module/appsettings.scanner.json
|
{
"AuthNSettings": { "ScannerIdentityConnectionString": "", "InternalIdentityConnectionString": "", "ScannerApplicationId": "", "ScannerApplicationPassword": "" }, "AuthzSettings": { "IsPIMEnabled": true, "MaxDegreeOfParallelismForSubPIMProcess": 50, "MaxDegreeOfParallelismForRGPIMProcess": 4, "IsRoleAssignmentPreviewAPIEnabled": false }, "InternalIdentityConfiguration": { "InternalApplicationId": "", "InternalApplicationPassword": "", "InternalFicClientId": "", "InternalFicAudience": "" }, "MultiTenantConfigurations": { "IsFeatureEnabled": false, "HostTenant": null, "OnboardedTenantsContainerName": "OnboardedTenants", "OnboardedTenantsFileName": "OnboardedTenants", "AuthenticationMode": "ClientSecret", "ficClientId": "", "ficAudience": "" }, "AzureStorageSettings": { "ResourceId": "", "ContainerName": "azskatsscanresult", "QueueName": "subjobqueue", "FileNames": { "SubscriptionMetadata": "{0}/Subscriptions/SubMetaData/{1}_SubMetaData.json", "SubscriptionRBAC": "{0}/Subscriptions/RBAC/{1}_RBAC.json", "ResourceInventory": "{0}/Subscriptions/ResourceInventory/{1}_ResourceInventory.json", "PolicyAssessments": "{0}/Subscriptions/SSAssessmentDetails/{1}_SSAssessmentDetails.json", "ControlEvaluation": "{0}/Subscriptions/ControlResults/{1}_ControlResults.json", "ControlExtensions": "Ext/{0}.ext.json", "ControlExtensionsPath": "Ext/", "PolicyStates": "{0}/Subscriptions/PolicyStateResults/{1}_PolicyStateResults.json", "LastKnownScanResult": "{0}_LastKnownScanResult.json", "OnboardedAWSOrganizationsDetails": "OnboardedAWSOrganizationsDetails.json" }, "FeatureContainerName": { "PolicyExtension": "orgpolicy", "OnboardedTenants": "onboardedtenants", "LastKnownScanResult": "lastknownscanresult" }, "EnabledCloudServices": [ "Azure" ] }, "EndpointMapping": { "AzureCloud": { "AzureManagement": "https://management.azure.com/", "GraphAPI": "https://graph.microsoft.com", "AzureADGraphAPI": "https://graph.windows.net", "LogAnalytics": "https://api.loganalytics.io/", "LogAnalyticsDataCollector": "https://{0}.ods.opinsights.azure.com", "ApplicationInsights": "https://management.azure.com", "ManagementCore": "https://management.core.windows.net/", "StorageEndpointSuffix": "core.windows.net", "AzureSQL": "https://database.windows.net/", "KuduConsole": "https://{0}.scm.azurewebsites.net", "MachineLearningAzureEndpoint": "https://ml.azure.com/api/" }, "AzureGovernmentCloud": { "AzureManagement": "https://management.usgovcloudapi.net/", "GraphAPI": "https://graph.microsoft.us", "AzureADGraphAPI": "https://graph.windows.net", "LogAnalytics": "https://api.loganalytics.us/", "LogAnalyticsDataCollector": "https://{0}.ods.opinsights.azure.us", "ApplicationInsights": "https://management.usgovcloudapi.net/", "ManagementCore": "https://management.core.usgovcloudapi.net/", "StorageEndpointSuffix": "core.usgovcloudapi.net", "AzureSQL": "https://database.usgovcloudapi.net/", "KuduConsole": "https://{0}.scm.azurewebsites.us/" }, "AzureChinaCloud": { "AzureManagement": "https://management.chinacloudapi.cn/", "GraphAPI": "https://microsoftgraph.chinacloudapi.cn", "AzureADGraphAPI": "https://graph.chinacloudapi.cn", "LogAnalytics": "https://api.loganalytics.azure.cn/", "LogAnalyticsDataCollector": "https://{0}.ods.opinsights.azure.cn", "ApplicationInsights": "https://management.chinacloudapi.cn/", "ManagementCore": "https://management.core.chinacloudapi.cn/", "StorageEndpointSuffix": "core.chinacloudapi.cn", "AzureSQL": "https://database.chinacloudapi.cn/", "KuduConsole": "https://{0}.scm.chinacloudsites.cn/" } }, "HttpClientConfig": { "MaxRetries": 