|
Policy Rule
|
{
"properties": {
"displayName": "Deploy Diagnostic Settings for Azure SQL Database to Event Hub",
"policyType": "BuiltIn",
"mode": "Indexed",
"description": "Deploys the diagnostic settings for Azure SQL Database to stream to a regional Event Hub on any Azure SQL Database which is missing this diagnostic settings is created or updated.",
"metadata": {
"version": "1.1.0",
"category": "SQL"
},
"parameters": {
"profileName": {
"type": "String",
"metadata": {
"displayName": "Profile name",
"description": "The diagnostic settings profile name"
},
"defaultValue": "setbypolicy"
},
"eventHubRuleId": {
"type": "String",
"metadata": {
"displayName": "Event Hub Authorization Rule Id",
"description": "The Event Hub authorization rule Id for Azure Diagnostics. The authorization rule needs to be at Event Hub namespace level. e.g. /subscriptions/{subscription Id}/resourceGroups/{resource group}/providers/Microsoft.EventHub/namespaces/{Event Hub namespace}/authorizationrules/{authorization rule}",
"strongType": "Microsoft.EventHub/Namespaces/AuthorizationRules",
"assignPermissions": true
}
},
"metricsEnabled": {
"type": "String",
"metadata": {
"displayName": "Enable metrics",
"description": "Whether to enable metrics stream to the Event Hub - True or False"
},
"allowedValues": [
"True",
"False"
],
"defaultValue": "False"
},
"logsEnabled": {
"type": "String",
"metadata": {
"displayName": "Enable logs",
"description": "Whether to enable logs stream to the Event Hub - True or False"
},
"allowedValues": [
"True",
"False"
],
"defaultValue": "True"
}
},
"policyRule": {
"if": {
"field": "type",
"equals": "Microsoft.Sql/servers/databases"
},
"then": {
"effect": "DeployIfNotExists",
"details": {
"type": "Microsoft.Insights/diagnosticSettings",
"name": "[parameters('profileName')]",
"existenceCondition": {
"allOf": [
{
"field": "Microsoft.Insights/diagnosticSettings/logs.enabled",
"equals": "[parameters('logsEnabled')]"
},
{
"field": "Microsoft.Insights/diagnosticSettings/metrics.enabled",
"equals": "[parameters('metricsEnabled')]"
}
]
},
"roleDefinitionIds": [
"/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c"
],
"deployment": {
"properties": {
"mode": "incremental",
"template": {
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"fullName": {
"type": "string"
},
"location": {
"type": "string"
},
"eventHubRuleId": {
"type": "string"
},
"metricsEnabled": {
"type": "string"
},
"logsEnabled": {
"type": "string"
},
"profileName": {
"type": "string"
}
},
"resources": [
{
"type": "Microsoft.Sql/servers/databases/providers/diagnosticSettings",
"apiVersion": "2017-05-01-preview",
"name": "[concat(parameters('fullName'), '/', 'Microsoft.Insights/', parameters('profileName'))]",
"location": "[parameters('location')]",
"dependsOn": [
],
"properties": {
"eventHubAuthorizationRuleId": "[parameters('eventHubRuleId')]",
"metrics": [
{
"category": "AllMetrics",
"enabled": "[parameters('metricsEnabled')]",
"retentionPolicy": {
"enabled": false,
"days": 0
}
}
],
"logs": [
{
"category": "QueryStoreRuntimeStatistics",
"enabled": "[parameters('logsEnabled')]"
},
{
"category": "QueryStoreWaitStatistics",
"enabled": "[parameters('logsEnabled')]"
},
{
"category": "Errors",
"enabled": "[parameters('logsEnabled')]"
},
{
"category": "DatabaseWaitStatistics",
"enabled": "[parameters('logsEnabled')]"
},
{
"category": "Blocks",
"enabled": "[parameters('logsEnabled')]"
},
{
"category": "SQLInsights",
"enabled": "[parameters('logsEnabled')]"
},
{
"category": "SQLSecurityAuditEvents",
"enabled": "[parameters('logsEnabled')]"
},
{
"category": "Timeouts",
"enabled": "[parameters('logsEnabled')]"
},
{
"category": "AutomaticTuning",
"enabled": "[parameters('logsEnabled')]"
},
{
"category": "Deadlocks",
"enabled": "[parameters('logsEnabled')]"
}
]
}
}
],
"outputs": {
"policy": {
"type": "string",
"value": "[concat('Enabled diagnostic settings for ', parameters('fullName'))]"
}
}
},
"parameters": {
"location": {
"value": "[field('location')]"
},
"fullName": {
"value": "[field('fullName')]"
},
"eventHubRuleId": {
"value": "[parameters('eventHubRuleId')]"
},
"metricsEnabled": {
"value": "[parameters('metricsEnabled')]"
},
"logsEnabled": {
"value": "[parameters('logsEnabled')]"
},
"profileName": {
"value": "[parameters('profileName')]"
}
}
}
}
}
}
}
},
"id": "/providers/Microsoft.Authorization/policyDefinitions/9a7c7a7d-49e5-4213-bea8-6a502b6272e0",
"type": "Microsoft.Authorization/policyDefinitions",
"name": "9a7c7a7d-49e5-4213-bea8-6a502b6272e0"
}
|