From 71eec2014a3e046a50aefd82e0d7c05ccf095b90 Mon Sep 17 00:00:00 2001
From: asukumar22 <70966383+asukumar22@users.noreply.github.com>
Date: Mon, 16 Sep 2024 20:32:49 -0700
Subject: [PATCH 1/6] Update network_appdelivery_checklist.en.json

Added ARG query for A01.40
---
 checklists/network_appdelivery_checklist.en.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/checklists/network_appdelivery_checklist.en.json b/checklists/network_appdelivery_checklist.en.json
index fb8366a3d..3bb57e9f1 100644
--- a/checklists/network_appdelivery_checklist.en.json
+++ b/checklists/network_appdelivery_checklist.en.json
@@ -220,7 +220,7 @@
             "id": "A01.40",
             "ammp": true,
             "severity": "High",
-            "graph": "resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode",
+            "graph": "resources | where type == "microsoft.network/applicationgatewaywebapplicationfirewallpolicies" | where properties['policySettings']['mode'] == "Prevention" | distinct id, name"
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings"
         },
         {

From d2b7a62fdc4b043d74dd95f6bf65621abc437c3d Mon Sep 17 00:00:00 2001
From: asukumar22 <70966383+asukumar22@users.noreply.github.com>
Date: Tue, 17 Sep 2024 16:08:58 -0700
Subject: [PATCH 2/6] Update network_appdelivery_checklist.en.json

Updated the A01.40 item ARG query with compliant tag and added comma to the end of the line of ARG.
---
 checklists/network_appdelivery_checklist.en.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/checklists/network_appdelivery_checklist.en.json b/checklists/network_appdelivery_checklist.en.json
index 3bb57e9f1..f6eff683d 100644
--- a/checklists/network_appdelivery_checklist.en.json
+++ b/checklists/network_appdelivery_checklist.en.json
@@ -220,7 +220,7 @@
             "id": "A01.40",
             "ammp": true,
             "severity": "High",
-            "graph": "resources | where type == "microsoft.network/applicationgatewaywebapplicationfirewallpolicies" | where properties['policySettings']['mode'] == "Prevention" | distinct id, name"
+            "graph": "resources | where type == "microsoft.network/applicationgatewaywebapplicationfirewallpolicies" | extend compliant = (properties['policySettings']['mode'] == "Prevention")| where properties['policySettings']['mode'] == "Prevention" | distinct id, name, compliant",
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings"
         },
         {

From 5581b2edf63a9d4e4291bd1301c33e6072bef873 Mon Sep 17 00:00:00 2001
From: asukumar22 <70966383+asukumar22@users.noreply.github.com>
Date: Mon, 23 Sep 2024 07:11:18 -0700
Subject: [PATCH 3/6] Update network_appdelivery_checklist.en.json

Updated the suggested changes, added =~ wherever possible and also added single quotes for graph query
---
 checklists/network_appdelivery_checklist.en.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/checklists/network_appdelivery_checklist.en.json b/checklists/network_appdelivery_checklist.en.json
index f6eff683d..05a0cf69d 100644
--- a/checklists/network_appdelivery_checklist.en.json
+++ b/checklists/network_appdelivery_checklist.en.json
@@ -220,7 +220,7 @@
             "id": "A01.40",
             "ammp": true,
             "severity": "High",
-            "graph": "resources | where type == "microsoft.network/applicationgatewaywebapplicationfirewallpolicies" | extend compliant = (properties['policySettings']['mode'] == "Prevention")| where properties['policySettings']['mode'] == "Prevention" | distinct id, name, compliant",
+            "graph": 'resources | where type == "microsoft.network/applicationgatewaywebapplicationfirewallpolicies" | extend compliant = (properties['policySettings']['mode'] =~ "Prevention")| where properties['policySettings']['mode'] =~ "Prevention" | distinct id, name, compliant',
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings"
         },
         {

From 2406a7afd5028301da78be46fcbaf544cce648f7 Mon Sep 17 00:00:00 2001
From: asukumar22 <70966383+asukumar22@users.noreply.github.com>
Date: Mon, 23 Sep 2024 08:19:35 -0700
Subject: [PATCH 4/6] Update network_appdelivery_checklist.en.json

Corrected with single quotes for strings inside query
---
 checklists/network_appdelivery_checklist.en.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/checklists/network_appdelivery_checklist.en.json b/checklists/network_appdelivery_checklist.en.json
index 05a0cf69d..86a633e6a 100644
--- a/checklists/network_appdelivery_checklist.en.json
+++ b/checklists/network_appdelivery_checklist.en.json
@@ -220,7 +220,7 @@
             "id": "A01.40",
             "ammp": true,
             "severity": "High",
-            "graph": 'resources | where type == "microsoft.network/applicationgatewaywebapplicationfirewallpolicies" | extend compliant = (properties['policySettings']['mode'] =~ "Prevention")| where properties['policySettings']['mode'] =~ "Prevention" | distinct id, name, compliant',
+            "graph": "resources | where type == 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | extend compliant = (properties['policySettings']['mode'] =~ 'Prevention')| where properties['policySettings']['mode'] =~ 'Prevention' | distinct id, name, compliant",
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings"
         },
         {

From 1856d2be6334d63541f1652aea97937852bdd27c Mon Sep 17 00:00:00 2001
From: asukumar22 <70966383+asukumar22@users.noreply.github.com>
Date: Mon, 7 Oct 2024 07:25:00 -0700
Subject: [PATCH 5/6] Update network_appdelivery_checklist.en.json

updated =~ in type == microsoft.network/applicationgatewayfirewallpolicies
---
 checklists/network_appdelivery_checklist.en.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/checklists/network_appdelivery_checklist.en.json b/checklists/network_appdelivery_checklist.en.json
index 86a633e6a..80f3e879a 100644
--- a/checklists/network_appdelivery_checklist.en.json
+++ b/checklists/network_appdelivery_checklist.en.json
@@ -220,7 +220,7 @@
             "id": "A01.40",
             "ammp": true,
             "severity": "High",
-            "graph": "resources | where type == 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | extend compliant = (properties['policySettings']['mode'] =~ 'Prevention')| where properties['policySettings']['mode'] =~ 'Prevention' | distinct id, name, compliant",
+            "graph": "resources | where type =~ 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | extend compliant = (properties['policySettings']['mode'] =~ 'Prevention')| where properties['policySettings']['mode'] =~ 'Prevention' | distinct id, name, compliant",
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings"
         },
         {

From 1f7289137eab2f5964edaa7c8a7dfb08397ce60f Mon Sep 17 00:00:00 2001
From: asukumar22 <70966383+asukumar22@users.noreply.github.com>
Date: Mon, 21 Oct 2024 14:49:53 -0700
Subject: [PATCH 6/6] Update network_appdelivery_checklist.en.json

Corrected with reviewed changes requested for more info link for A01.40
---
 checklists/network_appdelivery_checklist.en.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/checklists/network_appdelivery_checklist.en.json b/checklists/network_appdelivery_checklist.en.json
index 80f3e879a..57c15b46f 100644
--- a/checklists/network_appdelivery_checklist.en.json
+++ b/checklists/network_appdelivery_checklist.en.json
@@ -221,7 +221,7 @@
             "ammp": true,
             "severity": "High",
             "graph": "resources | where type =~ 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | extend compliant = (properties['policySettings']['mode'] =~ 'Prevention')| where properties['policySettings']['mode'] =~ 'Prevention' | distinct id, name, compliant",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings"
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/policy-overview?source=recommendations"                                                                                                                                                                                                                            
         },
         {
             "category": "Network Topology and Connectivity",