TLS enforcement in Enforce-TLS-SSL-H224

[MikaelJcSoderberg]

4 of the built in policies included in "Enforce-TLS-SSL-H224" policy set was updated on the 25:th of October from TLS1.2->TLS1.3
Up until now I've had these as DeployIfNotExists(TLS1.2) but are now forced to have them disabled.
I can't even use Audit since that is not a included in the allowed values

These sudden changes, I'll assume we will be able to block with the introduction of assignment of specific versions(Built-in only) when that gets availible in Enterprise-Scale(next Policy refresh?)

Looking at Windows only, as I understand it, TLS1.3 is only supported by default on Windows11 and Windows Server 2022, so just enabling TLS1.3 might be a really bad idea, Even worse in this case, where the changes was done outside of my control(Built-In policies)

Configure App Service apps to use the latest TLS version
https://www.azadvertizer.net/azpolicyadvertizer/ae44c1d1-0df2-4ca9-98fa-a3d3ae5b409d.html

Configure Function app slots to use the latest TLS version
https://www.azadvertizer.net/azpolicyadvertizer/fa3a6357-c6d6-4120-8429-855577ec0063.html

Configure Function apps to use the latest TLS version
https://www.azadvertizer.net/azpolicyadvertizer/1f01f1c7-539c-49b5-9ef4-d4ffa37d22e0.html

Configure App Service app slots to use the latest TLS version
https://www.azadvertizer.net/azpolicyadvertizer/014664e7-e348-41a3-aeb9-566e4ff6a9df.html

I can't even use the AuditIfExists to audit my resources if they are 1.2(or 1.3) since they also updated these to TLS1.3

App Service apps should use the latest TLS version
https://www.azadvertizer.net/azpolicyadvertizer/f0e6e85b-9b9f-4a4b-b67b-f730d42f1b0b.html

Function apps should use the latest TLS version
https://www.azadvertizer.net/azpolicyadvertizer/f9d614c5-c173-4d56-95a7-b4437057d193.html

I'm not sure myself why im posting, it not like anything in this thread will affect the built in policies, guess I just want to highlight the change if you havn't seen this already.

I will have to look into the Assigning with versioning myself.

Anyone with thouhts about TLS1.3 or anything related to the versioning of these policies