AzPolicyAdvertizer

last sync: 2025-Aug-20 17:22:59 UTC

Deploy Diagnostic Settings for Activity Log to storage account

Community Policy definition

Source Repository Community-Policy GitHub
JSON Community-Policy GitHub
Deploy policy 8ee2ba6e-218f-4040-845a-c7c540335cf5 (1.0.0) to Azure
Display name Deploy Diagnostic Settings for Activity Log to storage account
Id 8ee2ba6e-218f-4040-845a-c7c540335cf5
Version 1.0.0
Details on versioning
Category Monitoring
Microsoft Learn
Description Deploys the diagnostic settings for Activity Log to stream to a storage account when any Subscription which is missing this diagnostic settings is created or updated.
Mode All
Type Custom Community
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
Log Analytics Contributor 92aaf0da-9dab-42b6-94a3-d43ce8d16293
Rule aliases THEN-ExistenceCondition (3)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Insights/diagnosticSettings/logs[*] microsoft.insights diagnosticSettings properties.logs[*] True False
Microsoft.Insights/diagnosticSettings/logs[*].enabled microsoft.insights diagnosticSettings properties.logs[*].enabled True False
Microsoft.Insights/diagnosticSettings/storageAccountId microsoft.insights diagnosticSettings properties.storageAccountId True False
Rule resource types IF (1)
Microsoft.Resources/subscriptions
THEN-Deployment (1)
Microsoft.Insights/diagnosticSettings
JSON
EPAC
Deploy policy 8ee2ba6e-218f-4040-845a-c7c540335cf5 (1.0.0) to Azure