Framework/Configurations/SVT/ControlSettings.json

{
   "Diagnostics_RetentionPeriod_Min": 365,
   "Diagnostics_RetentionPeriod_Forever": 0,
   "KeyVault": {
      "KeyRotationDuration_Days": 365,
      "SecretRotationDuration_Days": 180,
      "KeyType": "RSA-HSM",
      "ADAppCredentialTypeCrt": "AsymmetricX509Cert",
      "ADAppCredentialTypePwd": "Password"
   },
   "SqlServer": {
      "AuditRetentionPeriod_Min": 365,
      "AuditRetentionPeriod_Forever": 0
   },
   "AnalysisService": {
      "Max_Admin_Count": 2
   },
   "ERvNet": {
      "ResourceLockLevel": "ReadOnly"
   },
   "VirtualMachine": {
      "Windows": {
         "SupportedSkuList": [ ],
         "ManagementPortList": [
            {
               "Name": "RDP",
               "Port": 3389
            },
            {
               "Name": "WINRM",
               "Port": 5985
            }
         ],
         "BaselineIds": [],
         "ASCRecommendations": [ "EncryptionOnVm", "InstallAntimalware", "VulnerabilityAssessmentDeployment" ]
      },
      "Linux": {
         "SupportedSkuList": [ ],
         "ManagementPortList": [
            {
               "Name": "RDP",
               "Port": 3389
            },
            {
               "Name": "SSH",
               "Port": 22
            }
         ],
         "BaselineIds": [],
         "ASCRecommendations": []
      },
      "Windows_OS_Baseline_Ids": []
   },
   "NoOfApprovedAdmins": 5,
   "NoOfClassicAdminsLimit": 2,
   "WhitelistedMgmtCerts": {
      "Thumbprints": [],
      "ApprovedValidityRangeInDays": 732
   },
   "WhitelistedCustomRBACRoles": [
      {
         "Id": "21d96096-b162-414a-8302-d8354f9d91b2",
         "Name": "Azure Service Deploy Release Management Contributor"
      },
      {
         "Id": "9f15f5f5-77bd-413a-aa88-4b9c68b1e7bc",
         "Name": "GenevaWarmPathResourceContributor"
      },
      {
         "Id": "7fd64851-3279-459b-b614-e2b2ba760f5b",
         "Name": "Office DevOps"
      },
      {
         "Id": "a48d7796-14b4-4889-afef-fbb65a93e5a2",
         "Name": "masterreader"
      },
      {
         "Id": "a042fe8d-14b3-4850-9120-e2f357577b2d",
         "Name": "Monitor permissions"
      }
   ],
   "UniversalIPRange": "0.0.0.0-255.255.255.255",
   "IPRangeStartIP": "0.0.0.0",
   "IPRangeEndIP": "255.255.255.255",
   "MetricAlert": {
      "Actions": {
         "SendToServiceOwners": true
      },
      "Batch": [
         {
            "Condition": {
               "DataSource": {
                  "MetricName": "PoolDeleteCompleteEvent"
               },
               "Operator": "GreaterThan",
               "Threshold": 0,
               "TimeAggregation": "Total",
               "WindowsSize": "01:00:00"
            },
            "Status": "Enabled"
         },
         {
            "Condition": {
               "DataSource": {
                  "MetricName": "PoolDeleteStartEvent"
               },
               "Operator": "GreaterThan",
               "Threshold": 0,
               "TimeAggregation": "Total",
               "WindowsSize": "01:00:00"
            },
            "Status": "Enabled"
         }
      ],
      "Storage": [
         {
            "Condition": {
               "DataSource": {
                  "MetricName": "AnonymousSuccess"
               },
               "Operator": "GreaterThan",
               "Threshold": 0,
               "TimeAggregation": "Total",
               "WindowsSize": "01:00:00"
            },
            "Status": "Enabled"
         }
      ],
      "StreamAnalytics": [
         {
            "Condition": {
               "DataSource": {
                  "MetricName": "AMLCalloutFailedRequests"
               },
               "Operator": "GreaterThan",
               "Threshold": 0,
               "TimeAggregation": "Total",
               "WindowsSize": "00:05:00"
            },
            "Status": "Enabled"
         },
         {
            "Condition": {
               "DataSource": {
                  "MetricName": "Errors"
               },
               "Operator": "GreaterThan",
               "Threshold": 0,
               "TimeAggregation": "Total",
               "WindowsSize": "00:05:00"
            },
            "Status": "Enabled"
         }
      ]
   },
   "StorageKindMapping": [
      {
         "Kind": "BlobStorage",
         "Services": [
            "blob"
         ],
         "DiagnosticsLogServices": [
            "blob"
         ]
      },
      {
         "Kind": "Storage",
         "Services": [
            "blob",
            "file",
            "queue",
            "table"
         ],
         "DiagnosticsLogServices": [
            "blob",
            "queue",
            "table"
         ]
      }
   ],
   "AppService": {
      "Backup_RetentionPeriod_Min": 365,
      "Backup_RetentionPeriod_Forever": 0,
      "LatestDotNetFrameworkVersionNumber": "v4.0",
      "Minimum_Instance_Count": 2,
      "AADAuthAPIVersion": "2016-08-01",
      "LoadCertAppSettings": "WEBSITE_LOAD_CERTIFICATES"
   },
   "StorageDiagnosticsSkuMapping": [
      "StandardGRS",
      "StandardLRS",
      "StandardRAGRS"
   ],
   "StorageAlertSkuMapping": [
      "StandardGRS",
      "StandardLRS",
      "StandardRAGRS"
   ],
   "StorageGeoRedundantSku": [
      "StandardGRS",
      "StandardRAGRS"
   ],
   "RedisCache": {
      "FirewallApplicableSku": [
         "Premium"
      ],
      "RDBBackApplicableSku": [
         "Premium"
      ]
   },
   "CosmosDb": {
      "Firewall": {
         "IpLimitPerDb": 2048,
         "IpLimitPerRange": 256
      }
   },
   "Automation": {
      "WebhookValidityInDays": 60
   },
   "BaselineControls": {
      "ResourceTypeControlIdMappingList": [],
      "SubscriptionControlIdList": [],
      "ExpiryInDays": 6,
      "SupportedSources": []
   },
   "CloudService": {
      "LatestOSSKUIDs": [ "WA-GUEST-OS-4.44_201707-01" ]
   },
   "AttestationExpiryPeriodInDays": {
      "Default": 90,
      "ControlSeverity": {
         "Critical": 7,
         "High": 30,
         "Medium": 60,
         "Low": 90
      }
   },
   "SubscriptionCore": {
      "EnableV1AlertFailure": false
   }
 
}