diff --git a/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/ACSC Edge Hardening Guidelines.json b/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/ACSC Edge Hardening Guidelines.json index 79306b1..8c4fa36 100644 --- a/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/ACSC Edge Hardening Guidelines.json +++ b/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/ACSC Edge Hardening Guidelines.json @@ -1,6 +1,5 @@ { - "$description": "| What does this do? | Applies ACSC guidelines to Microsoft Edge browser security settings via Windows policy. |\n| Why should you use this? | Hardens the default configuration of Microsoft Edge to defend against web threats. |\n| What is the end-user impact? | Users may find some browser features restricted or disabled. |", - "$friendlyName": "ACSC Edge Hardening Guidelines", + "displayName": "ACSC Edge Hardening Guidelines", "assignments": [], "description": "", "expand": "assignments,settings", diff --git a/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/ACSC Windows Hardening Guidelines level 1.json b/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/ACSC Windows Hardening Guidelines level 1.json index e03e221..0f72b79 100644 --- a/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/ACSC Windows Hardening Guidelines level 1.json +++ b/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/ACSC Windows Hardening Guidelines level 1.json @@ -1,5 +1,5 @@ { - "$friendlyName": "M1 - ACSC Office Hardening Guidelines Level 1", + "displayName": "M1 - ACSC Office Hardening Guidelines Level 1", "@odata.type": "#microsoft.graph.deviceManagementConfigurationPolicy", "assignments": [], "description": "Level 1 - Block macros from the internet only", diff --git a/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/ACSC Windows Hardening Guidelines.json b/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/ACSC Windows Hardening Guidelines.json index d2f11e5..5f22955 100644 --- a/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/ACSC Windows Hardening Guidelines.json +++ b/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/ACSC Windows Hardening Guidelines.json @@ -1,6 +1,5 @@ { - "$description": "| What does this do? | Applies ACSC (Australian Cyber Security Centre) recommended Windows security configuration to devices in the All Office Users group. |\n| Why should you use this? | Ensures compliance with strong government-grade Windows security recommendations. |\n| What is the end-user impact? | Users may be prevented from changing security/compliance settings and experience additional controls. |\n| Learn more | [Essential Eight user application hardening](https://learn.microsoft.com/en-us/compliance/anz/e8-app-harden)|", - "$friendlyName": "ACSC Windows Hardening Guidelines", + "displayName": "ACSC Windows Hardening Guidelines", "assignments": [ { "source": "direct", diff --git a/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/All Macros Disabled.json b/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/All Macros Disabled.json index a117233..e9d905b 100644 --- a/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/All Macros Disabled.json +++ b/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/All Macros Disabled.json @@ -1,6 +1,5 @@ { - "$description": "| What does this do? | Disables all Office macros except for excluded users/groups, enhancing security against macro-based attacks. |\n| Why should you use this? | Reduces risk of malicious macro execution organization-wide. |\n| What is the end-user impact? | Only uses in the 'Allow macro execution - Trusted Publisher' group will be able to excute macros. |", - "$friendlyName": "All Macros Disabled", + "displayName": "All Macros Disabled", "assignments": [ { "source": "direct", diff --git a/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/Disable Internet Explorer.json b/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/Disable Internet Explorer.json index 6af50d3..dbf6152 100644 --- a/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/Disable Internet Explorer.json +++ b/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/Disable Internet Explorer.json @@ -1,6 +1,5 @@ { - "$description": "| What does this do? | Disables or blocks the use of Internet Explorer on Windows devices. |\n| Why should you use this? | Prevents use of an outdated and insecure browser within the organization. |\n| What is the end-user impact? | Users cannot launch or use Internet Explorer. |", - "$friendlyName": "Disable Internet Explorer", + "displayName": "Disable Internet Explorer", "assignments": [ { "source": "direct", diff --git a/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/Macros Enabled for Trusted Publishers.json b/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/Macros Enabled for Trusted Publishers.json index 90c60ef..4699c23 100644 --- a/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/Macros Enabled for Trusted Publishers.json +++ b/Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/Macros Enabled for Trusted Publishers.json @@ -1,6 +1,5 @@ { - "$description": "| What does this do? | Enables use of trusted Office macros for a defined group of users, blocks untrusted. |\n| Why should you use this? | Allows only digitally signed and organizationally approved macros to be executed. |\n| What is the end-user impact? | Users in the 'Allow macro execution - Trusted Publisher' group can use signed macros; others are blocked from execution. |\n| Learn more | [Adding a Certificate to Trusted Publishers using Microsoft Intune](https://techcommunity.microsoft.com/blog/intunecustomersuccess/adding-a-certificate-to-trusted-publishers-using-microsoft-intune/1974488#:%7E:text=To%20add%20a%20certificate%20to%20the%20Trusted%20Publishers,a%20new%2C%20custom%2C%20Windows%2010%20device%20configuration%20profile )|", - "$friendlyName": "Macros Enabled for Trusted Publishers", + "displayName": "Macros Enabled for Trusted Publishers", "assignments": [ { "source": "direct", diff --git a/Definitions/Content/MSGraph/DeviceManagement/DeviceCompliancePolicies/#microsoft.graph.macOSCompliancePolicy--MacOS - Latest version.json b/Definitions/Content/MSGraph/DeviceManagement/DeviceCompliancePolicies/#microsoft.graph.macOSCompliancePolicy--MacOS - Latest version.json index f168c4a..fbfede4 100644 --- a/Definitions/Content/MSGraph/DeviceManagement/DeviceCompliancePolicies/#microsoft.graph.macOSCompliancePolicy--MacOS - Latest version.json +++ b/Definitions/Content/MSGraph/DeviceManagement/DeviceCompliancePolicies/#microsoft.graph.macOSCompliancePolicy--MacOS - Latest version.json @@ -1,7 +1,6 @@ { + "displayName": "MacOS - Latest