3, "RetryHttpStatusCodes": [ 429, 408, 502, 504 ], "RetryStepInSecs": 6, "MaxNesting": 128 }, "LAConfigurations": { "WorkspaceId": "", "ResourceId": "", "LATypes": { "PolicySummary": "AzSK_PolicySummaryInfo", "SubscriptionRBAC": "AzSK_RBAC", "ADGraph": "AzSK_AADObjectInv", "PolicyAssignments": "AzSK_PolicyAssignmentsInv", "PolicyAssessments": "AzSK_SSAssessmentInv", "PolicyStates": "AzSK_PolicyStateResults", "ControlEvaluation": "AzSK_ControlResults", "ProcessedEvent": "AzSK_ProcessedSubscriptions", "Exceptions": "AzSK_RTExceptions", "PerformanceMetrics": "AzSK_PerformanceMetrics", "ResourceInventory": "AzSK_ResourceInvInfo", "SecureScoreAssessmentSummary": "AzSK_SSAssessmentSummaryInv", "FeaturePerformanceMetrics": "AzSK_FeaturePerformanceMetrics", "CredentialScanPerformanceMetrics": "AzSK_CredentialScanPerformanceMetrics" }, "QueryFiles": { "SubscriptionServiceMapping": "Inv_GetServiceMappingFromLA.kql", "SubscriptionMGHierarchy": "Inv_GetSubMGHierarchyFromLA.kql" }, "Functions": { }, "BatchSize": 500 }, "ARGConfigurations": { "QueryFiles": { "PolicyStateDataForAllAssignments": "Arg_Policy_GetPolicyStatesForAllAssignments.json", "PolicyStateDataForSelectedAssignments": "Arg_Policy_GetPolicyStatesForSelectedAssignments.json", "PolicyStateDataForSelectedDefinitions": "Arg_Policy_GetPolicyStatesForSelectedDefinitions.json", "GetMDCSecureScore": "Arg_Policy_GetSecureScore.json", "GetMDCSecureScoreControls": "Arg_Policy_GetSecureScoreControls.json" }, "PolicyStateSettings": { "MaxDegreeOfParallelism": 10, "BatchSize": 100, "FetchAll": false }, "SecureScoreSettings": { "MaxDegreeOfParallelism": 5, "BatchSize": 1000, "FetchAll": true }, "MaxRetries": 3, "QuotaResetsInSecs": 5, "RetryStatusCodes": [ "TooManyRequests" ] }, "Logging": { "LogLevel": { "Default": "Information", "Microsoft": "Trace", "System.Net.Http": "None" } }, "WebJobConfigurations": { "ForceFetch": false, "MaxExecutionTimeInUTCHour": 14, "CloudEnvironmentName": "AzureCloud", "ResourceInvRedactionConfig": { "ResourceInventoryRedactionMode": "All", "ResourceTypeRedactionConfig": { "microsoft.logic/workflows": { "CustomField2": [ "*" ], "CustomField3": [ "*" ] }, "microsoft.apimanagement/service": { "CustomField2": [ "*" ] } } } }, "FeatureManagement": { "All": true, "ManagementGroups": true, "ADGraph": true, "Subscriptions": true, "PolicyDefinitions": true, "PolicyStates": false, "BaselineControls": true, "ControlScanException": true, "ControlBulkException": false, "OrgPolicy": false, "ScanExternalControl": false, "ControlResultRetention": false, "MetricAlerts": false, "DataMasking": false, "DeploymentsInventory": false, "SQLPhaseOut": false, "PIMRoleManagementPolicy": true, "APIConnectionControls": true, "WorkloadIdentitiesServicePrincipals": true, "WorkloadIdentitiesAppRegistrations": true, "LINQControlEvaluator": false, "ResourceInventory": true, "ControlEvaluation": true, "ResourceGroup": true, "SubscriptionRBAC": true, "PolicyAssessments": true, "PolicySubAssessments": true, "SQLUpload": false, "FetchSubMGHierarchyFromLA": true }, "ManagementGroupConfigurations": { "ManagementGroupId": "", "HierarchyTraverseLimit": 