feat: update platform/alz library (automated) (#148)

cae-pr-creator[bot] · web-flow · commit dab7232b1376 · 2025-02-18T22:30:15.000Z
diff --git a/platform/alz/README.md b/platform/alz/README.md
@@ -347,7 +347,7 @@ flowchart TD
 - Enforce-EncryptTransit
 - Enforce-EncryptTransit_20240509
 - Enforce-EncryptTransit_20241211
-- Enforce-Encryption-CMK
+- Enforce-Encryption-CMK_20250218
 - Enforce-Guardrails-APIM
 - Enforce-Guardrails-AppServices
 - Enforce-Guardrails-Automation
@@ -716,7 +716,7 @@ The subscription id that hosts the private link DNS zones.
 - Enforce-EncryptTransit
 - Enforce-EncryptTransit_20240509
 - Enforce-EncryptTransit_20241211
-- Enforce-Encryption-CMK
+- Enforce-Encryption-CMK_20250218
 - Enforce-Guardrails-APIM
 - Enforce-Guardrails-AppServices
 - Enforce-Guardrails-Automation
diff --git a/platform/alz/archetype_definitions/root.alz_archetype_definition.json b/platform/alz/archetype_definitions/root.alz_archetype_definition.json
@@ -197,7 +197,7 @@
     "Enforce-ALZ-Decomm",
     "Enforce-ALZ-Sandbox",
     "Enforce-Backup",
-    "Enforce-Encryption-CMK",
+    "Enforce-Encryption-CMK_20250218",
     "Enforce-EncryptTransit_20240509",
     "Enforce-EncryptTransit_20241211",
     "Enforce-EncryptTransit",
diff --git a/platform/alz/policy_set_definitions/Enforce-Encryption-CMK_20250218.alz_policy_set_definition.json b/platform/alz/policy_set_definitions/Enforce-Encryption-CMK_20250218.alz_policy_set_definition.json
@@ -1,5 +1,5 @@
 {
-  "name": "Enforce-Encryption-CMK",
+  "name": "Enforce-Encryption-CMK_20250218",
   "properties": {
     "description": "Deny or Audit resources without Encryption with a customer-managed key (CMK)",
     "displayName": "Deny or Audit resources without Encryption with a customer-managed key (CMK)",
@@ -8,8 +8,9 @@
         "AzureCloud"
       ],
       "category": "Encryption",
+      "replacesPolicy": "Enforce-Encryption-CMK",
       "source": "https://github.com/Azure/Enterprise-Scale/",
-      "version": "3.2.0"
+      "version": "1.0.0"
     },
     "parameters": {
       "ACRCmkEffect": {
@@ -252,11 +253,10 @@
       },
       "cognitiveSearchCmk": {
         "allowedValues": [
-          "Audit",
-          "Deny",
+          "AuditIfNotExists",
           "Disabled"
         ],
-        "defaultValue": "Deny",
+        "defaultValue": "AuditIfNotExists",
         "type": "string"
       },
       "containerInstanceCmk": {