version", "@odata.type": "#microsoft.graph.macOSCompliancePolicy", - "$description": "| What does this do? | Defines compliance requirements and enforces a minimum operating system version for macOS devices. | Why should you use this? | This should be periodically updated so the latest release, or the previous release, of operating systems are used. Mandating up-to-date devices helps ensure that only secure, supported versions are used to access organizational resources, reducing risk from vulnerabilities. | What is the end-user impact? | Devices running unsupported or outdated versions of macOS may be restricted from accessing company data and may be required to update their OS to regain compliance and access.", - "$friendlyName": "MacOS - Latest version", "advancedThreatProtectionRequiredSecurityLevel": "unavailable", "assignments": [ { @@ -14,7 +13,6 @@ ], "deviceThreatProtectionEnabled": false, "deviceThreatProtectionRequiredSecurityLevel": "unavailable", - "displayName": "MacOS - Latest version", "expand": "assignments,scheduledActionsForRule($expand=scheduledActionConfigurations)", "firewallBlockAllIncoming": false, "firewallEnabled": false, @@ -41,4 +39,4 @@ ], "storageRequireEncryption": false, "systemIntegrityProtectionEnabled": false -} \ No newline at end of file +} diff --git a/Definitions/Content/MSGraph/DeviceManagement/DeviceCompliancePolicies/#microsoft.graph.windows10CompliancePolicy--Windows - Lastest version.json b/Definitions/Content/MSGraph/DeviceManagement/DeviceCompliancePolicies/#microsoft.graph.windows10CompliancePolicy--Windows - Lastest version.json index bb4f32b..f1e5993 100644 --- a/Definitions/Content/MSGraph/DeviceManagement/DeviceCompliancePolicies/#microsoft.graph.windows10CompliancePolicy--Windows - Lastest version.json +++ b/Definitions/Content/MSGraph/DeviceManagement/DeviceCompliancePolicies/#microsoft.graph.windows10CompliancePolicy--Windows - Lastest version.json @@ -1,7 +1,6 @@ { + "displayName": "Windows - Lastest version", "@odata.type": "#microsoft.graph.windows10CompliancePolicy", - "$description": "| What does this do? | Defines compliance requirements and enforces a minimum operating system version for Windows 10 devices. | Why should you use this? | This should be periodically updated so the latest release, or the previous release, of operating systems are used. Keeping devices updated protects against known vulnerabilities and ensures device security and compatibility with enterprise tools. | What is the end-user impact? | Users on non-compliant or unsupported versions of Windows may lose access to corporate resources until their devices are updated and brought back into compliance.", - "$friendlyName": "Windows - Lastest version", "activeFirewallRequired": false, "antiSpywareRequired": false, "antivirusRequired": false, @@ -20,7 +19,6 @@ "defenderEnabled": false, "deviceThreatProtectionEnabled": false, "deviceThreatProtectionRequiredSecurityLevel": "unavailable", - "displayName": "Windows - Lastest version", "earlyLaunchAntiMalwareDriverEnabled": false, "expand": "assignments,scheduledActionsForRule($expand=scheduledActionConfigurations)", "firmwareProtectionEnabled": false, @@ -55,4 +53,4 @@ "validOperatingSystemBuildRanges": [], "virtualizationBasedSecurityEnabled": false, "wslDistributions": [] -} \ No newline at end of file +} diff --git a/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsDeliveryOptimizationConfiguration--Production - Win11 - Delivery Optimization.json b/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsDeliveryOptimizationConfiguration--Production - Win11 - Delivery Optimization.json index 6572425..b67ef2e 100644 --- a/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsDeliveryOptimizationConfiguration--Production - Win11 - Delivery Optimization.json +++ b/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsDeliveryOptimizationConfiguration--Production - Win11 - Delivery Optimization.json @@ -1,13 +1,11 @@ { + "displayName": "Production - Win11 - Delivery Optimization", "@odata.type": "#microsoft.graph.windowsDeliveryOptimizationConfiguration", - "$description": "| What does this do? | Configures delivery optimization for Windows 11 updates, including peering and cache settings. |\n| Why should you use this? | Reduces WAN consumption and accelerates update delivery to endpoints by using peer-to-peer distribution and caching. |\n| What is the end-user impact? | Update downloads are faster and network-friendly. |", - "$friendlyName": "Production - Win11 - Delivery Optimization", "backgroundDownloadFromHttpDelayInSeconds": 60, "cacheServerBackgroundDownloadFallbackToHttpDelayInSeconds": 0, "cacheServerForegroundDownloadFallbackToHttpDelayInSeconds": 0, "cacheServerHostNames": [], "deliveryOptimizationMode": "httpWithPeeringNat", - "displayName": "Production - Win11 - Delivery Optimization", "foregroundDownloadFromHttpDelayInSeconds": 60, "maximumCacheAgeInDays": 7, "minimumBatteryPercentageAllowedToUpload": 60, @@ -19,4 +17,4 @@ "${urn:resource:MSGraph:DeviceManagement:RoleScopeTags/Default?id}" ], "vpnPeerCaching": "disabled" -} \ No newline at end of file +} diff --git a/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Broad Ring - Install updates after 7 days.json b/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Broad Ring - Install updates after 7 days.json index 873264d..d04aad3 100644 --- a/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Broad Ring - Install updates after 7 days.json +++ b/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Broad Ring - Install updates after 7 days.json @@ -1,7 +1,6 @@ { + "displayName": "Broad Ring - Install updates after 7 days", "@odata.type": "#microsoft.graph.windowsUpdateForBusinessConfiguration", - "$description": "| What does this do? | Assigns broad population devices to a ring that installs updates after 7 days, following pilot and test deployment groups. |\n| Why should you use this? | Provides lag time for update validation and rollback in response to issues. |\n| What is the end-user impact? | Updates are delayed, reducing risk of mass issues. |\n| Learn more | [Configure Windows Update for business rings](https://learn.microsoft.com/en-us/compliance/anz/e8-patchos-configure-wufb-rings) |", - "$friendlyName": "Broad Ring - Install updates after 7 days", "$name": "#microsoft.graph.windowsUpdateForBusinessConfiguration--Broad Ring - Install updates after 7 days", "allowWindows11Upgrade": false, "automaticUpdateMode": "autoInstallAtMaintenanceTime", @@ -12,7 +11,6 @@ "deadlineGracePeriodInDays": 2, "deliveryOptimizationMode": "userDefined", "description": "", - "displayName": "Broad Ring - Install