Updated display name and removed description

Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/ACSC Edge Hardening Guidelines.json

@@ -1,6 +1,5 @@
 {
-  "$description": "| What does this do? | Applies ACSC guidelines to Microsoft Edge browser security settings via Windows policy. |\n| Why should you use this? | Hardens the default configuration of Microsoft Edge to defend against web threats. |\n| What is the end-user impact? | Users may find some browser features restricted or disabled. |",
-  "$friendlyName": "ACSC Edge Hardening Guidelines",
+  "displayName": "ACSC Edge Hardening Guidelines",
   "assignments": [],
   "description": "",
   "expand": "assignments,settings",

Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/ACSC Windows Hardening Guidelines level 1.json

@@ -1,5 +1,5 @@
 {
-  "$friendlyName": "M1 - ACSC Office Hardening Guidelines Level 1",
+  "displayName": "M1 - ACSC Office Hardening Guidelines Level 1",
   "@odata.type": "#microsoft.graph.deviceManagementConfigurationPolicy",
   "assignments": [],
   "description": "Level 1 - Block macros from the internet only",

Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/ACSC Windows Hardening Guidelines.json

@@ -1,6 +1,5 @@
 {
-  "$description": "| What does this do? | Applies ACSC (Australian Cyber Security Centre) recommended Windows security configuration to devices in the All Office Users group. |\n| Why should you use this? | Ensures compliance with strong government-grade Windows security recommendations. |\n| What is the end-user impact? | Users may be prevented from changing security/compliance settings and experience additional controls. |\n| Learn more | [Essential Eight user application hardening](https://learn.microsoft.com/en-us/compliance/anz/e8-app-harden)|",
-  "$friendlyName": "ACSC Windows Hardening Guidelines",
+  "displayName": "ACSC Windows Hardening Guidelines",
   "assignments": [
     {
       "source": "direct",

Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/All Macros Disabled.json

@@ -1,6 +1,5 @@
 {
-  "$description": "| What does this do? | Disables all Office macros except for excluded users/groups, enhancing security against macro-based attacks. |\n| Why should you use this? | Reduces risk of malicious macro execution organization-wide. |\n| What is the end-user impact? | Only uses in the 'Allow macro execution - Trusted Publisher' group will be able to excute macros. |",
-  "$friendlyName": "All Macros Disabled",
+  "displayName": "All Macros Disabled",
   "assignments": [
     {
       "source": "direct",

Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/Disable Internet Explorer.json

@@ -1,6 +1,5 @@
 {
-  "$description": "| What does this do? | Disables or blocks the use of Internet Explorer on Windows devices. |\n| Why should you use this? | Prevents use of an outdated and insecure browser within the organization. |\n| What is the end-user impact? | Users cannot launch or use Internet Explorer. |",
-  "$friendlyName": "Disable Internet Explorer",
+  "displayName": "Disable Internet Explorer",
   "assignments": [
     {
       "source": "direct",

Definitions/Content/MSGraph/DeviceManagement/ConfigurationPolicies/Macros Enabled for Trusted Publishers.json

@@ -1,6 +1,5 @@
 {
-  "$description": "| What does this do? | Enables use of trusted Office macros for a defined group of users, blocks untrusted. |\n| Why should you use this? | Allows only digitally signed and organizationally approved macros to be executed. |\n| What is the end-user impact? | Users in the 'Allow macro execution - Trusted Publisher' group can use signed macros; others are blocked from execution. |\n| Learn more | [Adding a Certificate to Trusted Publishers using Microsoft Intune](https://techcommunity.microsoft.com/blog/intunecustomersuccess/adding-a-certificate-to-trusted-publishers-using-microsoft-intune/1974488#:%7E:text=To%20add%20a%20certificate%20to%20the%20Trusted%20Publishers,a%20new%2C%20custom%2C%20Windows%2010%20device%20configuration%20profile )|",
-  "$friendlyName": "Macros Enabled for Trusted Publishers",
+  "displayName": "Macros Enabled for Trusted Publishers",
   "assignments": [
     {
       "source": "direct",

