Update policy definition groups and clean up deprecated entries in Cosmos DB policy initiative

taoyangcloud · taoyangcloud · commit 63a027aea39d · 2026-05-11T15:42:01.000+10:00
diff --git a/policyInitiatives/polset-cosmos-db.json b/policyInitiatives/polset-cosmos-db.json
@@ -132,44 +132,24 @@
     },
     "policyDefinitionGroups": [
       {
-        "name": "ISO27001-2013_A.8.2.3",
-        "additionalMetadataId": "/providers/Microsoft.PolicyInsights/policyMetadata/ISO27001-2013_A.8.2.3"
+        "name": "ISO27001-2013_A.9.2.3",
+        "additionalMetadataId": "/providers/Microsoft.PolicyInsights/policyMetadata/ISO27001-2013_A.9.2.3"
       },
       {
         "name": "ISO27001-2013_A.10.1.1",
         "additionalMetadataId": "/providers/Microsoft.PolicyInsights/policyMetadata/ISO27001-2013_A.10.1.1"
       },
-
-      {
-        "name": "ISO27001-2013_A.12.3.1",
-        "additionalMetadataId": "/providers/Microsoft.PolicyInsights/policyMetadata/ISO27001-2013_A.12.3.1"
-      },
       {
         "name": "ISO27001-2013_A.13.1.3",
         "additionalMetadataId": "/providers/Microsoft.PolicyInsights/policyMetadata/ISO27001-2013_A.13.1.3"
       },
-      {
-        "name": "ISO27001-2013_A.14.1.2",
-        "additionalMetadataId": "/providers/Microsoft.PolicyInsights/policyMetadata/ISO27001-2013_A.14.1.2"
-      },
       {
         "name": "ISO27001-2013_A.15.1.2",
         "additionalMetadataId": "/providers/Microsoft.PolicyInsights/policyMetadata/ISO27001-2013_A.15.1.2"
       },
       {
-        "name": "ISO27001-2013_A.17.1.1",
-        "additionalMetadataId": "/providers/Microsoft.PolicyInsights/policyMetadata/ISO27001-2013_A.17.1.1"
-      },
-      {
-        "name": "ISO27001-2013_A.17.1.2",
-        "additionalMetadataId": "/providers/Microsoft.PolicyInsights/policyMetadata/ISO27001-2013_A.17.1.2"
-      },
-            {
         "name": "ISO27001-2013_A.18.1.1",
         "additionalMetadataId": "/providers/Microsoft.PolicyInsights/policyMetadata/ISO27001-2013_A.18.1.1"
-      },
-      {
-        "name": "CB-AZ-011"
       }
     ],
     "policyDefinitions": [
@@ -183,9 +163,7 @@
           }
         },
         "groupNames": [
-          "ISO27001-2013_A.12.3.1",
-          "ISO27001-2013_A.17.1.1",
-          "ISO27001-2013_A.17.1.2"
+          "ISO27001-2013_A.9.2.3"
         ]
       },
       {
@@ -211,8 +189,7 @@
           }
         },
         "groupNames": [
-          "ISO27001-2013_A.13.1.3",
-          "CB-AZ-011"
+          "ISO27001-2013_A.13.1.3"
         ]
       },
       {
@@ -225,7 +202,7 @@
           }
         },
         "groupNames": [
-          "ISO27001-2013_A.12.3.1"
+          "ISO27001-2013_A.10.1.1"
         ]
       },
       {
@@ -237,9 +214,7 @@
           }
         },
         "groupNames": [
-          "ISO27001-2013_A.12.3.1",
-          "ISO27001-2013_A.17.1.1",
-          "ISO27001-2013_A.17.1.2"
+          "ISO27001-2013_A.9.2.3"
         ]
       },
       {
@@ -254,9 +229,7 @@
           }
         },
         "groupNames": [
-          "ISO27001-2013_A.8.2.3",
-          "ISO27001-2013_A.10.1.1",
-          "ISO27001-2013_A.14.1.2"
+          "ISO27001-2013_A.10.1.1"
         ]
       },
       {

Original file line number	Diff line number	Diff line change
`@@ -132,44 +132,24 @@`
