Azure · anuchandy · Sep 24, 2019 · Sep 18, 2019 · Sep 18, 2019 · Sep 18, 2019
diff --git a/...ource-manager/Microsoft.Security/preview/2015-06-01-preview/applicationWhitelistings.json b/...ource-manager/Microsoft.Security/preview/2015-06-01-preview/applicationWhitelistings.json
@@ -211,6 +211,9 @@
         "enforcementMode": {
           "$ref": "#/definitions/EnforcementMode"
         },
+        "protectionMode": {
+          "$ref": "#/definitions/ProtectionMode"
+        },
         "configurationStatus": {
           "$ref": "#/definitions/ConfigurationStatus"
         },
@@ -236,8 +239,13 @@
       "description": "The altered data of the recommended VM/server group policy",
       "properties": {
         "enforcementMode": {
+          "description": "The enforcement mode of the group. Can also be defined per collection type by using ProtectionMode",
           "$ref": "#/definitions/EnforcementMode"
         },
+        "protectionMode": {
+          "description": "The protection mode of the group per collection type. Can also be defined for all collection types by using EnforcementMode",
+          "$ref": "#/definitions/ProtectionMode"
+        },
         "vmRecommendations": {
           "$ref": "#/definitions/VmRecommendations"
         },
@@ -265,6 +273,24 @@
         "Enforce"
       ]
     },
+    "ProtectionMode": {
+      "type": "object",
+      "description": "The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux.",
+      "properties": {
+        "Exe": {
+          "$ref": "#/definitions/EnforcementMode"
+        },
+        "Msi": {
+          "$ref": "#/definitions/EnforcementMode"
+        },
+        "Script": {
+          "$ref": "#/definitions/EnforcementMode"
+        },
+        "Executable": {
+          "$ref": "#/definitions/EnforcementMode"
+        }
+	  }
+    },
     "RecommendationStatus": {
       "type": "string",
       "description": "The recommendation status of the VM/server group or VM/server",

diff --git a/...1-preview/examples/ApplicationWhitelistings/GetApplicationWhitelistingsGroup_example.json b/...1-preview/examples/ApplicationWhitelistings/GetApplicationWhitelistingsGroup_example.json
@@ -15,6 +15,11 @@
         "properties": {
           "recommendationStatus": "Recommended",
           "enforcementMode": "Audit",
+          "protectionMode": {
+            "Exe": "Audit",
+            "Msi": "Audit",
+            "Script": "None"
+          },
           "vmRecommendations": [
             {
               "configurationStatus": "Configured",

