AzPolicyAdvertizer

last sync: 2025-Jul-23 17:34:54 UTC

Configure virtual networks to enforce workspace, storage account and retention interval for Flow logs and Traffic Analytics

Azure BuiltIn Policy definition

Source Azure Portal
Display name Configure virtual networks to enforce workspace, storage account and retention interval for Flow logs and Traffic Analytics
Id 052c180e-287d-44c3-86ef-01aeae2d9774
Version 1.1.2
Details on versioning
Versioning Versions supported for Versioning: 3
1.1.2
1.1.1
1.0.0
Built-in Versioning [Preview]
Category Network
Microsoft Learn
Description If a virtual network already has traffic analytics enabled, then, this policy will overwrite its existing settings with the ones provided during policy creation. Traffic analytics is a cloud-based solution that provides visibility into user and application activity in cloud networks.
Cloud environments AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown
Available in AzUSGov Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c
Rule aliases THEN-Details (2)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Network/virtualNetworks/flowLogs Microsoft.Network virtualNetworks properties.flowLogs True False
Microsoft.Network/virtualNetworks/flowLogs[*].id Microsoft.Network virtualNetworks properties.flowLogs[*].id True False
THEN-ExistenceCondition (7)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Network/networkWatchers/flowLogs/enabled Microsoft.Network networkWatchers/flowLogs properties.enabled True False
Microsoft.Network/networkWatchers/flowLogs/flowAnalyticsConfiguration.networkWatcherFlowAnalyticsConfiguration.enabled Microsoft.Network networkWatchers/flowLogs properties.flowAnalyticsConfiguration.networkWatcherFlowAnalyticsConfiguration.enabled True False
Microsoft.Network/networkWatchers/flowLogs/flowAnalyticsConfiguration.networkWatcherFlowAnalyticsConfiguration.trafficAnalyticsInterval Microsoft.Network networkWatchers/flowLogs properties.flowAnalyticsConfiguration.networkWatcherFlowAnalyticsConfiguration.trafficAnalyticsInterval True False
Microsoft.Network/networkWatchers/flowLogs/flowAnalyticsConfiguration.networkWatcherFlowAnalyticsConfiguration.workspaceResourceId Microsoft.Network networkWatchers/flowLogs properties.flowAnalyticsConfiguration.networkWatcherFlowAnalyticsConfiguration.workspaceResourceId True False
Microsoft.Network/networkWatchers/flowLogs/retentionPolicy.days Microsoft.Network networkWatchers/flowLogs properties.retentionPolicy.days True True
Microsoft.Network/networkWatchers/flowLogs/retentionPolicy.enabled Microsoft.Network networkWatchers/flowLogs properties.retentionPolicy.enabled True False
Microsoft.Network/networkWatchers/flowLogs/storageId Microsoft.Network networkWatchers/flowLogs properties.storageId True False
Rule resource types IF (1)
THEN-Deployment (2)
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2024-03-29 18:59:24 change Patch (1.1.1 > 1.1.2)
2024-02-13 19:27:15 change Patch (1.1.0 > 1.1.1)
2024-01-12 18:35:06 change Minor (1.0.0 > 1.1.0)
2023-04-06 17:42:16 add 052c180e-287d-44c3-86ef-01aeae2d9774
JSON compare
compare mode: version left: version right:
1.1.1 → 1.1.2 RENAMED
@@ -3,9 +3,9 @@
3
  "policyType": "BuiltIn",
4
  "mode": "Indexed",
5
  "description": "If a virtual network already has traffic analytics enabled, then, this policy will overwrite its existing settings with the ones provided during policy creation. Traffic analytics is a cloud-based solution that provides visibility into user and application activity in cloud networks.",
6
  "metadata": {
7
- "version": "1.1.1",
8
  "category": "Network"
9
  },
10
  "parameters": {
11
  "effect": {
@@ -31,9 +31,9 @@
31
  "storageId": {
32
  "type": "String",
33
  "metadata": {
34
  "displayName": "Storage Account",
35
- "description": "A string with the storage id for the flowlogs to be sent to. It will be used for deployment purposes only. Make sure this storage account is located in the same region as the Vnet. The format must be: '/subscriptions/{subscription id}/resourceGroups/{resourceGroup name}/providers/Microsoft.Storage/storageAccounts/{storage account name}",
36
  "assignPermissions": true,
37
  "strongType": "Microsoft.Storage/storageAccounts"
38
  }
39
  },
 
