AzPolicyAdvertizer

last sync: 2025-May-06 19:40:34 UTC

Configure Azure Activity logs to stream to specified Event Hub

Community Policy definition

Source Repository Community-Policy GitHub
JSON Community-Policy GitHub
Deploy policy e128cd6e-238c-4c3b-b6ef-eb4726219890 (1.0.0) to Azure
Display name Configure Azure Activity logs to stream to specified Event Hub
Id e128cd6e-238c-4c3b-b6ef-eb4726219890
Version 1.0.0
Details on versioning
Category Monitoring
Microsoft Learn
Description Deploys the diagnostic settings for Azure Activity to stream subscriptions audit logs to an Event Hub to monitor subscription-level events. Amended built-in policy to add eventHubName-parameter to stream to a specific event hub.
Mode All
Type Custom Community
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
Azure Event Hubs Data Owner f526a384-b230-433a-b45c-95f59c4a2dec
Log Analytics Contributor 92aaf0da-9dab-42b6-94a3-d43ce8d16293
Rule aliases THEN-ExistenceCondition (3)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Insights/diagnosticSettings/eventHubAuthorizationRuleId microsoft.insights diagnosticSettings properties.eventHubAuthorizationRuleId True False
Microsoft.Insights/diagnosticSettings/eventHubName microsoft.insights diagnosticSettings properties.eventHubName True False
Microsoft.Insights/diagnosticSettings/logs.enabled microsoft.insights diagnosticSettings properties.logs[*].enabled True False
Rule resource types IF (1)
Microsoft.Resources/subscriptions
THEN-Deployment (1)
Microsoft.Insights/diagnosticSettings
JSON
EPAC
Deploy policy e128cd6e-238c-4c3b-b6ef-eb4726219890 (1.0.0) to Azure