updates after 7 days", "driversExcluded": false, "featureUpdatesDeferralPeriodInDays": 60, "featureUpdatesPaused": false, @@ -38,4 +36,4 @@ "updateNotificationLevel": "defaultNotifications", "userPauseAccess": "disabled", "userWindowsUpdateScanAccess": "enabled" -} \ No newline at end of file +} diff --git a/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Critical Ring - Install updates after 10 days.json b/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Critical Ring - Install updates after 10 days.json index e3c195c..80fbb0a 100644 --- a/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Critical Ring - Install updates after 10 days.json +++ b/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Critical Ring - Install updates after 10 days.json @@ -1,7 +1,6 @@ { + "displayName": "Critical Ring - Install updates after 10 days", "@odata.type": "#microsoft.graph.windowsUpdateForBusinessConfiguration", - "$description": "| What does this do? | Defines the Critical Ring for Windows Updates assignments. |\n| Why should you use this? | Assigns business-critical devices to a ring that receives updates at a time appropriate for stability and minimum interruption. |\n| What is the end-user impact? | Updates are deployed with a critical business rhythm in mind. |\n| Learn more | [Configure Windows Update for business rings](https://learn.microsoft.com/en-us/compliance/anz/e8-patchos-configure-wufb-rings) |", - "$friendlyName": "Critical Ring - Install updates after 10 days", "$name": "#microsoft.graph.windowsUpdateForBusinessConfiguration--Critical Ring - Install updates after 10 days", "allowWindows11Upgrade": false, "automaticUpdateMode": "autoInstallAtMaintenanceTime", @@ -12,7 +11,6 @@ "deadlineGracePeriodInDays": 2, "deliveryOptimizationMode": "userDefined", "description": "", - "displayName": "Critical Ring - Install updates after 10 days", "driversExcluded": false, "featureUpdatesDeferralPeriodInDays": 60, "featureUpdatesPaused": false, @@ -38,4 +36,4 @@ "updateNotificationLevel": "defaultNotifications", "userPauseAccess": "disabled", "userWindowsUpdateScanAccess": "enabled" -} \ No newline at end of file +} diff --git a/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Fast Ring - Install updates after 4 days.json b/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Fast Ring - Install updates after 4 days.json index 911799e..2aec2c0 100644 --- a/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Fast Ring - Install updates after 4 days.json +++ b/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Fast Ring - Install updates after 4 days.json @@ -1,7 +1,6 @@ { + "displayName": "Fast Ring - Install updates after 4 days", "@odata.type": "#microsoft.graph.windowsUpdateForBusinessConfiguration", - "$description": "| What does this do? | Defines the Fast Ring assignment for Windows Updates. |\n| Why should you use this? | Assigns select devices to receive updates before the majority, but after Test/Pilot. |\n| What is the end-user impact? | Devices in this group may see updates sooner, and act as an additional validation tier. |\n| Learn more | [Configure Windows Update for business rings](https://learn.microsoft.com/en-us/compliance/anz/e8-patchos-configure-wufb-rings) |", - "$friendlyName": "Fast Ring - Install updates after 4 days", "$name": "#microsoft.graph.windowsUpdateForBusinessConfiguration--Fast Ring - Install updates after 4 days", "allowWindows11Upgrade": false, "automaticUpdateMode": "autoInstallAtMaintenanceTime", @@ -12,7 +11,6 @@ "deadlineGracePeriodInDays": 2, "deliveryOptimizationMode": "userDefined", "description": "", - "displayName": "Fast Ring - Install updates after 4 days", "driversExcluded": false, "featureUpdatesDeferralPeriodInDays": 30, "featureUpdatesPaused": false, @@ -38,4 +36,4 @@ "updateNotificationLevel": "defaultNotifications", "userPauseAccess": "disabled", "userWindowsUpdateScanAccess": "enabled" -} \ No newline at end of file +} diff --git a/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Pilot Ring - Install updates after 2 days.json b/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Pilot Ring - Install updates after 2 days.json index 8802195..55fe059 100644 --- a/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Pilot Ring - Install updates after 2 days.json +++ b/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Pilot Ring - Install updates after 2 days.json @@ -1,7 +1,6 @@ { + "displayName": "Pilot Ring - Install updates after 2 days", "@odata.type": "#microsoft.graph.windowsUpdateForBusinessConfiguration", - "$description": "| What does this do? | Defines the Pilot Ring for Windows Updates assignments. |\n| Why should you use this? | Assigns devices for early deployment to validate update deployment in your environment. |\n| What is the end-user impact? | These workstations receive updates soon after the Test Ring. |\n| Learn more | [Configure Windows Update for business rings](https://learn.microsoft.com/en-us/compliance/anz/e8-patchos-configure-wufb-rings) |", - "$friendlyName": "Pilot Ring - Install updates after 2 days", "$name": "#microsoft.graph.windowsUpdateForBusinessConfiguration--Pilot Ring - Install updates after 2 days", "allowWindows11Upgrade": false, "automaticUpdateMode": "autoInstallAtMaintenanceTime", @@ -12,7 +11,6 @@ "deadlineGracePeriodInDays": 2, "deliveryOptimizationMode": "userDefined", "description": "", - "displayName": "Pilot Ring - Install updates after 2 days", "driversExcluded": false, "featureUpdatesDeferralPeriodInDays": 10, "featureUpdatesPaused": false, @@ -38,4 +36,4 @@ "updateNotificationLevel": "defaultNotifications", "userPauseAccess": "disabled", "userWindowsUpdateScanAccess": "enabled" -} \ No newline at end of file +} diff --git a/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Test Ring - Install updates immediately.json b/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Test Ring - Install updates immediately.json index e867b11..365beac 100644 --- a/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Test Ring - Install updates immediately.json +++ b/Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Test Ring - Install updates immediately.json @@ -1,7 +1,6 @@ { + "displayName": "Test Ring - Install updates immediately", "@odata.type": "#microsoft.graph.windowsUpdateForBusinessConfiguration", - "$description": "| What does this do? | Defines the Test Ring for Windows Updates assignments. |\n| Why should you use this? | Assigns devices to the Test Ring for early deployment and testing of Windows and security updates. |\n| What is the end-user impact? | Devices in this group receive updates first and may encounter issues