3
  "policyType": "BuiltIn",
4
  "mode": "Indexed",
5
  "description": "If a virtual network already has traffic analytics enabled, then, this policy will overwrite its existing settings with the ones provided during policy creation. Traffic analytics is a cloud-based solution that provides visibility into user and application activity in cloud networks.",
6
  "metadata": {
7
+ "version": "1.1.2",
8
  "category": "Network"
9
  },
10
  "parameters": {
11
  "effect": {
 
31
  "storageId": {
32
  "type": "String",
33
  "metadata": {
34
  "displayName": "Storage Account",
35
+ "description": "The resource id of storage account where flowlogs will be sent to. It will be used for deployment purposes only. Make sure this storage account is located in the same region as the Vnet.",
36
  "assignPermissions": true,
37
  "strongType": "Microsoft.Storage/storageAccounts"
38
  }
39
  },
JSON
api-version=2021-06-01
EPAC 
{7 items
  • displayName: "Configure virtual networks to enforce workspace, storage account and retention interval for Flow logs and Traffic Analytics",
  • policyType: "BuiltIn",
  • mode: "Indexed",
  • description: "If a virtual network already has traffic analytics enabled, then, this policy will overwrite its existing settings with the ones provided during policy creation. Traffic analytics is a cloud-based solution that provides visibility into user and application activity in cloud networks.",
  • metadata: {2 items
    • version: "1.1.2",
    • category: "Network"
    },
  • parameters: {10 items
    • effect: {4 items
      • type: "String",
      • metadata: {2 items
        • displayName: "Effect",
        • description: "Enable or disable the execution of the policy"
        },
      • allowedValues: [2 items
        • "DeployIfNotExists",
        • "Disabled"
        ],
      • defaultValue: "DeployIfNotExists"
      },
    • vnetRegion: {2 items
      • type: "String",
      • metadata: {3 items
        • displayName: "Virtual Networks Region",
        • description: "Configures for virtual networks in the selected region only.",
        • strongType: "location"
        }
      },
    • storageId: {2 items
      • type: "String",
      • metadata: {4 items
        • displayName: "Storage Account",
        • description: "The resource id of storage account where flowlogs will be sent to. It will be used for deployment purposes only. Make sure this storage account is located in the same region as the Vnet.",
        • assignPermissions: true,
        • strongType: "Microsoft.Storage/storageAccounts"
        }
      },
    • timeInterval: {4 items
      • type: "String",
      • metadata: {2 items
        • displayName: "Traffic analytics processing interval in minutes",
        • description: "Traffic analytics processes blobs at the selected frequency."
        },
      • allowedValues: [2 items
        • "10",
        • "60"
        ],
      • defaultValue: "60"
      },
    • workspaceResourceId: {2 items
      • type: "String",
      • metadata: {4 items
        • displayName: "Workspace Resource ID",
        • description: "Log Analytics workspace resource id",
        • assignPermissions: true,
        • strongType: "Microsoft.OperationalInsights/workspaces"
        }
      },
    • workspaceRegion: {2 items
      • type: "String",
      • metadata: {3 items
        • displayName: "Workspace Region",
        • description: "Log Analytics workspace region",
        • strongType: "location"
        }
      },
    • workspaceId: {3 items
      • type: "String",
      • metadata: {3 items
        • displayName: "[Deprecated]: Log Analytics Workspace",
        • description: "Log Analytics workspace GUID - deprecated",
        • deprecated: true
        },
      • defaultValue: "00000000-0000-0000-0000-000000000000"
      },
    • networkWatcherRG: {3 items
      • type: "String",
      • metadata: {3 items
        • displayName: "Network Watchers RG",
        • description: "The name of the resource group where the flowLog resources will be created. This will be used only if a deployment is required. This is the resource group where the Network Watchers are located.",
        • strongType: "existingResourceGroups"
        },
      • defaultValue: "NetworkWatcherRG"
      },
    • networkWatcherName: {2 items
      • type: "String",
      • metadata: {3 items
        • displayName: "Network Watcher",
        • description: "The resource id of the network watcher under which the flowLog resources will be created. Make sure it belongs to the same region as the Vnet.",
        • strongType: "Microsoft.Network/networkWatchers"
        }
      },
    • retentionDays: {3 items
      • type: "String",
      • metadata: {2 items
        • displayName: "Number of days to retain flowlogs",
        • description: "The number of days for which flowlog data will be retained in storage account. If you want to retain data forever and do not want to apply any retention policy, set retention (days) to 0."
        },
      • defaultValue: "30"
      }
    },
  • policyRule: {2 items}
}