From d6ed6a9193cd2c9d65aeceaa22e7ca816ea88212 Mon Sep 17 00:00:00 2001
From: asukumar22 <70966383+asukumar22@users.noreply.github.com>
Date: Wed, 25 Sep 2024 18:27:55 -0700
Subject: [PATCH 1/2] Added ARG queries to A01.28 in afd_checklist.en.json

Added ARG queries to A01.28 in afd_checklist.en.json
---
 checklists/afd_checklist.en.json | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/checklists/afd_checklist.en.json b/checklists/afd_checklist.en.json
index 7f76ab13c..112d9e958 100644
--- a/checklists/afd_checklist.en.json
+++ b/checklists/afd_checklist.en.json
@@ -175,6 +175,7 @@
             "guid": "2902d8cc-1b0c-4495-afad-624ab70f7bd6",
             "id": "A01.28",
             "severity": "High",
+            "graph" : "resources | where type == "microsoft.network/frontdoorwebapplicationfirewallpolicies" | where properties['policySettings']['mode'] == "Detection"| extend compliant = (properties['policySettings']['mode'] == "Detection")| distinct id, compliant",
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#tune-your-waf"
         },
         {
@@ -514,4 +515,4 @@
         "waf": "all",
         "timestamp": "September 23, 2024"
     }
-}
\ No newline at end of file
+}

From 9c4c09a4feac0796cbb8c9b0524424fcbf7d77e6 Mon Sep 17 00:00:00 2001
From: asukumar22 <70966383+asukumar22@users.noreply.github.com>
Date: Thu, 26 Sep 2024 13:56:20 -0700
Subject: [PATCH 2/2] Added single quotes for strings and added case
 insensitive comparison in afd_checklist.en.json

Added reviewed or suggested changes
---
 checklists/afd_checklist.en.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/checklists/afd_checklist.en.json b/checklists/afd_checklist.en.json
index 112d9e958..663afa41c 100644
--- a/checklists/afd_checklist.en.json
+++ b/checklists/afd_checklist.en.json
@@ -175,7 +175,7 @@
             "guid": "2902d8cc-1b0c-4495-afad-624ab70f7bd6",
             "id": "A01.28",
             "severity": "High",
-            "graph" : "resources | where type == "microsoft.network/frontdoorwebapplicationfirewallpolicies" | where properties['policySettings']['mode'] == "Detection"| extend compliant = (properties['policySettings']['mode'] == "Detection")| distinct id, compliant",
+            "graph" : 'resources | where type =~ 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | where properties['policySettings']['mode'] =~ 'Detection'| extend compliant = (properties['policySettings']['mode'] =~ 'Detection')| distinct id, compliant',
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#tune-your-waf"
         },
         {