDER.3.1v1 rationale * Minor wording update to MS.DEFENDER.2.3v1 rationale * Minor wording change to Safe Attachments group text * Remove hyphen from Safe Attachments policy group title. * Added new policy item 1.1v1 and renumered others; added sensitive accounts language --------- Co-authored-by: Addam Schroll <[email protected]> Co-authored-by: Addam Schroll <[email protected]> * Substantiative changes to Sharepoint Baseline minus Rationale (#360) * Structural baseline updates (cleaned up) (#334) --------- * Split policies for testing purposes * Addition for github issue: Add a new SharePoint Guest sign in Policy #307 * Updated for github issue: Direct the user to save in policy implementation SharePoint #301 * Initial drop of secure baseline automation (#336) * initial teams drop * Add markdown check * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * initial teams drop * Update AAD * WIP * WIP * WIP * WIP * WIP * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * initial teams drop * Update AAD * WIP * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * Fix UT errors * Default baseline for testing * Updates based on review comments * Call Import-SecureBaseline once * Update for review comments * Review updates * Add help comment * remove unused import * Fix OPA check issues * fix opa tests action * Update action to test * Action update * Sum PS/Bug as Errors * Update darkmode colors * Fix UT after Rebase * Fix UT * Fix error log * Update UT for NewReport * Update link color --------- Co-authored-by: Andrew Huynh <[email protected]> Co-authored-by: Addam Schroll <[email protected]> Co-authored-by: Sloane4 <[email protected]> * Update for github issue Sharepoint 2.3 Sharing settings cannot be more restrictive than the tenant level #288 * Updat for github issue Update SharePoint Policy 2.4 Code #300 * Additional changes for #288 * Update with correct implementations * Update for github issue #303 * Added some rational & fixed policy numbers * Split policy 5 to improve setting check & report. * Updated for duplicates with onedrive * Add resource for details about reauthentication github issue #299 * Removed Should & Shall from intro paragraphs. * Split implementation for each policy item * Updated code to match baseline TODO Unit tests * Updated unit tests * Fixed policy 4 * Update commandlet for MS.SHAREPOINT.5.2v1 * Updated content style guide for new rego structure * Readded comments to MS.SHAREPOINT.5.2v1 * Baseline updated with requested fixes (addam) * Move updates to content style guide to new branch (not part of current scope) * Update ErrMsg for MS.SHAREPOINT.4 to be more readable --------- Co-authored-by: Andrew Huynh <[email protected]> Co-authored-by: Addam Schroll <[email protected]> Co-authored-by: Richard Crutchfield <[email protected]> * Fix test location file path (#367) * Enhanced smoke test - check for missing results (#356) * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * Initial drop of secure baseline automation (#336) * initial teams drop * Add markdown check * Fix spelling * Check action * Test Action * Check version * Fix Markdown test * Add path *.md * Update anchor func * Update AAD * WIP * WIP * WIP * WIP * WIP * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * WIP * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * initial teams drop * Update AAD * WIP * WIP * WIP * WIP * WIP * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * initial teams drop * Update AAD * WIP * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * Fix UT errors * Default baseline for testing * Updates based on review comments * Call Import-SecureBaseline once * Update for review comments * Review updates * Add help comment * remove unused import * Fix OPA check issues * fix opa tests action * Update action to test * Action update * Sum PS/Bug as Errors * Update darkmode colors * Fix UT after Rebase * Fix UT * Fix error log * Update UT for NewReport * Update link color --------- Co-authored-by: Andrew Huynh <[email protected]> Co-authored-by: Addam Schroll <[email protected]> Co-authored-by: Sloane4 <[email protected]> * Check if missing reported * Change missing to warning * Fix UT for warning * Update Testing/Unit/PowerShell/CreateReport/New-Report.Tests.ps1 * Update Testing/Unit/PowerShell/CreateReport/New-Report.Tests.ps1 * Align with updated defender.md * Update to match defender --------- Co-authored-by: Andrew Huynh <[email protected]> Co-authored-by: Addam Schroll <[email protected]> Co-authored-by: Sloane4 <[email protected]> * One drive baseline (#370) * update onedrive baseline * remove should shall language * remove Configuring On-Premises Devices session at the end of the doc * Update wording for policy1 Co-authored-by: Addam Schroll <[email protected]> * Update policy 2 to keep