MicrosoftDocs
diff --git a/‎includes/policy/reference/byrp/microsoft.healthcareapis.md
Lines changed: 1 addition & 1 deletion b/‎includes/policy/reference/byrp/microsoft.healthcareapis.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎includes/policy/reference/byrp/microsoft.hybridcompute.md
Lines changed: 1 addition & 1 deletion b/‎includes/policy/reference/byrp/microsoft.hybridcompute.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎includes/policy/reference/byrp/microsoft.insights.md
Lines changed: 109 additions & 109 deletions b/‎includes/policy/reference/byrp/microsoft.insights.md
Lines changed: 109 additions & 109 deletions
diff --git a/‎includes/policy/reference/byrp/microsoft.iotcentral.md
Lines changed: 1 addition & 1 deletion b/‎includes/policy/reference/byrp/microsoft.iotcentral.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎includes/policy/reference/byrp/microsoft.keyvault.data.md
Lines changed: 1 addition & 1 deletion b/‎includes/policy/reference/byrp/microsoft.keyvault.data.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎includes/policy/reference/byrp/microsoft.keyvault.md
Lines changed: 7 additions & 7 deletions b/‎includes/policy/reference/byrp/microsoft.keyvault.md
Lines changed: 7 additions & 7 deletions
diff --git a/‎includes/policy/reference/byrp/microsoft.kubernetes.md
Lines changed: 1 addition & 1 deletion b/‎includes/policy/reference/byrp/microsoft.kubernetes.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎includes/policy/reference/byrp/microsoft.kubernetesconfiguration.md
Lines changed: 1 addition & 1 deletion b/‎includes/policy/reference/byrp/microsoft.kubernetesconfiguration.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎includes/policy/reference/byrp/microsoft.kusto.md
Lines changed: 1 addition & 1 deletion b/‎includes/policy/reference/byrp/microsoft.kusto.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎includes/policy/reference/byrp/microsoft.labservices.md
Lines changed: 1 addition & 1 deletion b/‎includes/policy/reference/byrp/microsoft.labservices.md
Lines changed: 1 addition & 1 deletion
@@ -2,7 +2,7 @@
 author: davidsmatlak
 ms.service: azure-policy
 ms.topic: include
-ms.date: 03/18/2024
+ms.date: 03/28/2024
 ms.author: davidsmatlak
 ms.custom: generated
 ---
 
@@ -2,7 +2,7 @@
 author: davidsmatlak
 ms.service: azure-policy
 ms.topic: include
-ms.date: 03/18/2024
+ms.date: 03/28/2024
 ms.author: davidsmatlak
 ms.custom: generated
 ---
 
@@ -2,7 +2,7 @@
 author: davidsmatlak
 ms.service: azure-policy
 ms.topic: include
-ms.date: 03/18/2024
+ms.date: 03/28/2024
 ms.author: davidsmatlak
 ms.custom: generated
 ---
 
@@ -2,7 +2,7 @@
 author: davidsmatlak
 ms.service: azure-policy
 ms.topic: include
-ms.date: 03/18/2024
+ms.date: 03/28/2024
 ms.author: davidsmatlak
 ms.custom: generated
 ---
 
