last sync: 2023-Jun-09 17:46:13 UTC

Azure Policy definition

Deploy a flow log resource with target network security group

Name Deploy a flow log resource with target network security group
Azure Portal
Id 0db34a60-64f4-4bf6-bd44-f95c16cf34b9
Version 1.1.0
details on versioning
Category Network
Microsoft docs
Description Configures flow log for specific network security group. It will allow to log information about IP traffic flowing through an network security group. Flow log helps to identify unknown or undesired traffic, verify network isolation and compliance with enterprise access rules, analyze network flows from compromised IPs and network interfaces.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Fixed
deployIfNotExists
RBAC
Role(s)
Role Name Role Id
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c
Rule
Aliases
THEN-ExistenceCondition (2)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Network/networkWatchers/flowLogs/enabled Microsoft.Network networkWatchers/flowLogs properties.enabled false
Microsoft.Network/networkWatchers/flowLogs/storageId Microsoft.Network networkWatchers/flowLogs properties.storageId false
Rule
ResourceTypes
IF (1)
Microsoft.Network/networkSecurityGroups
THEN-Deployment (2)
Microsoft.Network/networkWatchers/flowLogs
Microsoft.Resources/deployments
Compliance Not a Compliance control
History
Date/Time (UTC ymd) (i) Change type Change detail
2023-01-27 18:40:07 change Minor (1.0.1 > 1.1.0)
2021-12-10 17:29:56 change Patch (1.0.0 > 1.0.1) *changes on text case sensitivity are not tracked
2020-08-27 15:39:26 add 0db34a60-64f4-4bf6-bd44-f95c16cf34b9
Initiatives
usage
none
JSON