AzPolicyAdvertizer

last sync: 2022-Jun-28 16:32:57 UTC

Azure Policy definition

Flow logs should be enabled for every network security group

Name

Flow logs should be enabled for every network security group
Azure Portal

27960feb-a23c-4577-8d36-ef8b5f35e0be

Version

1.0.0
details on versioning

Category

Network
Microsoft docs

Description

Audit for flow log resources to verify if flow log status is enabled. Enabling flow logs allows to log information about IP traffic flowing through network security group. It can be used for optimizing network flows, monitoring throughput, verifying compliance, detecting intrusions and more.

Mode

Indexed

Type

BuiltIn

Preview

FALSE

Deprecated

FALSE

Effect

Default: Audit
Allowed: (Audit, Disabled)

Used RBAC Role

none

Rule Aliases

IF (1)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.Network/networkWatchers/flowLogs/enabled	Microsoft.Network	networkWatchers/flowLogs	properties.enabled	false

Rule ResourceTypes

IF (1)
Microsoft.Network/networkWatchers/flowLogs

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2021-03-09 14:37:41	add	27960feb-a23c-4577-8d36-ef8b5f35e0be

Used in Initiatives

Initiative DisplayName	Initiative Id	Initiative Category	State	Type
[Preview]: Reserve Bank of India - IT Framework for NBFC	7f89f09c-48c1-f28d-1bd5-84f3fb22f86c	Regulatory Compliance	Preview	BuiltIn
[Preview]: RMIT Malaysia	97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6	Regulatory Compliance	Preview	BuiltIn
[Preview]: SWIFT CSP-CSCF v2022	7bc7cd6c-4114-ff31-3cac-59be3157596d	Regulatory Compliance	Preview	BuiltIn
Flow logs should be configured and enabled for every network security group	62329546-775b-4a3d-a4cb-eb4bb990d2c0	Network	GA	BuiltIn

JSON