Definitions/Content/MSGraph/DeviceManagement/DeviceCompliancePolicies/#microsoft.graph.macOSCompliancePolicy--MacOS - Latest version.json

@@ -1,7 +1,6 @@
 {
+  "displayName": "MacOS - Latest version",
   "@odata.type": "#microsoft.graph.macOSCompliancePolicy",
-  "$description": "| What does this do? | Defines compliance requirements and enforces a minimum operating system version for macOS devices. | Why should you use this? | This should be periodically updated so the latest release, or the previous release, of operating systems are used. Mandating up-to-date devices helps ensure that only secure, supported versions are used to access organizational resources, reducing risk from vulnerabilities. | What is the end-user impact? | Devices running unsupported or outdated versions of macOS may be restricted from accessing company data and may be required to update their OS to regain compliance and access.",
-  "$friendlyName": "MacOS - Latest version",
   "advancedThreatProtectionRequiredSecurityLevel": "unavailable",
   "assignments": [
     {
@@ -14,7 +13,6 @@
   ],
   "deviceThreatProtectionEnabled": false,
   "deviceThreatProtectionRequiredSecurityLevel": "unavailable",
-  "displayName": "MacOS - Latest version",
   "expand": "assignments,scheduledActionsForRule($expand=scheduledActionConfigurations)",
   "firewallBlockAllIncoming": false,
   "firewallEnabled": false,
@@ -41,4 +39,4 @@
   ],
   "storageRequireEncryption": false,
   "systemIntegrityProtectionEnabled": false
-}
+}

Definitions/Content/MSGraph/DeviceManagement/DeviceCompliancePolicies/#microsoft.graph.windows10CompliancePolicy--Windows - Lastest version.json

@@ -1,7 +1,6 @@
 {
+  "displayName": "Windows - Lastest version",
   "@odata.type": "#microsoft.graph.windows10CompliancePolicy",
-  "$description": "| What does this do? | Defines compliance requirements and enforces a minimum operating system version for Windows 10 devices. | Why should you use this? | This should be periodically updated so the latest release, or the previous release, of operating systems are used. Keeping devices updated protects against known vulnerabilities and ensures device security and compatibility with enterprise tools. | What is the end-user impact? | Users on non-compliant or unsupported versions of Windows may lose access to corporate resources until their devices are updated and brought back into compliance.",
-  "$friendlyName": "Windows - Lastest version",
   "activeFirewallRequired": false,
   "antiSpywareRequired": false,
   "antivirusRequired": false,
@@ -20,7 +19,6 @@
   "defenderEnabled": false,
   "deviceThreatProtectionEnabled": false,
   "deviceThreatProtectionRequiredSecurityLevel": "unavailable",
-  "displayName": "Windows - Lastest version",
   "earlyLaunchAntiMalwareDriverEnabled": false,
   "expand": "assignments,scheduledActionsForRule($expand=scheduledActionConfigurations)",
   "firmwareProtectionEnabled": false,
@@ -55,4 +53,4 @@
   "validOperatingSystemBuildRanges": [],
   "virtualizationBasedSecurityEnabled": false,
   "wslDistributions": []
-}
+}

Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsDeliveryOptimizationConfiguration--Production - Win11 - Delivery Optimization.json