`132`	`132`	`},`
`133`	`133`	`"policyDefinitionGroups": [`
`134`	`134`	`{`
`135`		`- "name": "ISO27001-2013_A.8.2.3",`
`136`		`- "additionalMetadataId": "/providers/Microsoft.PolicyInsights/policyMetadata/ISO27001-2013_A.8.2.3"`
	`135`	`+ "name": "ISO27001-2013_A.9.2.3",`
	`136`	`+ "additionalMetadataId": "/providers/Microsoft.PolicyInsights/policyMetadata/ISO27001-2013_A.9.2.3"`
`137`	`137`	`},`
`138`	`138`	`{`
`139`	`139`	`"name": "ISO27001-2013_A.10.1.1",`
`140`	`140`	`"additionalMetadataId": "/providers/Microsoft.PolicyInsights/policyMetadata/ISO27001-2013_A.10.1.1"`
`141`	`141`	`},`
`142`		`-`
`143`		`- {`
`144`		`- "name": "ISO27001-2013_A.12.3.1",`
`145`		`- "additionalMetadataId": "/providers/Microsoft.PolicyInsights/policyMetadata/ISO27001-2013_A.12.3.1"`
`146`		`- },`
`147`	`142`	`{`
`148`	`143`	`"name": "ISO27001-2013_A.13.1.3",`
`149`	`144`	`"additionalMetadataId": "/providers/Microsoft.PolicyInsights/policyMetadata/ISO27001-2013_A.13.1.3"`
`150`	`145`	`},`
`151`		`- {`
`152`		`- "name": "ISO27001-2013_A.14.1.2",`
`153`		`- "additionalMetadataId": "/providers/Microsoft.PolicyInsights/policyMetadata/ISO27001-2013_A.14.1.2"`
`154`		`- },`
`155`	`146`	`{`
`156`	`147`	`"name": "ISO27001-2013_A.15.1.2",`
`157`	`148`	`"additionalMetadataId": "/providers/Microsoft.PolicyInsights/policyMetadata/ISO27001-2013_A.15.1.2"`
`158`	`149`	`},`
`159`	`150`	`{`
`160`		`- "name": "ISO27001-2013_A.17.1.1",`
`161`		`- "additionalMetadataId": "/providers/Microsoft.PolicyInsights/policyMetadata/ISO27001-2013_A.17.1.1"`
`162`		`- },`
`163`		`- {`
`164`		`- "name": "ISO27001-2013_A.17.1.2",`
`165`		`- "additionalMetadataId": "/providers/Microsoft.PolicyInsights/policyMetadata/ISO27001-2013_A.17.1.2"`
`166`		`- },`
`167`		`- {`
`168`	`151`	`"name": "ISO27001-2013_A.18.1.1",`
`169`	`152`	`"additionalMetadataId": "/providers/Microsoft.PolicyInsights/policyMetadata/ISO27001-2013_A.18.1.1"`
`170`		`- },`
`171`		`- {`
`172`		`- "name": "CB-AZ-011"`
`173`	`153`	`}`
`174`	`154`	`],`
`175`	`155`	`"policyDefinitions": [`
`@@ -183,9 +163,7 @@`
`183`	`163`	`}`
`184`	`164`	`},`
`185`	`165`	`"groupNames": [`
`186`		`- "ISO27001-2013_A.12.3.1",`
`187`		`- "ISO27001-2013_A.17.1.1",`
`188`		`- "ISO27001-2013_A.17.1.2"`
	`166`	`+ "ISO27001-2013_A.9.2.3"`
`189`	`167`	`]`
`190`	`168`	`},`
`191`	`169`	`{`
`@@ -211,8 +189,7 @@`
`211`	`189`	`}`
`212`	`190`	`},`
`213`	`191`	`"groupNames": [`
`214`		`- "ISO27001-2013_A.13.1.3",`
`215`		`- "CB-AZ-011"`
	`192`	`+ "ISO27001-2013_A.13.1.3"`
`216`	`193`	`]`
`217`	`194`	`},`
`218`	`195`	`{`
`@@ -225,7 +202,7 @@`
`225`	`202`	`}`
`226`	`203`	`},`
`227`	`204`	`"groupNames": [`
`228`		`- "ISO27001-2013_A.12.3.1"`
	`205`	`+ "ISO27001-2013_A.10.1.1"`
`229`	`206`	`]`
`230`	`207`	`},`
`231`	`208`	`{`
`@@ -237,9 +214,7 @@`
`237`	`214`	`}`
`238`	`215`	`},`
`239`	`216`	`"groupNames": [`
`240`		`- "ISO27001-2013_A.12.3.1",`
`241`		`- "ISO27001-2013_A.17.1.1",`
`242`		`- "ISO27001-2013_A.17.1.2"`
	`217`	`+ "ISO27001-2013_A.9.2.3"`
`243`	`218`	`]`
`244`	`219`	`},`
`245`	`220`	`{`
`@@ -254,9 +229,7 @@`
`254`	`229`	`}`
`255`	`230`	`},`
`256`	`231`	`"groupNames": [`
`257`		`- "ISO27001-2013_A.8.2.3",`
`258`		`- "ISO27001-2013_A.10.1.1",`
`259`		`- "ISO27001-2013_A.14.1.2"`
	`232`	`+ "ISO27001-2013_A.10.1.1"`
`260`	`233`	`]`
`261`	`234`	`},`
`262`	`235`	`{`