sooner. |\n| Learn more | [Configure Windows Update for business rings](https://learn.microsoft.com/en-us/compliance/anz/e8-patchos-configure-wufb-rings) |", - "$friendlyName": "Test Ring - Install updates immediately", "$name": "#microsoft.graph.windowsUpdateForBusinessConfiguration--Test Ring - Install updates immediately", "allowWindows11Upgrade": false, "automaticUpdateMode": "autoInstallAndRebootWithoutEndUserControl", @@ -12,7 +11,6 @@ "deadlineGracePeriodInDays": 0, "deliveryOptimizationMode": "userDefined", "description": "", - "displayName": "Test Ring - Install updates immediately", "driversExcluded": false, "featureUpdatesDeferralPeriodInDays": 0, "featureUpdatesPaused": false, @@ -33,4 +31,4 @@ "updateNotificationLevel": "defaultNotifications", "userPauseAccess": "disabled", "userWindowsUpdateScanAccess": "enabled" -} \ No newline at end of file +} diff --git a/Definitions/Content/MSGraph/DeviceManagement/DeviceManagementScripts/Office Macro Hardening - Prevent Activation of OLE.json b/Definitions/Content/MSGraph/DeviceManagement/DeviceManagementScripts/Office Macro Hardening - Prevent Activation of OLE.json index 5931559..6027c25 100644 --- a/Definitions/Content/MSGraph/DeviceManagement/DeviceManagementScripts/Office Macro Hardening - Prevent Activation of OLE.json +++ b/Definitions/Content/MSGraph/DeviceManagement/DeviceManagementScripts/Office Macro Hardening - Prevent Activation of OLE.json @@ -1,6 +1,5 @@ { - "$description": "| What does this do? | Prevents users from activating OLE packages in Office Macros, reducing risk of embedded object attacks. |\n| Why should you use this? | Hardens macro security by disabling common attack vectors. |\n| What is the end-user impact? | Users will be unable to launch OLE packages from macros. |", - "$friendlyName": "Office Macro Hardening - Prevent Activation of OLE", + "displayName": "Office Macro Hardening - Prevent Activation of OLE", "assignments": [ { "target": { diff --git a/Definitions/Content/MSGraph/DeviceManagement/DeviceManagementScripts/User Application Hardening Remove Features.json b/Definitions/Content/MSGraph/DeviceManagement/DeviceManagementScripts/User Application Hardening Remove Features.json index 1e6592e..a3ce66f 100644 --- a/Definitions/Content/MSGraph/DeviceManagement/DeviceManagementScripts/User Application Hardening Remove Features.json +++ b/Definitions/Content/MSGraph/DeviceManagement/DeviceManagementScripts/User Application Hardening Remove Features.json @@ -1,6 +1,5 @@ { - "$description": "| What does this do? | Disables legacy or insecure features, such as PowerShell 2.0, Internet Explorer, and .NET 3.5 on targeted Windows devices. |\n| Why should you use this? | Reduces attack surface by removing components with known vulnerabilities. |\n| What is the end-user impact? | Users cannot use older, less secure Windows features. |", - "$friendlyName": "User Application Hardening Remove Features", + "displayName": "User Application Hardening Remove Features", "assignments": [], "description": "", "enforceSignatureCheck": false, diff --git a/Definitions/Content/MSGraph/DeviceManagement/RoleScopeTags/Default.json b/Definitions/Content/MSGraph/DeviceManagement/RoleScopeTags/Default.json index 5babe90..4b3e73f 100644 --- a/Definitions/Content/MSGraph/DeviceManagement/RoleScopeTags/Default.json +++ b/Definitions/Content/MSGraph/DeviceManagement/RoleScopeTags/Default.json @@ -1,4 +1,3 @@ { - "$description": "Default Role Scope Tag. This will exist by default on all Intune entities whenever a user defined Role Scope Tag is not present.", - "$friendlyName": "Default" + "displayName": "Default" } \ No newline at end of file diff --git a/Definitions/Content/MSGraph/DeviceManagement/Templates/#microsoft.graph.securityBaselineTemplate--Attack surface reduction rules.json b/Definitions/Content/MSGraph/DeviceManagement/Templates/#microsoft.graph.securityBaselineTemplate--Attack surface reduction rules.json index 343a2c2..850e168 100644 --- a/Definitions/Content/MSGraph/DeviceManagement/Templates/#microsoft.graph.securityBaselineTemplate--Attack surface reduction rules.json +++ b/Definitions/Content/MSGraph/DeviceManagement/Templates/#microsoft.graph.securityBaselineTemplate--Attack surface reduction rules.json @@ -1,8 +1,6 @@ { - "@odata.type": "#microsoft.graph.securityBaselineTemplate", - "$description": "| What does this do? | Defines and enforces attack surface reduction (ASR) rules to limit behaviors commonly used by malware and malicious apps, such as restricting suspicious scripts and executable content in Office apps or web mail. |\n| Why should you use this? | Attack surface reduction rules proactively block and reduce common exploitation avenues used by threat actors, helping to prevent infection and unauthorized code execution in your environment. |\n| What is the end-user impact? | Users may find certain file downloads, scripts, or macros blocked in Office and email applications, and suspicious or non-standard behaviors may be prevented. Some legitimate actions may require approval or adjustment to comply with security rules. |\n| Learn more | [Attack surface reduction rules](https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/attack-surface-reduction?view=o365-worldwide) |", - "$friendlyName": "Attack surface reduction rules", "displayName": "Attack surface reduction rules", + "@odata.type": "#microsoft.graph.securityBaselineTemplate", "intentCount": 1, "isDeprecated": false, "platformType": "windows10AndLater", @@ -10,4 +8,4 @@ "templateSubtype": "attackSurfaceReduction", "templateType": "securityTemplate", "versionInfo": "2009" -} \ No newline at end of file +} diff --git a/Definitions/Content/MSGraph/DeviceManagement/WindowsDriverUpdateProfiles/Windows Driver Updates.json b/Definitions/Content/MSGraph/DeviceManagement/WindowsDriverUpdateProfiles/Windows Driver Updates.json index 90ac4c2..d5d2323 100644 --- a/Definitions/Content/MSGraph/DeviceManagement/WindowsDriverUpdateProfiles/Windows Driver Updates.json +++ b/Definitions/Content/MSGraph/DeviceManagement/WindowsDriverUpdateProfiles/Windows Driver Updates.json @@ -1,6 +1,5 @@ { - "$description": "| What does this do? | Defines driver update deployment policy for all corporate Windows devices. |\n| Why should you use this? | Ensures timely driver updates for stability and security across your device fleet. |\n| What is the end-user impact? | Users receive drivers automatically with minimal delay. |", - "$friendlyName": "Windows Driver Updates", + "displayName": "Windows Driver Updates", "approvalType": "automatic", "assignments": [ { diff --git a/Definitions/Content/MSGraph/Groups/All Office Users.json