@@ -1,13 +1,11 @@
 {
+  "displayName": "Production - Win11 - Delivery Optimization",
   "@odata.type": "#microsoft.graph.windowsDeliveryOptimizationConfiguration",
-  "$description": "| What does this do? | Configures delivery optimization for Windows 11 updates, including peering and cache settings. |\n| Why should you use this? | Reduces WAN consumption and accelerates update delivery to endpoints by using peer-to-peer distribution and caching. |\n| What is the end-user impact? | Update downloads are faster and network-friendly. |",
-  "$friendlyName": "Production - Win11 - Delivery Optimization",
   "backgroundDownloadFromHttpDelayInSeconds": 60,
   "cacheServerBackgroundDownloadFallbackToHttpDelayInSeconds": 0,
   "cacheServerForegroundDownloadFallbackToHttpDelayInSeconds": 0,
   "cacheServerHostNames": [],
   "deliveryOptimizationMode": "httpWithPeeringNat",
-  "displayName": "Production - Win11 - Delivery Optimization",
   "foregroundDownloadFromHttpDelayInSeconds": 60,
   "maximumCacheAgeInDays": 7,
   "minimumBatteryPercentageAllowedToUpload": 60,
@@ -19,4 +17,4 @@
     "${urn:resource:MSGraph:DeviceManagement:RoleScopeTags/Default?id}"
   ],
   "vpnPeerCaching": "disabled"
-}
+}

Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Broad Ring - Install updates after 7 days.json

@@ -1,7 +1,6 @@
 {
+  "displayName": "Broad Ring - Install updates after 7 days",
   "@odata.type": "#microsoft.graph.windowsUpdateForBusinessConfiguration",
-  "$description": "| What does this do? | Assigns broad population devices to a ring that installs updates after 7 days, following pilot and test deployment groups. |\n| Why should you use this? | Provides lag time for update validation and rollback in response to issues. |\n| What is the end-user impact? | Updates are delayed, reducing risk of mass issues. |\n| Learn more | [Configure Windows Update for business rings](https://learn.microsoft.com/en-us/compliance/anz/e8-patchos-configure-wufb-rings) |",
-  "$friendlyName": "Broad Ring - Install updates after 7 days",
   "$name": "#microsoft.graph.windowsUpdateForBusinessConfiguration--Broad Ring - Install updates after 7 days",
   "allowWindows11Upgrade": false,
   "automaticUpdateMode": "autoInstallAtMaintenanceTime",
@@ -12,7 +11,6 @@
   "deadlineGracePeriodInDays": 2,
   "deliveryOptimizationMode": "userDefined",
   "description": "",
-  "displayName": "Broad Ring - Install updates after 7 days",
   "driversExcluded": false,
   "featureUpdatesDeferralPeriodInDays": 60,
   "featureUpdatesPaused": false,
@@ -38,4 +36,4 @@
   "updateNotificationLevel": "defaultNotifications",
   "userPauseAccess": "disabled",
   "userWindowsUpdateScanAccess": "enabled"
-}
+}

Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Critical Ring - Install updates after 10 days.json

@@ -1,7 +1,6 @@
 {
+  "displayName": "Critical Ring - Install updates after 10 days",
   "@odata.type": "#microsoft.graph.windowsUpdateForBusinessConfiguration",
-  "$description": "| What does this do? | Defines the Critical Ring for Windows Updates assignments. |\n| Why should you use this? | Assigns business-critical devices to a ring that receives updates at a time appropriate for stability and minimum interruption. |\n| What is the end-user impact? | Updates are deployed with a critical business rhythm in mind. |\n| Learn more | [Configure Windows Update for business rings](https://learn.microsoft.com/en-us/compliance/anz/e8-patchos-configure-wufb-rings) |",
-  "$friendlyName": "Critical Ring - Install updates after 10 days",
   "$name": "#microsoft.graph.windowsUpdateForBusinessConfiguration--Critical Ring - Install updates after 10 days",
   "allowWindows11Upgrade": false,
   "automaticUpdateMode": "autoInstallAtMaintenanceTime",
@@ -12,7 +11,6 @@
   "deadlineGracePeriodInDays": 2,
   "deliveryOptimizationMode": "userDefined",
   "description": "",
-  "displayName": "Critical Ring - Install updates after 10 days",
   "driversExcluded": false,
   "featureUpdatesDeferralPeriodInDays": 60,
   "featureUpdatesPaused": false,
@@ -38,4 +36,4 @@
   "updateNotificationLevel": "defaultNotifications",
   "userPauseAccess": "disabled",
   "userWindowsUpdateScanAccess": "enabled"
-}
+}

Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Fast Ring - Install updates after 4 days.json

@@ -1,7 +1,6 @@
 {
+  "displayName": "Fast Ring - Install updates after 4 days",
   "@odata.type": "#microsoft.graph.windowsUpdateForBusinessConfiguration",
-  "$description": "| What does this do? | Defines the Fast Ring assignment for Windows Updates. |\n| Why should you use this? | Assigns select devices to receive updates before the majority, but after Test/Pilot. |\n| What is the end-user impact? | Devices in this group may see updates sooner, and act as an additional validation tier. |\n| Learn more | [Configure Windows Update for business rings](https://learn.microsoft.com/en-us/compliance/anz/e8-patchos-configure-wufb-rings) |",  
-  "$friendlyName": "Fast Ring - Install updates after 4 days",
   "$name": "#microsoft.graph.windowsUpdateForBusinessConfiguration--Fast Ring - Install updates after 4 days",
   "allowWindows11Upgrade": false,
   "automaticUpdateMode": "autoInstallAtMaintenanceTime",
@@ -12,7 +11,6 @@
   "deadlineGracePeriodInDays": 2,
   "deliveryOptimizationMode": "userDefined",
   "description": "",
-  "displayName": "Fast Ring - Install updates after 4 days",
   "driversExcluded": false,
   "featureUpdatesDeferralPeriodInDays": 30,
   "featureUpdatesPaused": false,
@@ -38,4 +36,4 @@
   "updateNotificationLevel": "defaultNotifications",
   "userPauseAccess": "disabled",
   "userWindowsUpdateScanAccess": "enabled"
-}
+}

Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Pilot Ring - Install updates after 2 days.json

@@ -1,7 +1,6 @@
 {
+  "displayName": "Pilot Ring - Install updates after 2 days",
   "@odata.type": "#microsoft.graph.windowsUpdateForBusinessConfiguration",
-  "$description": "| What does this do? | Defines the Pilot Ring for Windows Updates assignments. |\n| Why should you use this? | Assigns devices for early deployment to validate update deployment in your environment. |\n| What is the end-user impact? | These workstations receive updates soon after the Test Ring. |\n| Learn more | [Configure Windows Update for business rings](https://learn.microsoft.com/en-us/compliance/anz/e8-patchos-configure-wufb-rings) |",
-  "$friendlyName": "Pilot Ring - Install updates after 2 days",
   "$name": "#microsoft.graph.windowsUpdateForBusinessConfiguration--Pilot Ring - Install updates after 2 days",
   "allowWindows11Upgrade": false,
   "automaticUpdateMode": "autoInstallAtMaintenanceTime",
@@ -12,7 +11,6 @@
   "deadlineGracePeriodInDays": 2,
   "deliveryOptimizationMode": "userDefined",
   "description": "",
-  "displayName": "Pilot Ring - Install updates after 2 days",
   "driversExcluded": false,
   "featureUpdatesDeferralPeriodInDays": 10,
   "featureUpdatesPaused": false,
@@ -38,4 +36,4 @@
   "updateNotificationLevel": "defaultNotifications",
   "userPauseAccess": "disabled",
   "userWindowsUpdateScanAccess": "enabled"
-}
+}

Definitions/Content/MSGraph/DeviceManagement/DeviceConfigurations/#microsoft.graph.windowsUpdateForBusinessConfiguration--Test Ring - Install updates immediately.json

