AzPolicyAdvertizer

last sync: 2021-Sep-24 16:09:49 UTC

Azure Policy definition

Deploy Diagnostic Settings for Data Lake Storage Gen1 to Event Hub

Name Deploy Diagnostic Settings for Data Lake Storage Gen1 to Event Hub
Azure Portal

Id e8d096bc-85de-4c5f-8cfb-857bd1b9d62d

Version 2.0.0
details on versioning

Category Monitoring
Microsoft docs

Description Deploys the diagnostic settings for Data Lake Storage Gen1 to stream to a regional Event Hub when any Data Lake Storage Gen1 which is missing this diagnostic settings is created or updated.

Mode Indexed

Type BuiltIn

Preview FALSE

Deprecated FALSE

Effect Default: DeployIfNotExists
Allowed: (DeployIfNotExists, Disabled)

Used RBAC Role

Role Name	Role Id
Contributor	b24988ac-6180-42a0-ab88-20f7382dd24c

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2019-10-29 23:04:36	add	e8d096bc-85de-4c5f-8cfb-857bd1b9d62d

Used in Initiatives none

JSON

{
  "displayName": "Deploy Diagnostic Settings for Data Lake Storage Gen1 to Event Hub",
  "policyType": "BuiltIn",
  "mode": "Indexed",
  "description": "Deploys the diagnostic settings for Data Lake Storage Gen1 to stream to a regional Event Hub when any Data Lake Storage Gen1 which is missing this diagnostic settings is created or updated.",
  "metadata": {
    "version": "2.0.0",
    "category": "Monitoring"
  },
  "parameters": {
    "effect": {
      "type": "String",
      "metadata": {
        "displayName": "Effect",
        "description": "Enable or disable the execution of the policy"
      },
      "allowedValues": [
        "DeployIfNotExists",
        "Disabled"
      ],
      "defaultValue": "DeployIfNotExists"
    },
    "profileName": {
      "type": "String",
      "metadata": {
        "displayName": "Profile name",
        "description": "The diagnostic settings profile name"
      },
      "defaultValue": "setbypolicy_eventHub"
    },
    "eventHubRuleId": {
      "type": "String",
      "metadata": {
        "displayName": "Event Hub Authorization Rule Id",
        "description": "The Event Hub authorization rule Id for Azure Diagnostics. The authorization rule needs to be at Event Hub namespace level. e.g. /subscriptions/{subscription Id}/resourceGroups/{resource group}/providers/Microsoft.EventHub/namespaces/{Event Hub namespace}/authorizationrules/{authorization rule}",
        "strongType": "Microsoft.EventHub/Namespaces/AuthorizationRules",
        "assignPermissions": true
      }
    },
    "eventHubLocation": {
      "type": "String",
      "metadata": {
        "displayName": "Event Hub Location",
        "description": "The location the Event Hub resides in. Only Data Lake Storage in this location will be linked to this Event Hub.",
        "strongType": "location"
      },
      "defaultValue": ""
    },
    "metricsEnabled": {
      "type": "String",
      "metadata": {
        "displayName": "Enable metrics",
        "description": "Whether to enable metrics stream to the Event Hub - True or False"
      },
      "allowedValues": [
        "True",
        "False"
      ],
      "defaultValue": "False"
    },
    "logsEnabled": {
      "type": "String",
      "metadata": {
        "displayName": "Enable logs",
        "description": "Whether to enable logs stream to the Event Hub  - True or False"
      },
      "allowedValues": [
        "True",
        "False"
      ],
      "defaultValue": "True"
    }
  },
  "policyRule": {
    "if": {
      "allOf": [
        {
          "field": "type",
          "equals": "Microsoft.DataLakeStore/accounts"
        },
        {
          "anyOf": [
            {
              "value": "[parameters('eventHubLocation')]",
              "equals": ""
            },
            {
              "field": "location",
              "equals": "[parameters('eventHubLocation')]"
            }
          ]
        }
      ]
    },
    "then": {
      "effect": "[parameters('effect')]",
      "details": {
        "type": "Microsoft.Insights/diagnosticSettings",
        "name": "[parameters('profileName')]",
        "existenceCondition": {
          "allOf": [
            {
              "field": "Microsoft.Insights/diagnosticSettings/logs.enabled",
              "equals": "[parameters('logsEnabled')]"
            },
            {
              "field": "Microsoft.Insights/diagnosticSettings/metrics.enabled",
              "equals": "[parameters('metricsEnabled')]"
            }
          ]
        },
        "roleDefinitionIds": [
          "/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c"
        ],
        "deployment": {
          "properties": {
            "mode": "incremental",
            "template": {
              "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
              "contentVersion": "1.0.0.0",
              "parameters": {
                "resourceName": {
                  "type": "string"
                },
                "location": {
                  "type": "string"
                },
                "eventHubRuleId": {
                  "type": "string"
                },
                "metricsEnabled": {
                  "type": "string"
                },
                "logsEnabled": {
                  "type": "string"
                },
                "profileName": {
                  "type": "string"
                }
              },
              "variables": {},
              "resources": [
                {
                  "type": "Microsoft.DataLakeStore/accounts/providers/diagnosticSettings",
                  "apiVersion": "2017-05-01-preview",
                  "name": "[concat(parameters('resourceName'), '/', 'Microsoft.Insights/', parameters('profileName'))]",
                  "location": "[parameters('location')]",
                  "dependsOn": [],
                  "properties": {
                    "eventHubAuthorizationRuleId": "[parameters('eventHubRuleId')]",
                    "metrics": [
                      {
                        "category": "AllMetrics",
                        "enabled": "[parameters('metricsEnabled')]",
                        "retentionPolicy": {
                          "enabled": false,
                          "days": 0
                        }
                      }
                    ],
                    "logs": [
                      {
                        "category": "Audit",
                        "enabled": "[parameters('logsEnabled')]"
                      },
                      {
                        "category": "Requests",
                        "enabled": "[parameters('logsEnabled')]"
                      }
                    ]
                  }
                }
              ],
              "outputs": {}
            },
            "parameters": {
              "location": {
                "value": "[field('location')]"
              },
              "resourceName": {
                "value": "[field('name')]"
              },
              "eventHubRuleId": {
                "value": "[parameters('eventHubRuleId')]"
              },
              "metricsEnabled": {
                "value": "[parameters('metricsEnabled')]"
              },
              "logsEnabled": {
                "value": "[parameters('logsEnabled')]"
              },
              "profileName": {
                "value": "[parameters('profileName')]"
              }
            }
          }
        }
      }
    }
  }
}