b/Definitions/Content/MSGraph/Groups/All Office Users.json index e4ca431..d5e6be0 100644 --- a/Definitions/Content/MSGraph/Groups/All Office Users.json +++ b/Definitions/Content/MSGraph/Groups/All Office Users.json @@ -1,5 +1,5 @@ { - "$friendlyName": "All Office Users", + "displayName": "All Office Users", "groupTypes": [], "infoCatalogs": [], "mailEnabled": false, diff --git a/Definitions/Content/MSGraph/Groups/Allow macro execution - Trusted Publisher.json b/Definitions/Content/MSGraph/Groups/Allow macro execution - Trusted Publisher.json index 28fd75c..46bbcf7 100644 --- a/Definitions/Content/MSGraph/Groups/Allow macro execution - Trusted Publisher.json +++ b/Definitions/Content/MSGraph/Groups/Allow macro execution - Trusted Publisher.json @@ -1,5 +1,5 @@ { - "$friendlyName": "Allow macro execution - Trusted Publisher", + "displayName": "Allow macro execution - Trusted Publisher", "groupTypes": [], "infoCatalogs": [], "mailEnabled": false, diff --git a/Definitions/Content/MSGraph/Groups/Baseline - PIM Approvers.json b/Definitions/Content/MSGraph/Groups/Baseline - PIM Approvers.json index a650d6d..caaafdb 100644 --- a/Definitions/Content/MSGraph/Groups/Baseline - PIM Approvers.json +++ b/Definitions/Content/MSGraph/Groups/Baseline - PIM Approvers.json @@ -1,6 +1,5 @@ { - "$description": "| What does this do? | Creates a manually assigned group whose members are allowed to approve PIM request for activiating the Global Administrator Role. |\n| Why should you use this? | To have a formal group that approvers for users elevating their priviledges temporarily. |\n| What is the end-user impact? | Users in this group will be able approve Privileged Identity Management Request for the Global Admin Role |\n| Learn more | [Plan a Privileged Identity Management Deployment]( https://learn.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-deployment-plan)|", - "$friendlyName": "Baseline - PIM Approvers", + "displayName": "Baseline - PIM Approvers", "groupTypes": [], "infoCatalogs": [], "mailEnabled": false, diff --git a/Definitions/Content/MSGraph/Groups/Corporate Devices.json b/Definitions/Content/MSGraph/Groups/Corporate Devices.json index bf8c87d..8d007ab 100644 --- a/Definitions/Content/MSGraph/Groups/Corporate Devices.json +++ b/Definitions/Content/MSGraph/Groups/Corporate Devices.json @@ -1,6 +1,5 @@ { - "$description": "| What does this do? | Creates a group that includes all corporate devices regardless if they are virtual or physical. |\n| Why should you use this? | This group can be used to assign Intune configurations that should apply to all devices. |\n| What is the end-user impact? | N/A |\n| Learn more | N/A |", - "$friendlyName": "Corporate Devices", + "displayName": "Corporate Devices", "groupTypes": [ "DynamicMembership" ], diff --git a/Definitions/Content/MSGraph/Identity/ConditionalAccess/AuthenticationStrength/Policies/Essential 8 Maturity level 1.json b/Definitions/Content/MSGraph/Identity/ConditionalAccess/AuthenticationStrength/Policies/Essential 8 Maturity level 1.json index edb47a3..3ec505f 100644 --- a/Definitions/Content/MSGraph/Identity/ConditionalAccess/AuthenticationStrength/Policies/Essential 8 Maturity level 1.json +++ b/Definitions/Content/MSGraph/Identity/ConditionalAccess/AuthenticationStrength/Policies/Essential 8 Maturity level 1.json @@ -1,5 +1,5 @@ { - "$friendlyName": "Essential 8 Maturity level 1", + "displayName": "Essential 8 Maturity level 1", "allowedCombinations": [ "deviceBasedPush", "federatedMultiFactor", diff --git a/Definitions/Content/MSGraph/Identity/ConditionalAccess/AuthenticationStrength/Policies/Essential 8 Maturity level 2,3.json b/Definitions/Content/MSGraph/Identity/ConditionalAccess/AuthenticationStrength/Policies/Essential 8 Maturity level 2,3.json index 12bdb92..9ee62c5 100644 --- a/Definitions/Content/MSGraph/Identity/ConditionalAccess/AuthenticationStrength/Policies/Essential 8 Maturity level 2,3.json +++ b/Definitions/Content/MSGraph/Identity/ConditionalAccess/AuthenticationStrength/Policies/Essential 8 Maturity level 2,3.json @@ -1,5 +1,5 @@ { - "$friendlyName": "Essential 8 Maturity level 2,3", + "displayName": "Essential 8 Maturity level 2,3", "allowedCombinations": [ "fido2", "temporaryAccessPassMultiUse", diff --git a/Definitions/Content/MSGraph/Identity/ConditionalAccess/Policies/ACSC Essential Eight MFA - Maturity Level 1.json b/Definitions/Content/MSGraph/Identity/ConditionalAccess/Policies/ACSC Essential Eight MFA - Maturity Level 1.json index 9cf881c..1279d6d 100644 --- a/Definitions/Content/MSGraph/Identity/ConditionalAccess/Policies/ACSC Essential Eight MFA - Maturity Level 1.json +++ b/Definitions/Content/MSGraph/Identity/ConditionalAccess/Policies/ACSC Essential Eight MFA - Maturity Level 1.json @@ -1,7 +1,6 @@ { + "displayName": "ACSC Essential Eight MFA - Maturity Level 1", "@odata.type": "#microsoft.graph.conditionalAccessPolicy", - "$description": "| What does this do? | **This policy is in Report Only mode. Before enabaling, all accounts should hvae completed MFA regisration. Consider excluding break glass accounts. This must be enabled to be compilant with Essential 8** Implements ACSC Essential Eight Maturity Level 1 multi-factor authentication requirements across all users. |\n| Why should you use this? | Ensures compliance with ACSC Essential Eight guidelines for basic MFA. |\n| What is the end-user impact? | All users included in the policy must use at least one of the allowed combinations for MFA. |", - "$friendlyName": "ACSC Essential Eight MFA - Maturity Level 1", "$name": "ACSC Essential Eight MFA - Maturity Level 1", "conditions": { "applications": { @@ -38,4 +37,4 @@ "termsOfUse": [] }, "state": "enabledForReportingButNotEnforced" -} \ No newline at end of file +} diff --git a/Definitions/Content/MSGraph/Identity/ConditionalAccess/Policies/ACSC Essential Eight MFA - Maturity Level 2 & 3.json b/Definitions/Content/MSGraph/Identity/ConditionalAccess/Policies/ACSC Essential Eight MFA - Maturity Level 2 & 3.json index dcd0184..ca92ea1 100644 --- a/Definitions/Content/MSGraph/Identity/ConditionalAccess/Policies/ACSC Essential Eight MFA - Maturity Level 2 & 3.json +++ b/Definitions/Content/MSGraph/Identity/ConditionalAccess/Policies/ACSC Essential Eight MFA - Maturity Level 2 & 3.json @@ -1,7 +1,6 @@ { + "displayName": "ACSC Essential Eight MFA - Maturity Level 2 & 3", "@odata.type": "#microsoft.graph.conditionalAccessPolicy", - "$description": "| What does this do? | **This policy is in Report Only mode. Before enabaling, all accounts should hvae completed MFA regisration. Consider excluding break glass accounts. This must be enabled to be compilant with Essential 