@@ -1,7 +1,6 @@
 {
+  "displayName": "Test Ring - Install updates immediately",
   "@odata.type": "#microsoft.graph.windowsUpdateForBusinessConfiguration",
-  "$description": "| What does this do? | Defines the Test Ring for Windows Updates assignments. |\n| Why should you use this? | Assigns devices to the Test Ring for early deployment and testing of Windows and security updates. |\n| What is the end-user impact? | Devices in this group receive updates first and may encounter issues sooner. |\n| Learn more | [Configure Windows Update for business rings](https://learn.microsoft.com/en-us/compliance/anz/e8-patchos-configure-wufb-rings) |",
-  "$friendlyName": "Test Ring - Install updates immediately",
   "$name": "#microsoft.graph.windowsUpdateForBusinessConfiguration--Test Ring - Install updates immediately",
   "allowWindows11Upgrade": false,
   "automaticUpdateMode": "autoInstallAndRebootWithoutEndUserControl",
@@ -12,7 +11,6 @@
   "deadlineGracePeriodInDays": 0,
   "deliveryOptimizationMode": "userDefined",
   "description": "",
-  "displayName": "Test Ring - Install updates immediately",
   "driversExcluded": false,
   "featureUpdatesDeferralPeriodInDays": 0,
   "featureUpdatesPaused": false,
@@ -33,4 +31,4 @@
   "updateNotificationLevel": "defaultNotifications",
   "userPauseAccess": "disabled",
   "userWindowsUpdateScanAccess": "enabled"
-}
+}

Definitions/Content/MSGraph/DeviceManagement/DeviceManagementScripts/Office Macro Hardening - Prevent Activation of OLE.json

@@ -1,6 +1,5 @@
 {
-  "$description": "| What does this do? | Prevents users from activating OLE packages in Office Macros, reducing risk of embedded object attacks. |\n| Why should you use this? | Hardens macro security by disabling common attack vectors. |\n| What is the end-user impact? | Users will be unable to launch OLE packages from macros. |",
-  "$friendlyName": "Office Macro Hardening - Prevent Activation of OLE",
+  "displayName": "Office Macro Hardening - Prevent Activation of OLE",
   "assignments": [
     {
       "target": {

Definitions/Content/MSGraph/DeviceManagement/DeviceManagementScripts/User Application Hardening Remove Features.json

@@ -1,6 +1,5 @@
 {
-  "$description": "| What does this do? | Disables legacy or insecure features, such as PowerShell 2.0, Internet Explorer, and .NET 3.5 on targeted Windows devices. |\n| Why should you use this? | Reduces attack surface by removing components with known vulnerabilities. |\n| What is the end-user impact? | Users cannot use older, less secure Windows features. |",
-  "$friendlyName": "User Application Hardening Remove Features",
+  "displayName": "User Application Hardening Remove Features",
   "assignments": [],
   "description": "",
   "enforceSignatureCheck": false,

Definitions/Content/MSGraph/DeviceManagement/RoleScopeTags/Default.json

@@ -1,4 +1,3 @@
 {
-  "$description": "Default Role Scope Tag. This will exist by default on all Intune entities whenever a user defined Role Scope Tag is not present.",
-  "$friendlyName": "Default"
+  "displayName": "Default"
 }

Definitions/Content/MSGraph/DeviceManagement/Templates/#microsoft.graph.securityBaselineTemplate--Attack surface reduction rules.json

@@ -1,13 +1,11 @@
 {
-  "@odata.type": "#microsoft.graph.securityBaselineTemplate",
-  "$description": "| What does this do? | Defines and enforces attack surface reduction (ASR) rules to limit behaviors commonly used by malware and malicious apps, such as restricting suspicious scripts and executable content in Office apps or web mail. |\n| Why should you use this? | Attack surface reduction rules proactively block and reduce common exploitation avenues used by threat actors, helping to prevent infection and unauthorized code execution in your environment. |\n| What is the end-user impact? | Users may find certain file downloads, scripts, or macros blocked in Office and email applications, and suspicious or non-standard behaviors may be prevented. Some legitimate actions may require approval or adjustment to comply with security rules. |\n| Learn more | [Attack surface reduction rules](https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/attack-surface-reduction?view=o365-worldwide) |",
-  "$friendlyName": "Attack surface reduction rules",
   "displayName": "Attack surface reduction rules",
+  "@odata.type": "#microsoft.graph.securityBaselineTemplate",
   "intentCount": 1,
   "isDeprecated": false,
   "platformType": "windows10AndLater",
   "publishedDateTime": "2020-08-05T00:00:00Z",
   "templateSubtype": "attackSurfaceReduction",
   "templateType": "securityTemplate",
   "versionInfo": "2009"
-}
+}