consistency Co-authored-by: Addam Schroll <[email protected]> * Update wording for note Co-authored-by: Addam Schroll <[email protected]> * Spelling error fix Co-authored-by: Addam Schroll <[email protected]> * spelling fix Co-authored-by: Addam Schroll <[email protected]> * change name to match with sharepoint * Update onedrive.md remove MS.ONEDRIVE.3.1v1 because it is actually duplicate of policy MS.ONEDRIVE.1.1v1 @Sloane4 Might want to remove the reference in MS.SHAREPOINT.2.1v1 * Update onedrive.md revert changes --------- Co-authored-by: Addam Schroll <[email protected]> * DLP policy group additions and updates (#381) * Adjudicate Substantive AAD Baseline Comments (#379) * Updated to reflect phishing-resistant preferences * Updated to reflect phishing resistant pref'starting * Updates to AAD Policy 2.4 * Updates to aad policies * Updates to aad markdown * aad updates * aad baseline updates * aad baseline update (2.10) * aad baseline updates (removed 2.9) * updates to aad baseline (16.2) * aad 4.1 implementation updates * updates to aad 4 baseline policy implementations * Updates to aad policy 14 * updates to aad baseline * updates to aad.4.7v1 implementation * updates to aad.4.7v1 * Consolidated highly privileged user policies * fixes to aad.11.x * updates to policy 7 * Update to AAD 11 policy front matter (intro text) * updates to aad baseline * testing write to GitHub * backup of revisions 062223 * backup 062323 6:47 * backup 062623 --------- Co-authored-by: Ted Kolovos <[email protected]> * Added SharePoint to MS.DEFENDER.4.2v1 locations (#402) * Update aad scubagear code to align to revised baseline (#408) * Rearranged policies to match baseline updates * Added versioning for duplicate unit test title * Removed unused import * Updated MS.AAD.7.1v1 from less than 5 to less than 9 * Updated comment? * Updated yaml file * Comment update * Differentiate policy id vs implementation (#414) * Updated ReportDetails on tests to match patch results (#426) * Address Power Platform pilot comments and substantive changes in the baseline document Part 2 (#424) * power platform baseline doc refactor * address Grant's comments * forgot to update this header * consistent Policies header * Update Smoke Test to handle CAP (#418) * Fix CAP table check * Fix lint issue * update MS.AAD.7.6v1 to only check for global admin (#428) * Combine Sharepoint with OneDrive and address feedback from review period (#393) * draft update & merge of Sharepoint OneDrive * fixed policies wrong spelling * fixed note indent formatting * delete onedrive md file - have a combined file now * missing heading for some implementations * Added rationales for all policy items. * spelling errors and removed instructions comma * changed IDs to SHAREPOINT based on team vote * fixed duplicate ID in instructions --------- Co-authored-by: Addam Schroll <[email protected]> * Implement MS.AAD.3.1v1 phishing resistant mfa for all users (#433) * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * Initial drop of secure baseline automation (#336) * initial teams drop * Add markdown check * Fix spelling * Check action * Test Action * Check version * Fix Markdown test * Add path *.md * Update anchor func * Update AAD * WIP * WIP * WIP * WIP * WIP * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * WIP * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * initial teams drop * Update AAD * WIP * WIP * WIP * WIP * WIP * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * initial teams drop * Update AAD * WIP * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * Fix UT errors * Default baseline for testing * Updates based on review comments * Call Import-SecureBaseline once * Update for review comments * Review updates * Add help comment * remove unused import * Fix OPA check issues * fix opa tests action * Update action to test * Action update * Sum PS/Bug as Errors * Update darkmode colors * Fix UT after Rebase * Fix UT * Fix error log * Update UT for NewReport * Update link color --------- Co-authored-by: Andrew Huynh <[email protected]> Co-authored-by: Addam Schroll <[email protected]> Co-authored-by: Sloane4 <[email protected]> * Add quiet mode for invoke-scuba (#357) * Add quiet option * Invert Stance on Defender Preset Policies in Markdown (#355) * Inverted 2.1, removed applicable controls * Ironed out baselines for the using the preset policies * Minor wording updates to MS.DEFENDER.1.1v1 rationale * Minor wording updates to MS.DEFENDER.2.3v1 policy statement * Minor wording updates to MS.DEFENDER.2.3v1 rationale * Update to MS.DEFENDER.2.4v1 license restrictions in GCC high and DoD regions * Minor wording updates to MS.DEFENDER.3.1v1 rationale * Minor wording update to MS.DEFENDER.2.3v1 rationale * Minor wording change to Safe Attachments group text * Remove