Generally available: Enforcement mode of machine configuration (previously guest configuration)

The [enforcement mode of machine configuration](https://docs.microsoft.com/en-us/azure/governance/policy/concepts/guest-configuration-policy-effects) (previously guest configuration) is now generally available. This represents the ApplyAndMonitor and ApplyAndAutocorrect auditing modes. The customer experience within Azure has not changed as a result of the renaming. Machine configuration continues to provide a native capability to audit or configure operating system settings as code, both for machines running in Azure and hybrid [Azure Arc-enabled servers,](https://docs.microsoft.com/en-us/azure/azure-arc/servers/overview) directly per-machine or at-scale orchestrated through Azure Automanage, Microsoft Defender for Cloud, or Azure Policy. You will now be able to: * **Apply and monitor** configurations: Set the required configuration on your machines and remediate on demand. * **Apply and autocorrect** configurations: Set the required configuration at scale and autoremediate in the event of a configuration drift. * Apply configurations to machines at **management group level.** * **Set TLS 1.2** to machines through our newly released **built-in policy.** * **Create, delete, and monitor** the compliance of your configurations through the Azure portal. Learn more about the renaming in the [blog](https://aka.ms/machineconfigrenameblog) and about machine configuration in the [documentation](https://docs.microsoft.com/en-us/azure/governance/policy/concepts/guest-configuration). * Azure Automanage * Management * [ Azure Automanage](https://azure.microsoft.com/en-gb/products/azure-automanage/)