@@ -2,7 +2,7 @@
 author: davidsmatlak
 ms.service: azure-policy
 ms.topic: include
-ms.date: 03/18/2024
+ms.date: 03/28/2024
 ms.author: davidsmatlak
 ms.custom: generated
 ---
@@ -34,12 +34,12 @@ ms.custom: generated
 |[Deploy - Configure diagnostic settings to an Event Hub to be enabled on Azure Key Vault Managed HSM](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fa6d2c800-5230-4a40-bff3-8268b4987d42) |Deploys the diagnostic settings for Azure Key Vault Managed HSM to stream to a regional Event Hub when any Azure Key Vault Managed HSM which is missing this diagnostic settings is created or updated. |DeployIfNotExists, Disabled |[1.0.0](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Key%20Vault/ManagedHsm_DiagnosticLog_DINE.json) |
 |[Deploy Diagnostic Settings for Key Vault to Event Hub](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fed7c8c13-51e7-49d1-8a43-8490431a0da2) |Deploys the diagnostic settings for Key Vault to stream to a regional Event Hub when any Key Vault which is missing this diagnostic settings is created or updated. |DeployIfNotExists, Disabled |[3.0.1](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Key%20Vault/DiagnosticLog_DINE.json) |
 |[Deploy Diagnostic Settings for Key Vault to Log Analytics workspace](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fbef3f64c-5290-43b7-85b0-9b254eef4c47) |Deploys the diagnostic settings for Key Vault to stream to a regional Log Analytics workspace when any Key Vault which is missing this diagnostic settings is created or updated. |DeployIfNotExists, Disabled |[3.0.0](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Monitoring/KeyVault_DeployDiagnosticLog_Deploy_LogAnalytics.json) |
-|[Enable logging by category group for Key vaults (microsoft.keyvault/vaults) to Event Hub](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F71153be3-4742-4aae-9aec-150f7589311b) |Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This policy deploys a diagnostic setting using a category group to route logs to an Event Hub for Key vaults (microsoft.keyvault/vaults). |DeployIfNotExists, AuditIfNotExists, Disabled |[1.1.0](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Monitoring/DiagSettings_eventHub_keyvault-vaults_DINE.json) |
-|[Enable logging by category group for Key vaults (microsoft.keyvault/vaults) to Log Analytics](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F6b359d8f-f88d-4052-aa7c-32015963ecc1) |Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This policy deploys a diagnostic setting using a category group to route logs to a Log Analytics workspace for Key vaults (microsoft.keyvault/vaults). |DeployIfNotExists, AuditIfNotExists, Disabled |[1.0.0](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Monitoring/DiagSettings_logAnalytics_keyvault-vaults_DINE.json) |
-|[Enable logging by category group for Key vaults (microsoft.keyvault/vaults) to Storage](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fedf35972-ed56-4c2f-a4a1-65f0471ba702) |Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This policy deploys a diagnostic setting using a category group to route logs to a Storage Account for Key vaults (microsoft.keyvault/vaults). |DeployIfNotExists, AuditIfNotExists, Disabled |[1.0.0](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Monitoring/AzureMonitor_DiagSettings_storage_keyvault-vaults_DINE.json) |
-|[Enable logging by category group for Managed HSMs (microsoft.keyvault/managedhsms) to Event Hub](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F1abe42e1-a726-4dee-94c2-79f364dac9b7) |Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This policy deploys a diagnostic setting using a category group to route logs to an Event Hub for Managed HSMs (microsoft.keyvault/managedhsms). |DeployIfNotExists, AuditIfNotExists, Disabled |[1.1.0](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Monitoring/DiagSettings_eventHub_keyvault-managedhsms_DINE.json) |
-|[Enable logging by category group for Managed HSMs (microsoft.keyvault/managedhsms) to Log Analytics](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fb88bfd90-4da5-43eb-936f-ae1481924291) |Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This policy deploys a diagnostic setting using a category group to route logs to a Log Analytics workspace for Managed HSMs (microsoft.keyvault/managedhsms). |DeployIfNotExists, AuditIfNotExists, Disabled |[1.0.0](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Monitoring/DiagSettings_logAnalytics_keyvault-managedhsms_DINE.json) |
-|[Enable logging by category group for Managed HSMs (microsoft.keyvault/managedhsms) to Storage](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F5a6186f9-04a4-4320-b6ed-a1c3f2ebbc3b) |Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This policy deploys a diagnostic setting using a category group to route logs to a Storage Account for Managed HSMs (microsoft.keyvault/managedhsms). |DeployIfNotExists, AuditIfNotExists, Disabled |[1.0.0](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Monitoring/DiagSettings_storage_keyvault-managedhsms_DINE.json) |