8** Implements ACSC Essential Eight Maturity Level 2 & 3 multi-factor authentication requirements across all users. |\n| Why should you use this? | Ensures compliance with ACSC Essential Eight guidelines for higher-level MFA. |\n| What is the end-user impact? | All users included in the policy must use only the allowed combinations for MFA at this higher maturity level. |\n| Learn more | [ACSC Essential Eight](https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/essential-eight) |", - "$friendlyName": "ACSC Essential Eight MFA - Maturity Level 2 & 3", "$name": "ACSC Essential Eight MFA - Maturity Level 2 & 3", "conditions": { "applications": { @@ -38,4 +37,4 @@ "termsOfUse": [] }, "state": "enabledForReportingButNotEnforced" -} \ No newline at end of file +} diff --git a/Definitions/Content/MSGraph/Policies/AuthenticationMethodsPolicy/AuthenticationMethodConfigurations/fido2.json b/Definitions/Content/MSGraph/Policies/AuthenticationMethodsPolicy/AuthenticationMethodConfigurations/fido2.json index 9e524a8..1faffab 100644 --- a/Definitions/Content/MSGraph/Policies/AuthenticationMethodsPolicy/AuthenticationMethodConfigurations/fido2.json +++ b/Definitions/Content/MSGraph/Policies/AuthenticationMethodsPolicy/AuthenticationMethodConfigurations/fido2.json @@ -1,7 +1,6 @@ { + "displayName": "fido2", "@odata.type": "#microsoft.graph.fido2AuthenticationMethodConfiguration", - "$description": "| What does this do? | Configures FIDO2 authentication method for users in the tenant. |\n| Why should you use this? | Allows secure, passwordless sign-in experiences via FIDO2-compliant devices. |\n| What is the end-user impact? | Users can register and use FIDO2 devices for authentication. |", - "$friendlyName": "fido2", "excludeTargets": [], "includeTargets": [ { @@ -19,4 +18,4 @@ "isEnforced": false }, "state": "enabled" -} \ No newline at end of file +} diff --git a/Definitions/Content/MSGraph/Policies/AuthenticationMethodsPolicy/AuthenticationMethodConfigurations/microsoftAuthenticator.json b/Definitions/Content/MSGraph/Policies/AuthenticationMethodsPolicy/AuthenticationMethodConfigurations/microsoftAuthenticator.json index 946657d..e3fef60 100644 --- a/Definitions/Content/MSGraph/Policies/AuthenticationMethodsPolicy/AuthenticationMethodConfigurations/microsoftAuthenticator.json +++ b/Definitions/Content/MSGraph/Policies/AuthenticationMethodsPolicy/AuthenticationMethodConfigurations/microsoftAuthenticator.json @@ -1,6 +1,5 @@ { - "$description": "| What does this do? | Ensures Microsoft Authenticator is configured to protect against MFA fatigue. |\n| Why should you use this? | Enhances the configuration of the Microsoft Authenticator to use number matching and provide additional context to users. |\n| What is the end-user impact? | User education is required. |\n| Learn more | [How to MFA number match](https://learn.microsoft.com/en-us/azure/active-directory/authentication/how-to-mfa-number-match) |", - "$friendlyName": "microsoftAuthenticator", + "displayName": "microsoftAuthenticator", "@odata.type": "#microsoft.graph.microsoftAuthenticatorAuthenticationMethodConfiguration", "excludeTargets": [], "featureSettings": { diff --git a/Definitions/Content/MSGraph/Policies/AuthenticationMethodsPolicy/AuthenticationMethodConfigurations/temporaryAccessPass.json b/Definitions/Content/MSGraph/Policies/AuthenticationMethodsPolicy/AuthenticationMethodConfigurations/temporaryAccessPass.json index f2098dc..f6a304b 100644 --- a/Definitions/Content/MSGraph/Policies/AuthenticationMethodsPolicy/AuthenticationMethodConfigurations/temporaryAccessPass.json +++ b/Definitions/Content/MSGraph/Policies/AuthenticationMethodsPolicy/AuthenticationMethodConfigurations/temporaryAccessPass.json @@ -1,7 +1,6 @@ { + "displayName": "temporaryAccessPass", "@odata.type": "#microsoft.graph.temporaryAccessPassAuthenticationMethodConfiguration", - "$description": "| What does this do? | Enables Temporary Access Pass (TAP) authentication for users. TAP is not a phishing resistant authentication method, however it is required to bootstrap a user's access to set up a permitted authentication method. |\n| Why should you use this? | Allows users to register additional authentication methods or access their account when locked out of other factors. |\n| What is the end-user impact? | Users can use TAP as a temporary MFA factor to regain or bootstrap access. |", - "$friendlyName": "temporaryAccessPass", "defaultLength": 8, "defaultLifetimeInMinutes": 60, "excludeTargets": [], @@ -17,4 +16,4 @@ "maximumLifetimeInMinutes": 480, "minimumLifetimeInMinutes": 60, "state": "enabled" -} \ No newline at end of file +} diff --git a/Definitions/Content/MSGraph/Policies/AuthenticationMethodsPolicy/AuthenticationMethodConfigurations/x509Certificate.json b/Definitions/Content/MSGraph/Policies/AuthenticationMethodsPolicy/AuthenticationMethodConfigurations/x509Certificate.json index ba6f3c0..b44bf82 100644 --- a/Definitions/Content/MSGraph/Policies/AuthenticationMethodsPolicy/AuthenticationMethodConfigurations/x509Certificate.json +++ b/Definitions/Content/MSGraph/Policies/AuthenticationMethodsPolicy/AuthenticationMethodConfigurations/x509Certificate.json @@ -1,7 +1,6 @@ { + "displayName": "x509Certificate", "@odata.type": "#microsoft.graph.x509CertificateAuthenticationMethodConfiguration", - "$description": "| What does this do? | Enables and configures certificate-based authentication for all users. |\n| Why should you use this? | Supports secure authentication using x509 digital certificates. |\n| What is the end-user impact? | Users can use certificates to authenticate to Microsoft services. |", - "$friendlyName": "x509Certificate", "authenticationModeConfiguration": { "rules": [], "x509CertificateAuthenticationDefaultMode": "x509CertificateSingleFactor", @@ -40,4 +39,4 @@ "state": "disabled" }, "state": "enabled" -} \ No newline at end of file +} diff --git a/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Global Administrator.json b/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Global Administrator.json index 0dfbbb5..b67c004 100644 --- a/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Global Administrator.json +++ b/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Global Administrator.json @@ -1,4 +1,4 @@ { - "$friendlyName": "Global Administrator", + "displayName": "Global Administrator", "roleDefinitionId": "${urn:resource:MSGraph:RoleManagement:Directory:RoleDefinitions/Global Administrator?id}" } \ No newline at end of file diff --git a/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Identity Governance Administrator.json b/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Identity