diff --git a/...ew/examples/ApplicationWhitelistings/GetApplicationWhitelistingsSubscription_example.json b/...ew/examples/ApplicationWhitelistings/GetApplicationWhitelistingsSubscription_example.json
@@ -17,6 +17,11 @@
             "properties": {
               "recommendationStatus": "Recommended",
               "enforcementMode": "Audit",
+              "protectionMode": {
+                "Exe": "Audit",
+                "Msi": "Audit",
+                "Script": "None"
+              },
               "vmRecommendations": [
                 {
                   "configurationStatus": "Configured",
@@ -124,6 +129,11 @@
             "properties": {
               "recommendationStatus": "Recommended",
               "enforcementMode": "Audit",
+              "protectionMode": {
+                "Exe": "Audit",
+                "Msi": "None",
+                "Script": "None"
+              },
               "vmRecommendations": [
                 {
                   "configurationStatus": "Configured",
@@ -169,6 +179,11 @@
             "properties": {
               "recommendationStatus": "Recommended",
               "enforcementMode": "Audit",
+              "protectionMode": {
+                "Exe": "Audit",
+                "Msi": "None",
+                "Script": "None"
+              },
               "vmRecommendations": [
                 {
                   "configurationStatus": "Configured",
@@ -313,123 +328,6 @@
               "sourceSystem": "Azure_AppLocker"
             }
           },
-          {
-            "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/providers/Microsoft.Security/locations/centralus/applicationWhitelistings/GROUP2-RE",
-            "name": "GROUP2-RE",
-            "type": "Microsoft.Security/applicationWhitelistings",
-            "location": "centralus",
-            "properties": {
-              "recommendationStatus": "Recommended",
-              "enforcementMode": "Audit",
-              "vmRecommendations": [
-                {
-                  "configurationStatus": "Configured",
-                  "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourcegroups/matanjittest/providers/microsoft.compute/virtualmachines/matansourcejit",
-                  "recommendationAction": "Recommended"
-                },
-                {
-                  "configurationStatus": "Configured",
-                  "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourcegroups/erelh-dsc/providers/microsoft.compute/virtualmachines/erelh-14010",
-                  "recommendationAction": "Recommended"
-                },
-                {
-                  "configurationStatus": "Configured",
-                  "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourcegroups/erelh-stable/providers/microsoft.compute/virtualmachines/erelh-16091",
-                  "recommendationAction": "Recommended"
-                }
-              ],
-              "pathRecommendations": [
-                {
-                  "path": "[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0",
-                  "type": "PublisherSignature",
-                  "publisherInfo": {
-                    "publisherName": "O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US",
-                    "productName": "*",
-                    "binaryName": "*",
-                    "version": "0.0.0.0"
-                  },
-                  "common": true,
-                  "action": "Recommended",
-                  "usernames": [
-                    {
-                      "username": "Everyone",
-                      "recommendationAction": "Recommended"
-                    }
-                  ],
-                  "userSids": [
-                    "S-1-1-0"
-                  ],
-                  "fileType": "Exe",
-                  "configurationStatus": "Configured"
-                },
-                {
-                  "path": "C:\\bla.exe",
-                  "type": "File",
-                  "common": true,
-                  "action": "Add",
-                  "usernames": [
-                    {
-                      "username": "Everyone",
-                      "recommendationAction": "Recommended"
-                    }
-                  ],
-                  "userSids": [
-                    "S-1-1-0"
-                  ],
-                  "fileType": "Exe",
-                  "configurationStatus": "Configured"
-                }
-              ],
-              "configurationStatus": "Configured",
-              "issues": [],
-              "sourceSystem": "Azure_AppLocker"
-            }
-          },
-          {
-            "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/providers/Microsoft.Security/locations/westeurope/applicationWhitelistings/BENJITGROUP13",
-            "name": "BENJITGROUP13",
-            "type": "Microsoft.Security/applicationWhitelistings",
-            "location": "westeurope",
-            "properties": {
-              "recommendationStatus": "Recommended",
-              "enforcementMode": "Audit",
-              "vmRecommendations": [
-                {
-                  "configurationStatus": "Configured",
-                  "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourcegroups/bengr-jit-test/providers/microsoft.compute/virtualmachines/bengr-jit-test3",
-                  "recommendationAction": "Recommended"
-                }
-              ],
-              "pathRecommendations": [
-                {
-                  "path": "[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0",
-                  "type": "PublisherSignature",
-                  "publisherInfo": {
-                    "publisherName": "O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US",
-                    "productName": "*",
-                    "binaryName": "*",
-                    "version": "0.0.0.0"
-                  },
-                  "common": true,
-                  "action": "Recommended",
-                  "usernames": [
-                    {
-                      "username": "Everyone",
-                      "recommendationAction": "Recommended"
-                    }
-                  ],
-                  "userSids": [
-                    "S-1-1-0"
-                  ],
-                  "fileType": "Exe",
-                  "configurationStatus": "Configured"
-                }
-              ],
-              "configurationStatus": "Configured",
-              "issues": [],
-              "sourceSystem": "Azure_AppLocker"
-            }
-          },
           {
             "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/providers/Microsoft.Security/locations/westeurope/applicationWhitelistings/GROUP1",
             "name": "GROUP1",
@@ -438,6 +336,9 @@
             "properties": {
               "recommendationStatus": "Recommended",
               "enforcementMode": "Audit",
+              "protectionMode": {
+                "Executable": "Audit"
+              },
               "vmRecommendations": [
                 {
                   "configurationStatus": "Configured",
@@ -1110,51 +1011,6 @@
               ],
               "sourceSystem": "Azure_AuditD"
             }
-          },
-          {
-            "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/providers/Microsoft.Security/locations/westeurope/applicationWhitelistings/GROUP2",
-            "name": "GROUP2",
-            "type": "Microsoft.Security/applicationWhitelistings",
-            "location": "westeurope",
-            "properties": {
-              "recommendationStatus": "Recommended",
-              "enforcementMode": "Audit",
-              "vmRecommendations": [
-                {
-                  "configurationStatus": "Configured",
-                  "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourcegroups/bengr-jit-test/providers/microsoft.compute/virtualmachines/bengr-jit-test1",
-                  "recommendationAction": "Recommended"
-                }
-              ],
-              "pathRecommendations": [
-                {
-                  "path": "[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0",
-                  "type": "PublisherSignature",
-                  "publisherInfo": {
-                    "publisherName": "O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US",
-                    "productName": "*",
-                    "binaryName": "*",
-                    "version": "0.0.0.0"
-                  },
-                  "common": true,
-                  "action": "Recommended",
-                  "usernames": [
-                    {
-                      "username": "Everyone",
-                      "recommendationAction": "Recommended"
-                    }
-                  ],
-                  "userSids": [
-                    "S-1-1-0"
-                  ],
-                  "fileType": "Exe",
-                  "configurationStatus": "Configured"
-                }
-              ],
-              "configurationStatus": "Configured",
-              "issues": [],
-              "sourceSystem": "Azure_AppLocker"
-            }
           }
         ]
       }

diff --git a/...-06-01-preview/examples/ApplicationWhitelistings/PutApplicationWhitelistings_example.json b/...-06-01-preview/examples/ApplicationWhitelistings/PutApplicationWhitelistings_example.json
@@ -10,6 +10,11 @@
       "name": "ERELGROUP1",
       "properties": {
         "enforcementMode": "Audit",
+        "protectionMode": {
+          "Exe": "Audit",
+          "Msi": "None",
+          "Script": "None"
+        },
         "vmRecommendations": [
           {
             "configurationStatus": "Configured",
@@ -112,6 +117,11 @@
         "properties": {
           "recommendationStatus": "Recommended",
           "enforcementMode": "Audit",
+          "protectionMode": {
+            "Exe": "Audit",
+            "Msi": "None",
+            "Script": "None"
+          },
           "vmRecommendations": [
             {
               "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourcegroups/erelh-stable/providers/microsoft.compute/virtualmachines/erelh-16090",