I'm deploying DeployIfNotExist and Deny remediation scripts using this GitHub Repo. Its an awesome repo of some of the main scripts that are simple non-impactful remediation deployments but I need more. I need a repo that has a 1x1 comparison for any CIS benchmark or security center recommendation. I want to create a secure from the start approach once I have existing workloads remediated. A few examples are TLS version, HTTPS/PHP/Python version, disk encryption, managed disk, standard pricing ect ect. Some things should be default deny from the start. I'm in search for more automation and for more Deny or DeployIfNotExist polices as no one should deploy apps without SSL or deploy servers without encryption or management ports open to the internet. Is there a larger repo out there that contains a 1x1 json policy for every CIS benchmark or ASC score?