Definitions/Content/MSGraph/DeviceManagement/WindowsDriverUpdateProfiles/Windows Driver Updates.json

@@ -1,6 +1,5 @@
 {
-  "$description": "| What does this do? | Defines driver update deployment policy for all corporate Windows devices. |\n| Why should you use this? | Ensures timely driver updates for stability and security across your device fleet. |\n| What is the end-user impact? | Users receive drivers automatically with minimal delay. |",
-  "$friendlyName": "Windows Driver Updates",
+  "displayName": "Windows Driver Updates",
   "approvalType": "automatic",
   "assignments": [
     {

Definitions/Content/MSGraph/Groups/All Office Users.json

@@ -1,5 +1,5 @@
 {
-  "$friendlyName": "All Office Users",
+  "displayName": "All Office Users",
   "groupTypes": [],
   "infoCatalogs": [],
   "mailEnabled": false,

Definitions/Content/MSGraph/Groups/Allow macro execution - Trusted Publisher.json

@@ -1,5 +1,5 @@
 {
-  "$friendlyName": "Allow macro execution - Trusted Publisher",
+  "displayName": "Allow macro execution - Trusted Publisher",
   "groupTypes": [],
   "infoCatalogs": [],
   "mailEnabled": false,

Definitions/Content/MSGraph/Groups/Baseline - PIM Approvers.json

@@ -1,6 +1,5 @@
 {
-  "$description": "| What does this do? | Creates a manually assigned group whose members are allowed to approve PIM request for activiating the Global Administrator Role. |\n| Why should you use this? | To have a formal group that approvers for users elevating their priviledges temporarily. |\n| What is the end-user impact? | Users in this group will be able approve Privileged Identity Management Request for the Global Admin Role |\n| Learn more | [Plan a Privileged Identity Management Deployment]( https://learn.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-deployment-plan)|",
-  "$friendlyName": "Baseline - PIM Approvers",
+  "displayName": "Baseline - PIM Approvers",
   "groupTypes": [],
   "infoCatalogs": [],
   "mailEnabled": false,

Definitions/Content/MSGraph/Groups/Corporate Devices.json

@@ -1,6 +1,5 @@
 {
-  "$description": "| What does this do? | Creates a group that includes all corporate devices regardless if they are virtual or physical. |\n| Why should you use this? | This group can be used to assign Intune configurations that should apply to all devices. |\n| What is the end-user impact? | N/A |\n| Learn more | N/A |",
-  "$friendlyName": "Corporate Devices",
+  "displayName": "Corporate Devices",
   "groupTypes": [
     "DynamicMembership"
   ],

Definitions/Content/MSGraph/Identity/ConditionalAccess/AuthenticationStrength/Policies/Essential 8 Maturity level 1.json

@@ -1,5 +1,5 @@
 {
-  "$friendlyName": "Essential 8 Maturity level 1",
+  "displayName": "Essential 8 Maturity level 1",
   "allowedCombinations": [
     "deviceBasedPush",
     "federatedMultiFactor",

Definitions/Content/MSGraph/Identity/ConditionalAccess/AuthenticationStrength/Policies/Essential 8 Maturity level 2,3.json

@@ -1,5 +1,5 @@
 {
-  "$friendlyName": "Essential 8 Maturity level 2,3",
+  "displayName": "Essential 8 Maturity level 2,3",
   "allowedCombinations": [
     "fido2",
     "temporaryAccessPassMultiUse",