AzPolicyAdvertizer

last sync: 2021-May-10 15:04:35 UTC

Azure Policy definition

Flow logs should be enabled for every network security group

Name Flow logs should be enabled for every network security group
Azure Portal

Id 27960feb-a23c-4577-8d36-ef8b5f35e0be

Version 1.0.0
details on versioning

Category Network
Microsoft docs

Description Audit for flow log resources to verify if flow log status is enabled. Enabling flow logs allows to log information about IP traffic flowing through network security group. It can be used for optimizing network flows, monitoring throughput, verifying compliance, detecting intrusions and more.

Mode Indexed

Type BuiltIn

Preview FALSE

Deprecated FALSE

Effect Default: Audit
Allowed: (Audit, Disabled)

Used RBAC Role none

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2021-03-09 14:37:41	add	27960feb-a23c-4577-8d36-ef8b5f35e0be

Used in Initiatives

Initiative DisplayName	Initiative Id	Initiative Category	State
Flow logs should be configured and enabled for every network security group	62329546-775b-4a3d-a4cb-eb4bb990d2c0	Network	GA

JSON

{
  "properties": {
    "displayName": "Flow logs should be enabled for every network security group",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "Audit for flow log resources to verify if flow log status is enabled. Enabling flow logs allows to log information about IP traffic flowing through network security group. It can be used for optimizing network flows, monitoring throughput, verifying compliance, detecting intrusions and more.",
    "metadata": {
      "version": "1.0.0",
      "category": "Network"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "Audit",
          "Disabled"
        ],
        "defaultValue": "Audit"
      }
    },
    "policyRule": {
      "if": {
        "allof": [
          {
            "field": "type",
            "equals": "Microsoft.Network/networkWatchers/flowLogs"
          },
          {
            "field": "Microsoft.Network/networkWatchers/flowLogs/enabled",
            "equals": false
          }
        ]
      },
      "then": {
      "effect": "[parameters('effect')]"
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/27960feb-a23c-4577-8d36-ef8b5f35e0be",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "27960feb-a23c-4577-8d36-ef8b5f35e0be"
}