7 }, "GraphConfigurations": { "BatchSize": 1000, "IsFeatureEnabled": true, "ODataFilterChildClauseLimit": 15 }, "WorkItemProcessorSettings": { "BatchSize": 30000, "MinThreshold": 1, "MessageMaxTimeToLive": "03:00:00", "CacheClearingOn": true, "VerificationResultRetentionPeriodInDays": 7, "LKSRRetentionPeriodInDays": 7, "ControlEvaluationResourcesMaxDegreeOfParallelism": -1, "ControlEvaluationResourceTypeMaxDegreeOfParallelism": -1, "SubParentMGCachePeriodInDays": 1 }, "EnricherSettings": { "VirtualNetwork": { "ERvNetRGNames": "ERNetwork,ERNetwork-DMZ,ERNetwork-PvtApp,ERNetwork-DB,ERNetwork-InetApp,ERNetwork-SVC,ERNetwork-LAB,ERNetwork-MVD,ERNetwork-WVD,ERNetwork-AVD" } }, "RepositorySettings": { "SQLDatabase": { "ResourceEvaluationLimit": 5000 }, "Storage": { "StorageContainerFetchLimit": 5000, "FetchStorageContainersDetailsEnabled": false, "DegreeOfParallelism": 10 }, "VirtualMachineScaleSet": { "VirtualMachineInstancesLimit": 50 }, "AppService": { "WorkflowRunHistoriesFetchLimit": 10000 }, "DBForMySqlFlexibleServer": { "AllowedStates": "Ready,", "HttpMaxRetries": 1, "HttpRetryStepInSecs": 6 }, "UserParameters": { "SasAccountRegex": "@sas.ms" }, "MachineLearningWorkspace": { "APIMaxDegreeOfParallelism": 10 }, "S3": { "MaxDegreeOfParallelism": 5, "RetryCount": 2, "Region": "us-east-1", "AWSCloud": "aws" } }, "AzureSQLSettings": { "IsFeatureEnabled": false, "IsRoleAssignmentSQLWriteEnabled": false, "IsAllControlResultsSQLWriteEnabled": false, "SQLWriteEnabledForControlTags": [ "TenantBaseline", "EligibleForSelfAttestation" ], "EnabledCloudServices": [ "Azure" ] }, "SamplingSettings": { "FeatureSamplingLimits": {} }, "AzureHttpClientHelperSettings": { "BatchMaxDegreeOfParallelism": 10, "BatchAPISize": 20 }, "AzureCosmosDBSettings": { "IsFeatureEnabled": false, "ConnectionString": "", "IsBulkExceptionEnabled": false, "MaxDegreeOfParallelismWrite": 10, "MaxDegreeOfParallelismRead": 10, "EnabledCloudServices": [ "Azure" ], "Uri": "", "TableName": "", "ConnectionMode": "ConnectionString" }, "AzureControlScanExceptionSettings": { "ActiveExceptionWorkFlowStatusList": [ "Approved", "Extension In-Progress" ] }, "WorkSpaceAPISetting": { "IsFeatureEnabled": false, "APIURI": "", "WorkSpaceEndPointAPI": "" }, "SubAssessmentSetting": { "SubAssessmentIds": [ "1ff0b4c9-ed56-4de6-be9c-d7ab39645926" ] }, "BaselineControlConfigurations": { "SubsControlShortId": "SubscriptionCore770", "FTETMappingJPath": "$.ExternallyFTEMappingKey", "PlatformTypeMappingJPath": "$.IsExternalTenantSetup" }, "APIClientConfiguration": { "AuthType": "ClientCredentials", "FederatedIdentityAudience": "FILL", "FederatedIdentityAuthorityUri": "FILL", "FederatedIdentityClientId": "FILL", "ClientId": "FILL", "ClientSecret": "FILL", "Scope": "FILL", "ApiBaseUrl": "FILL" }, "AWSOrganizationsSettings": { "IsFeatureEnabled": false, "OnboardedOrganizationsDetailsContainerName": "OnboardedTenants", "OnboardedOrganizationsFileName": "OnboardedAWSOrganizationsDetails", "MaxDegreeOfParallelismInvFetch": 5, "RetryCount": 2, "Region": "us-east-1" }, "AWSAccountResourceInventoryConfiguration": { "MaxDegreeOfParallelism": 5, "RetryCount": 2, "Region": "us-east-1" }, "DataCollectionRuleConfiguration": { "MaxDegreeOfParallelism": 5, "RequiredOsType": [ "Windows" ] }, "CustomTelemetryConfiguration": { "IsFeatureEnabled": true } } |