hyphen from Safe Attachments policy group title. * Added new policy item 1.1v1 and renumered others; added sensitive accounts language --------- Co-authored-by: Addam Schroll <[email protected]> Co-authored-by: Addam Schroll <[email protected]> * Substantiative changes to Sharepoint Baseline minus Rationale (#360) * Structural baseline updates (cleaned up) (#334) --------- * Split policies for testing purposes * Addition for github issue: Add a new SharePoint Guest sign in Policy #307 * Updated for github issue: Direct the user to save in policy implementation SharePoint #301 * Initial drop of secure baseline automation (#336) * initial teams drop * Add markdown check * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * initial teams drop * Update AAD * WIP * WIP * WIP * WIP * WIP * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * initial teams drop * Update AAD * WIP * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * Fix UT errors * Default baseline for testing * Updates based on review comments * Call Import-SecureBaseline once * Update for review comments * Review updates * Add help comment * remove unused import * Fix OPA check issues * fix opa tests action * Update action to test * Action update * Sum PS/Bug as Errors * Update darkmode colors * Fix UT after Rebase * Fix UT * Fix error log * Update UT for NewReport * Update link color --------- Co-authored-by: Andrew Huynh <[email protected]> Co-authored-by: Addam Schroll <[email protected]> Co-authored-by: Sloane4 <[email protected]> * Update for github issue Sharepoint 2.3 Sharing settings cannot be more restrictive than the tenant level #288 * Updat for github issue Update SharePoint Policy 2.4 Code #300 * Additional changes for #288 * Update with correct implementations * Update for github issue #303 * Added some rational & fixed policy numbers * Split policy 5 to improve setting check & report. * Updated for duplicates with onedrive * Add resource for details about reauthentication github issue #299 * Removed Should & Shall from intro paragraphs. * Split implementation for each policy item * Updated code to match baseline TODO Unit tests * Updated unit tests * Fixed policy 4 * Update commandlet for MS.SHAREPOINT.5.2v1 * Updated content style guide for new rego structure * Readded comments to MS.SHAREPOINT.5.2v1 * Baseline updated with requested fixes (addam) * Move updates to content style guide to new branch (not part of current scope) * Update ErrMsg for MS.SHAREPOINT.4 to be more readable --------- Co-authored-by: Andrew Huynh <[email protected]> Co-authored-by: Addam Schroll <[email protected]> Co-authored-by: Richard Crutchfield <[email protected]> * Fix test location file path (#367) * Enhanced smoke test - check for missing results (#356) * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * Initial drop of secure baseline automation (#336) * initial teams drop * Add markdown check * Fix spelling * Check action * Test Action * Check version * Fix Markdown test * Add path *.md * Update anchor func * Update AAD * WIP * WIP * WIP * WIP * WIP * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * WIP * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * initial teams drop * Update AAD * WIP * WIP * WIP * WIP * WIP * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * initial teams drop * Update AAD * WIP * Structural baseline updates (cleaned up) (#334) * Update aad.md all updates * Update defender.md all updates * Update exchange.md all updates * Rename exchange.md to exo.md * Update onedrive.md * Update powerbi.md all updates * Update powerplatform.md all updates * Update sharepoint.md all updates * Update teams.md all updates * Update baselines/defender.md good catch! Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/powerbi.md Co-authored-by: Addam Schroll <[email protected]> * Update baselines/aad.md Co-authored-by: Addam Schroll <[email protected]> * Update aad.md referenced old policy number * Update powerbi.md --------- Co-authored-by: Addam Schroll <[email protected]> * Fix UT errors * Default baseline for testing * Updates based on review comments * Call Import-SecureBaseline once * Update for review comments * Review updates * Add help comment * remove unused import * Fix OPA check issues * fix opa tests action * Update action to test * Action update * Sum PS/Bug as Errors * Update darkmode colors * Fix UT after Rebase * Fix UT * Fix error log * Update UT for NewReport * Update link color --------- Co-authored-by: Andrew Huynh <[email protected]> Co-authored-by: Addam Schroll <[email protected]> Co-authored-by: Sloane4 <[email protected]> * Check if missing reported * Change missing to warning * Fix UT for warning * Update Testing/Unit/PowerShell/CreateReport/New-Report.Tests.ps1 * Update Testing/Unit/PowerShell/CreateReport/New-Report.Tests.ps1 * Align with updated defender.md * Update to match defender --------- Co-authored-by: Andrew Huynh <[email protected]> Co-authored-by: Addam Schroll <[email protected]> Co-authored-by: Sloane4 <[email protected]> * One drive baseline (#370) * update onedrive baseline * remove should shall language * remove Configuring On-Premises Devices session at the end of the doc * Update wording for policy1 Co-authored-by: Addam Schroll <[email protected]> * Update policy 2 to keep consistency Co-authored-by: Addam Schroll <[email protected]> * Update wording for note Co-authored-by: Addam Schroll <[email protected]> * Spelling error fix Co-authored-by: Addam Schroll <[email protected]> * spelling fix Co-authored-by: Addam Schroll <[email protected]> * change name to match with sharepoint * Update onedrive.md remove MS.ONEDRIVE.3.1v1 because it is actually duplicate of policy MS.ONEDRIVE.1.1v1 @Sloane4 Might want to remove the reference in MS.SHAREPOINT.2.1v1 * Update onedrive.md revert changes --------- Co-authored-by: Addam Schroll <[email protected]> * DLP policy group additions and updates (#381) * Adjudicate Substantive AAD Baseline Comments (#379) * Updated to reflect phishing-resistant preferences * Updated to reflect phishing resistant pref'starting * Updates to AAD Policy 2.4 * Updates to aad policies * Updates to aad markdown * aad updates * aad baseline updates * aad baseline update (2.10) * aad baseline updates (removed 2.9) * updates to aad baseline (16.2) * aad 4.1 implementation updates * updates to aad 4 baseline policy implementations * Updates to aad policy 14 * updates to aad baseline * updates to aad.4.7v1 implementation * updates to aad.4.7v1 * Consolidated highly privileged user policies * fixes to aad.11.x * updates to policy 7 * Update to AAD 11 policy front matter (intro text) * updates to aad baseline * testing write to GitHub * backup of revisions 062223 * backup 062323 6:47 * backup 062623 --------- Co-authored-by: Ted Kolovos <[email protected]> * Added SharePoint to MS.DEFENDER.4.2v1 locations (#402) * Update aad scubagear code to align to revised baseline (#408) * Rearranged policies to match baseline updates * Added versioning for duplicate unit test title * Removed unused import * Updated MS.AAD.7.1v1 from less than 5 to less than 9 * Updated comment? * Updated yaml file * Comment update * Differentiate policy id vs implementation (#414) * WIP * Updated ReportDetails on tests to match patch results (#426) * Address Power Platform pilot comments and substantive changes in the baseline document Part 2 (#424) * power platform baseline doc refactor * address Grant's comments * forgot to update this header * consistent Policies header * wip * Implemented AAD 3.1 * WIP * wip * Implemented AAD 3.1 * Update Rego/AADConfig.rego * Update Smoke Test to handle CAP (#418) * Fix CAP table check * Fix lint issue * update MS.AAD.7.6v1 to only check for global admin (#428) * Combine Sharepoint with OneDrive and address feedback from review period (#393) * draft update & merge of Sharepoint OneDrive * fixed policies wrong spelling * fixed note indent formatting * delete onedrive md file - have a combined file now * missing heading for some implementations * Added rationales for all policy items. * spelling errors and removed instructions comma * changed IDs to SHAREPOINT based on team vote * fixed duplicate ID in instructions --------- Co-authored-by: Addam Schroll <[email protected]> * Adjudicate review comments * WIP * wip * Implemented AAD 3.1 * WIP * wip * Update Rego/AADConfig.rego * Adjudicate review comments --------- Co-authored-by: Andrew Huynh <[email protected]> Co-authored-by: Addam Schroll <[email protected]> Co-authored-by: Sloane4 <[email protected]> Co-authored-by: Alden Hilton <[email protected]> Co-authored-by: Addam Schroll <[email protected]> Co-authored-by: Cassandra Diaz <[email protected]> Co-authored-by: Dylan Gao <[email protected]> Co-authored-by: Shanti Satyapal <[email protected]> Co-authored-by: Ted Kolovos <[email protected]> Co-authored-by: David Bui <[email protected]> Co-authored-by: Ted Kolovos <[email protected]> * Implement AAD 3.4 --------- Co-authored-by: Andrew Huynh <[email protected]> Co-authored-by: Addam Schroll <[email protected]> Co-authored-by: Sloane4 <[email protected]> Co-authored-by: Alden Hilton <[email protected]> Co-authored-by: Addam Schroll <[email protected]> Co-authored-by: Cassandra Diaz <[email protected]> Co-authored-by: Dylan Gao <[email protected]> Co-authored-by: Shanti Satyapal <[email protected]> Co-authored-by: Ted Kolovos <[email protected]> Co-authored-by: David Bui <[email protected]> Co-authored-by: Ted Kolovos <[email protected]>
- Loading branch information
12 people
committed
Aug 23, 2023
1 parent
07ece9a
commit ab6e92d