Revise Entra report header with new exclusion info and documentation name (#1529)

schrolla · tkol2022 · web-flow · commit b05285def8a8 · 2025-02-05T12:11:31.000-05:00
* Remove outdated reference to README file from AAD header

* Add language explaining exclusions in the Entra HTML report header

* added entra policy 3.7 to the configuration file documentation since it was missing

* slight tweak to the first sentence explaining config file exclusions to align with the prose that is on the respective documentation page.

---------

Co-authored-by: Ted Kolovos &lt;107076927+tkol2022@users.noreply.github.com&gt;
diff --git a/PowerShell/ScubaGear/Modules/CreateReport/CreateReport.psm1 b/PowerShell/ScubaGear/Modules/CreateReport/CreateReport.psm1
@@ -225,9 +225,10 @@ function New-Report {
 
     # Finish building the html report
     $Title = "$($FullName) Baseline Report"
-    $AADWarning = "Exclusions must only be used if they are approved within an organization's security risk acceptance process.
-    Please reference <a href=`"$($ScubaGitHubUrl)/blob/v$($SettingsExport.module_version)/docs/configuration/configuration.md#entra-id-configuration`" target=`"_blank`">this section in the README file</a>
-    file for a list of the policies that accept exclusions and the instructions for setting up exclusions in the configuration file.
+    $AADWarning = "The ScubaGear configuration file provides the capability to exclude specific users or groups from some of the Entra ID policy checks.
+    Exclusions must only be used if they are approved within an organization's security risk acceptance process.
+    See <a href=`"$($ScubaGitHubUrl)/blob/v$($SettingsExport.module_version)/docs/configuration/configuration.md#entra-id-configuration`" target=`"_blank`">this section in the product documentation</a>
+    for a list of the policies that accept exclusions and the instructions for setting up exclusions in the configuration file.
     <i>Exclusions can introduce grave risks to your system and must be managed carefully.</i>"
     $NoWarning = "<br/>"
     Add-Type -AssemblyName System.Web
diff --git a/docs/configuration/configuration.md b/docs/configuration/configuration.md
@@ -149,6 +149,7 @@ CapExclusions are supported for the following policies:
 - MS.AAD.3.1v1
 - MS.AAD.3.2v1
 - MS.AAD.3.6v1
+- MS.AAD.3.7v1
 - MS.AAD.3.8v1
 
 #### Privileged User Policy Exclusions
