IntunePolicies/Edge_Security_Baseline.tf

resource "microsoft365wp_device_management_configuration_policy" "beaseline_edge" {

  name = "Edge"
  technologies       = "mdm"
  settings = [
    { instance = {
      definition_id = "device_vendor_msft_policy_config_defender_enablenetworkprotection"
      choice = { value = {
        value              = "device_vendor_msft_policy_config_defender_enablenetworkprotection_1"
      } }
    } },
    { instance = {
      definition_id = "device_vendor_msft_policy_config_microsoft_edge~policy~microsoft_edge~extensions_extensioninstallblocklist"
      choice = { value = {
        value              = "device_vendor_msft_policy_config_microsoft_edge~policy~microsoft_edge~extensions_extensioninstallblocklist_1"
        children = [
            {
              definition_id = "device_vendor_msft_policy_config_microsoft_edge~policy~microsoft_edge~extensions_extensioninstallblocklist_extensioninstallblocklistdesc"        
              simple_collection = { values = [
              { string = { value = "*" } }
              ] }
            }
          ]
      } }
    } },
    { instance = {
        definition_id = "device_vendor_msft_policy_config_microsoft_edgev88.0.705.23~policy~microsoft_edge~httpauthentication_basicauthoverhttpenabled"
        choice = { value = { 
            value = "device_vendor_msft_policy_config_microsoft_edgev88.0.705.23~policy~microsoft_edge~httpauthentication_basicauthoverhttpenabled_0"
        } }
    } },
    { instance = {
      definition_id = "device_vendor_msft_policy_config_microsoft_edge~policy~microsoft_edge~httpauthentication_authschemes"
      choice = { value = {
        value              = "device_vendor_msft_policy_config_microsoft_edge~policy~microsoft_edge~httpauthentication_authschemes_1"
        children = [
            {
              definition_id = "device_vendor_msft_policy_config_microsoft_edge~policy~microsoft_edge~httpauthentication_authschemes_authschemes"
              simple        = { value = { 
                string = { 
                    value = "ntlm,negotiate" 
                }
                } } 
            }
          ]
      } }
    } },
    { instance = {
      definition_id = "device_vendor_msft_policy_config_microsoft_edge~policy~microsoft_edge~nativemessaging_nativemessaginguserlevelhosts"
      choice = { value = {
        value              = "device_vendor_msft_policy_config_microsoft_edge~policy~microsoft_edge~nativemessaging_nativemessaginguserlevelhosts_0"
      } }
    } },
    { instance = {
      definition_id = "device_vendor_msft_policy_config_microsoft_edgev92~policy~microsoft_edge~privatenetworkrequestsettings_insecureprivatenetworkrequestsallowed"
      choice = { value = {
        value              = "device_vendor_msft_policy_config_microsoft_edgev92~policy~microsoft_edge~privatenetworkrequestsettings_insecureprivatenetworkrequestsallowed_0"
      } }
    } },
    { instance = {
      definition_id = "device_vendor_msft_policy_config_microsoft_edge~policy~microsoft_edge~smartscreen_smartscreenenabled"
      choice = { value = {
        value              = "device_vendor_msft_policy_config_microsoft_edge~policy~microsoft_edge~smartscreen_smartscreenenabled_1"
      } }
    } },
    { instance = {
      definition_id = "device_vendor_msft_policy_config_microsoft_edgev80diff~policy~microsoft_edge~smartscreen_smartscreenpuaenabled"
      choice = { value = {
        value              = "device_vendor_msft_policy_config_microsoft_edgev80diff~policy~microsoft_edge~smartscreen_smartscreenpuaenabled_1"
      } }
    } },
    { instance = {
      definition_id = "device_vendor_msft_policy_config_microsoft_edge~policy~microsoft_edge~smartscreen_preventsmartscreenpromptoverride"
      choice = { value = {
