AzPolicyAdvertizer

last sync: 2023-Sep-29 17:58:48 UTC

Azure Policy definition

Deploy a flow log resource with target virtual network

Source Azure Portal
Display name Deploy a flow log resource with target virtual network
Id cd6f7aff-2845-4dab-99f2-6d1754a754b0
Version 1.0.0
details on versioning
Category Network
Microsoft docs
Description Configures flow log for specific virtual network. It will allow to log information about IP traffic flowing through an virtual network. Flow log helps to identify unknown or undesired traffic, verify network isolation and compliance with enterprise access rules, analyze network flows from compromised IPs and network interfaces.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c
Rule aliases THEN-ExistenceCondition (2)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Network/networkWatchers/flowLogs/enabled Microsoft.Network networkWatchers/flowLogs properties.enabled false
Microsoft.Network/networkWatchers/flowLogs/storageId Microsoft.Network networkWatchers/flowLogs properties.storageId false
Rule resource types IF (1)
Microsoft.Network/virtualNetworks
THEN-Deployment (2)
Microsoft.Network/networkWatchers/flowLogs
Microsoft.Resources/deployments
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2023-04-06 17:42:16 add cd6f7aff-2845-4dab-99f2-6d1754a754b0
JSON compare n/a
JSON
api-version=2021-06-01