+|[Enable logging by category group for Key vaults (microsoft.keyvault/vaults) to Event Hub](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F71153be3-4742-4aae-9aec-150f7589311b) |Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This policy deploys a diagnostic setting using a category group to route logs to an Event Hub for Key vaults (microsoft.keyvault/vaults). |DeployIfNotExists, AuditIfNotExists, Disabled |[1.1.0](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Monitoring/DS_EH_keyvault-vaults_DINE.json) |
+|[Enable logging by category group for Key vaults (microsoft.keyvault/vaults) to Log Analytics](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F6b359d8f-f88d-4052-aa7c-32015963ecc1) |Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This policy deploys a diagnostic setting using a category group to route logs to a Log Analytics workspace for Key vaults (microsoft.keyvault/vaults). |DeployIfNotExists, AuditIfNotExists, Disabled |[1.0.0](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Monitoring/DS_LA_keyvault-vaults_DINE.json) |
+|[Enable logging by category group for Key vaults (microsoft.keyvault/vaults) to Storage](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fedf35972-ed56-4c2f-a4a1-65f0471ba702) |Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This policy deploys a diagnostic setting using a category group to route logs to a Storage Account for Key vaults (microsoft.keyvault/vaults). |DeployIfNotExists, AuditIfNotExists, Disabled |[1.0.0](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Monitoring/DS_ST_keyvault-vaults_DINE.json) |
+|[Enable logging by category group for Managed HSMs (microsoft.keyvault/managedhsms) to Event Hub](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F1abe42e1-a726-4dee-94c2-79f364dac9b7) |Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This policy deploys a diagnostic setting using a category group to route logs to an Event Hub for Managed HSMs (microsoft.keyvault/managedhsms). |DeployIfNotExists, AuditIfNotExists, Disabled |[1.1.0](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Monitoring/DS_EH_keyvault-managedhsms_DINE.json) |
+|[Enable logging by category group for Managed HSMs (microsoft.keyvault/managedhsms) to Log Analytics](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fb88bfd90-4da5-43eb-936f-ae1481924291) |Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This policy deploys a diagnostic setting using a category group to route logs to a Log Analytics workspace for Managed HSMs (microsoft.keyvault/managedhsms). |DeployIfNotExists, AuditIfNotExists, Disabled |[1.0.0](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Monitoring/DS_LA_keyvault-managedhsms_DINE.json) |
+|[Enable logging by category group for Managed HSMs (microsoft.keyvault/managedhsms) to Storage](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F5a6186f9-04a4-4320-b6ed-a1c3f2ebbc3b) |Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This policy deploys a diagnostic setting using a category group to route logs to a Storage Account for Managed HSMs (microsoft.keyvault/managedhsms). |DeployIfNotExists, AuditIfNotExists, Disabled |[1.0.0](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Monitoring/DS_ST_keyvault-managedhsms_DINE.json) |
 |[Key Vault keys should have an expiration date](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F152b15f7-8e1f-4c1f-ab71-8c010ba5dbc0) |Cryptographic keys should have a defined expiration date and not be permanent. Keys that are valid forever provide a potential attacker with more time to compromise the key. It is a recommended security practice to set expiration dates on cryptographic keys. |Audit, Deny, Disabled |[1.0.2](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Key%20Vault/Keys_ExpirationSet.json) |
 |[Key Vault secrets should have an expiration date](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F98728c90-32c7-4049-8429-847dc0f4fe37) |Secrets should have a defined expiration date and not be permanent. Secrets that are valid forever provide a potential attacker with more time to compromise them. It is a recommended security practice to set expiration dates on secrets. |Audit, Deny, Disabled |[1.0.2](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Key%20Vault/Secrets_ExpirationSet.json) |
 |[Key Vault should use a virtual network service endpoint](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fea4d6841-2173-4317-9747-ff522a45120f) |This policy audits any Key Vault not configured to use a virtual network service endpoint. |Audit, Disabled |[1.0.0](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Network/VirtualNetworkServiceEndpoint_KeyVault_Audit.json) |
 
@@ -2,7 +2,7 @@
 author: davidsmatlak
 ms.service: azure-policy
 ms.topic: include
-ms.date: 03/18/2024
+ms.date: 03/28/2024
 ms.author: davidsmatlak
 ms.custom: generated
 ---
 
@@ -2,7 +2,7 @@
 author: davidsmatlak
 ms.service: azure-policy
 ms.topic: include
-ms.date: 03/18/2024
+ms.date: 03/28/2024
 ms.author: davidsmatlak
 ms.custom: generated
 ---
 
@@ -2,7 +2,7 @@
 author: davidsmatlak
 ms.service: azure-policy
 ms.topic: include
-ms.date: 03/18/2024
+ms.date: 03/28/2024
 ms.author: davidsmatlak
 ms.custom: generated
 ---
 
@@ -2,7 +2,7 @@
 author: davidsmatlak
 ms.service: azure-policy
 ms.topic: include
-ms.date: 03/18/2024
+ms.date: 03/28/2024
 ms.author: davidsmatlak
 ms.custom: generated
 ---