        value              = "device_vendor_msft_policy_config_microsoft_edge~policy~microsoft_edge~smartscreen_preventsmartscreenpromptoverride_1"
      } }
    } },
    { instance = {
      definition_id = "device_vendor_msft_policy_config_microsoft_edge~policy~microsoft_edge~smartscreen_preventsmartscreenpromptoverrideforfiles"
      choice = { value = {
        value              = "device_vendor_msft_policy_config_microsoft_edge~policy~microsoft_edge~smartscreen_preventsmartscreenpromptoverrideforfiles_1"
      } }
    } },
    { instance = {
      definition_id = "device_vendor_msft_policy_config_microsoft_edgev92~policy~microsoft_edge_internetexplorerintegrationreloadiniemodeallowed"
      choice = { value = {
        value              = "device_vendor_msft_policy_config_microsoft_edgev92~policy~microsoft_edge_internetexplorerintegrationreloadiniemodeallowed_0"
      } }
    } },
    { instance = {
      definition_id = "device_vendor_msft_policy_config_microsoft_edge~policy~microsoft_edge_sslerroroverrideallowed"
      choice = { value = {
        value              = "device_vendor_msft_policy_config_microsoft_edge~policy~microsoft_edge_sslerroroverrideallowed_0"
      } }
    } },
    { instance = {
      definition_id = "device_vendor_msft_policy_config_microsoft_edgev117~policy~microsoft_edge_internetexplorerintegrationzoneidentifiermhtfileallowed"
      choice = { value = {
        value              = "device_vendor_msft_policy_config_microsoft_edgev117~policy~microsoft_edge_internetexplorerintegrationzoneidentifiermhtfileallowed_0"
      } }
    } },
    { instance = {
      definition_id = "device_vendor_msft_policy_config_microsoft_edgev95~policy~microsoft_edge_browserlegacyextensionpointsblockingenabled"
      choice = { value = {
        value              = "device_vendor_msft_policy_config_microsoft_edgev95~policy~microsoft_edge_browserlegacyextensionpointsblockingenabled_1"
      } }
    } },
    { instance = {
      definition_id = "device_vendor_msft_policy_config_microsoft_edge~policy~microsoft_edge_siteperprocess"
      choice = { value = {
        value              = "device_vendor_msft_policy_config_microsoft_edge~policy~microsoft_edge_siteperprocess_1"
      } }
    } },
    { instance = {
      definition_id = "device_vendor_msft_policy_config_microsoft_edgev97~policy~microsoft_edge_edgeenhanceimagesenabled"
      choice = { value = {
        value              = "device_vendor_msft_policy_config_microsoft_edgev97~policy~microsoft_edge_edgeenhanceimagesenabled_0"
      } }
    } },
    { instance = {
      definition_id = "device_vendor_msft_policy_config_microsoft_edgev107~policy~microsoft_edge_websqlaccess"
      choice = { value = {
        value              = "device_vendor_msft_policy_config_microsoft_edgev107~policy~microsoft_edge_websqlaccess_0"
      } }
    } },
    { instance = {
      definition_id = "device_vendor_msft_policy_config_microsoft_edgev96~policy~microsoft_edge_internetexplorermodetoolbarbuttonenabled"
      choice = { value = {
        value              = "device_vendor_msft_policy_config_microsoft_edgev96~policy~microsoft_edge_internetexplorermodetoolbarbuttonenabled_0"
      } }
    } },
    { instance = {
      definition_id = "device_vendor_msft_policy_config_microsoft_edgev111~policy~microsoft_edge_sharedarraybufferunrestrictedaccessallowed"
      choice = { value = {
        value              = "device_vendor_msft_policy_config_microsoft_edgev111~policy~microsoft_edge_sharedarraybufferunrestrictedaccessallowed_0"
      } }
    } }
    
  ]

  depends_on = [azuread_group.mem_windows_devices]
  assignments = [
    for x in [
      "${data.azuread_group.mem_windows_devices.object_id}"
    ] :
    { target = { group = { group_id = x } } }
  ]

}