Governance Administrator.json index 22bb938..ccb504d 100644 --- a/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Identity Governance Administrator.json +++ b/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Identity Governance Administrator.json @@ -1,4 +1,4 @@ { - "$friendlyName": "Identity Governance Administrator", + "displayName": "Identity Governance Administrator", "roleDefinitionId": "${urn:resource:MSGraph:RoleManagement:Directory:RoleDefinitions/Identity Governance Administrator?id}" } \ No newline at end of file diff --git a/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Intune Administrator.json b/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Intune Administrator.json index 9d0715a..f66a704 100644 --- a/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Intune Administrator.json +++ b/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Intune Administrator.json @@ -1,4 +1,4 @@ { - "$friendlyName": "Intune Administrator", + "displayName": "Intune Administrator", "roleDefinitionId": "${urn:resource:MSGraph:RoleManagement:Directory:RoleDefinitions/Intune Administrator?id}" } \ No newline at end of file diff --git a/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Privileged Role Administrator.json b/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Privileged Role Administrator.json index 9f4bbc1..4ec25df 100644 --- a/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Privileged Role Administrator.json +++ b/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Privileged Role Administrator.json @@ -1,4 +1,4 @@ { - "$friendlyName": "Privileged Role Administrator", + "displayName": "Privileged Role Administrator", "roleDefinitionId": "${urn:resource:MSGraph:RoleManagement:Directory:RoleDefinitions/Privileged Role Administrator?id}" } \ No newline at end of file diff --git a/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Rules/#microsoft.graph.unifiedRoleManagementPolicyApprovalRule--${urn%3Aresource%3AMSGraph%3APolicies%3ARoleManagementPolicies%2FGlobal Administrator%3Fid}--Approval_EndUser_Assignment.json b/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Rules/#microsoft.graph.unifiedRoleManagementPolicyApprovalRule--${urn%3Aresource%3AMSGraph%3APolicies%3ARoleManagementPolicies%2FGlobal Administrator%3Fid}--Approval_EndUser_Assignment.json index 476eb3f..e40833c 100644 --- a/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Rules/#microsoft.graph.unifiedRoleManagementPolicyApprovalRule--${urn%3Aresource%3AMSGraph%3APolicies%3ARoleManagementPolicies%2FGlobal Administrator%3Fid}--Approval_EndUser_Assignment.json +++ b/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Rules/#microsoft.graph.unifiedRoleManagementPolicyApprovalRule--${urn%3Aresource%3AMSGraph%3APolicies%3ARoleManagementPolicies%2FGlobal Administrator%3Fid}--Approval_EndUser_Assignment.json @@ -1,6 +1,6 @@ { + "displayName": "Global Administrator--Approval_EndUser_Assignment", "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyApprovalRule", - "$friendlyName": "Global Administrator--Approval_EndUser_Assignment", "$name": "#microsoft.graph.unifiedRoleManagementPolicyApprovalRule--${urn:resource:MSGraph:Policies:RoleManagementPolicies/Global Administrator?id}--Approval_EndUser_Assignment", "id": "Approval_EndUser_Assignment", "setting": { @@ -35,4 +35,4 @@ ] }, "unifiedRoleManagementPolicy-id": "${urn:resource:MSGraph:Policies:RoleManagementPolicies/Global Administrator?id}" -} \ No newline at end of file +} diff --git a/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Security Administrator.json b/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Security Administrator.json index 949a4f8..1556b73 100644 --- a/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Security Administrator.json +++ b/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/Security Administrator.json @@ -1,4 +1,4 @@ { - "$friendlyName": "Security Administrator", + "displayName": "Security Administrator", "roleDefinitionId": "${urn:resource:MSGraph:RoleManagement:Directory:RoleDefinitions/Security Administrator?id}" } \ No newline at end of file diff --git a/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/User Administrator.json b/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/User Administrator.json index fb99b8b..b4f308e 100644 --- a/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/User Administrator.json +++ b/Definitions/Content/MSGraph/Policies/RoleManagementPolicies/User Administrator.json @@ -1,4 +1,4 @@ { - "$friendlyName": "User Administrator", + "displayName": "User Administrator", "roleDefinitionId": "${urn:resource:MSGraph:RoleManagement:Directory:RoleDefinitions/User Administrator?id}" } \ No newline at end of file diff --git a/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/Global Administrator.json b/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/Global Administrator.json index 356c2b4..76dc548 100644 --- a/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/Global Administrator.json +++ b/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/Global Administrator.json @@ -1,6 +1,5 @@ { - "$description": "Can manage all aspects of Microsoft Entra ID and Microsoft services that use Microsoft Entra identities.", - "$friendlyName": "Global Administrator", + "displayName": "Global Administrator", "isEnabled": true, "resourceScopes": [ "/" diff --git a/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/Identity Governance Administrator.json b/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/Identity Governance Administrator.json index 4ab44a9..aa305a1 100644 --- a/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/Identity Governance Administrator.json +++ b/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/Identity Governance Administrator.json @@ -1,6 +1,5 @@ { - "$description": "Manage access using Microsoft Entra ID for identity governance scenarios.", - "$friendlyName": "Identity Governance Administrator", + "displayName": "Identity Governance Administrator", "isEnabled": true, "resourceScopes": [ "/" diff --git a/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/Intune Administrator.json b/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/Intune Administrator.json index a502519..de3c0e3 100644 --- a/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/Intune Administrator.json +++ b/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/Intune Administrator.json @@ -1,6 +1,5 @@ { - "$description": "Can manage all aspects of the Intune product.", - "$friendlyName": "Intune Administrator", + "displayName": "Intune Administrator", "isEnabled": true, "resourceScopes": [ "/" diff --git a/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/Privileged Role Administrator.json b/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/Privileged Role Administrator.json index 59ef87b..4f05c93 100644 --- a/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/Privileged Role Administrator.json +++ b/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/Privileged Role Administrator.json @@ -1,6 +1,5 @@ { - "$description": "Can manage role assignments in Microsoft Entra ID, and all aspects of Privileged Identity Management.", - "$friendlyName": "Privileged Role Administrator", + "displayName": "Privileged Role Administrator", "isEnabled": true, "resourceScopes": [ "/" diff --git a/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/Security Administrator.json b/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/Security Administrator.json index 17a0d2a..dbfa14a 100644 --- a/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/Security Administrator.json +++ b/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/Security Administrator.json @@ -1,6 +1,5 @@ { - "$description": "Can read security information and reports, and manage configuration in Microsoft Entra ID and Office 365.", - "$friendlyName": "Security Administrator", + "displayName": "Security Administrator", "isEnabled": true, "resourceScopes": [ "/" diff --git a/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/User Administrator.json b/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/User Administrator.json index c917c8f..4a9cfd2 100644 --- a/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/User Administrator.json +++ b/Definitions/Content/MSGraph/RoleManagement/Directory/RoleDefinitions/User Administrator.json @@ -1,6 +1,5 @@ { - "$description": "Can manage all aspects of users and groups, including resetting passwords for limited admins.", - "$friendlyName": "User Administrator", + "displayName": "User Administrator", "isEnabled": true, "resourceScopes": [ "/" diff --git a/Definitions/Content/SecurityAndCompliance/RetentionCompliancePolicy/Default Retention Policy.json b/Definitions/Content/SecurityAndCompliance/RetentionCompliancePolicy/Default Retention Policy.json index e78675f..db23b0b 100644 --- a/Definitions/Content/SecurityAndCompliance/RetentionCompliancePolicy/Default Retention Policy.json +++ b/Definitions/Content/SecurityAndCompliance/RetentionCompliancePolicy/Default Retention Policy.json @@ -1,6 +1,5 @@ { - "$description": "| What does this do? | Defines the data retention policy for SharePoint, OneDrive and Exchange Online. The baseline retains this data for one year. |\n| Why should you use this? | If you want this data to be retained for one year and to be searchable in Office 365 content search tools. |\n| What is the end-user impact? | Users cannot permanently delete data that is less than one year old. |\n| Learn more | [Retention policies and labels](https://docs.microsoft.com/en-us/microsoft-365/compliance/retention?view=o365-worldwide) |", - "$friendlyName": "Default Retention Policy", + "displayName": "Default Retention Policy", "AdaptiveScopeLocation": [], "Applications": [], "Enabled": true, diff --git a/Definitions/Content/SecurityAndCompliance/RetentionCompliancePolicy/Teams Retention Policy.json b/Definitions/Content/SecurityAndCompliance/RetentionCompliancePolicy/Teams Retention Policy.json index 7b7b010..8370823 100644 --- a/Definitions/Content/SecurityAndCompliance/RetentionCompliancePolicy/Teams Retention Policy.json +++ b/Definitions/Content/SecurityAndCompliance/RetentionCompliancePolicy/Teams Retention Policy.json @@ -1,6 +1,5 @@ { - "$description": "| What does this do? | Defines the data retention policy for Microsoft Teams. Teams retention policies must be created independently of other retention policies. The baseline retains Teams data for one year. |\n| Why should you use this? | If you want this data to be retained for one year and to be searchable in Office 365 content search tools. |\n| What is the end-user impact? | Users cannot permanently delete data that is less than one year old. |\n| Learn more | [Retention policies and labels](https://docs.microsoft.com/en-us/microsoft-365/compliance/retention?view=o365-worldwide) |", - "$friendlyName": "Teams Retention Policy", + "displayName": "Teams Retention Policy", "AdaptiveScopeLocation": [], "Applications": [], "Enabled": true, diff --git a/Definitions/Content/SecurityAndCompliance/RetentionComplianceRule/Default Retention Policy.json b/Definitions/Content/SecurityAndCompliance/RetentionComplianceRule/Default Retention Policy.json index c6b91a1..7a53b13 100644 --- a/Definitions/Content/SecurityAndCompliance/RetentionComplianceRule/Default Retention Policy.json +++ b/Definitions/Content/SecurityAndCompliance/RetentionComplianceRule/Default Retention Policy.json @@ -1,6 +1,5 @@ { - "$description": "| What does this do? | Retains all Exchange, OneDrive, and SharePoint data for one year before allowing permanent deletion. The default is 365 days, should be updated to meet retention needs of organization. |\n| Why should you use this? | Assists with compliance and data governance requirements. |\n| What is the end-user impact? | Users may not be able to permanently delete data within the retention period. |", - "$friendlyName": "Default Retention Policy", + "displayName": "Default Retention Policy", "ExcludedItemClasses": [], "MachineLearningModelIDs": [], "Policy": "${urn:resource:SecurityAndCompliance:RetentionCompliancePolicy/Default Retention Policy?Guid}", diff --git a/Definitions/Content/SecurityAndCompliance/RetentionComplianceRule/Teams Retention Policy.json b/Definitions/Content/SecurityAndCompliance/RetentionComplianceRule/Teams Retention Policy.json index e0ad00e..295d2e5 100644 --- a/Definitions/Content/SecurityAndCompliance/RetentionComplianceRule/Teams Retention Policy.json +++ b/Definitions/Content/SecurityAndCompliance/RetentionComplianceRule/Teams Retention Policy.json @@ -1,6 +1,5 @@ { - "$description": "| What does this do? | Retains chat and channel message data in Microsoft Teams for 365 days before allowing deletion. The default is 365 days, should be updated to meet retention needs of organization. |\n| Why should you use this? | Satisfies organizational, legal, or regulatory retention requirements for Teams communications. |\n| What is the end-user impact? | Teams data cannot be permanently deleted within the retention period. |", - "$friendlyName": "Teams Retention Policy", + "displayName": "Teams Retention Policy", "ExcludedItemClasses": [], "ExpirationDateOption": "CreationAgeInDays", "MachineLearningModelIDs": [],