AzPolicyAdvertizer

last sync: 2020-Nov-30 15:25:09 UTC

Azure Policy definition

Deploy Diagnostic Settings for Data Lake Storage Gen1 to Event Hub

Name Deploy Diagnostic Settings for Data Lake Storage Gen1 to Event Hub
Azure Portal
Id e8d096bc-85de-4c5f-8cfb-857bd1b9d62d
Version 2.0.0
details on versioning
Category Monitoring
Microsoft docs
Description Deploys the diagnostic settings for Data Lake Storage Gen1 to stream to a regional Event Hub when any Data Lake Storage Gen1 which is missing this diagnostic settings is created or updated.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: DeployIfNotExists
Allowed: (DeployIfNotExists, Disabled)
Used RBAC Role
Role Name Role Id
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c
History
Date/Time (UTC ymd) (i) Change type Change detail
2019-10-29 23:04:36 add e8d096bc-85de-4c5f-8cfb-857bd1b9d62d
Used in Initiatives none
Json 
{
  "properties": {
    "displayName": "Deploy Diagnostic Settings for Data Lake Storage Gen1 to Event Hub",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "Deploys the diagnostic settings for Data Lake Storage Gen1 to stream to a regional Event Hub when any Data Lake Storage Gen1 which is missing this diagnostic settings is created or updated.",
    "metadata": {
      "version": "2.0.0",
      "category": "Monitoring"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "DeployIfNotExists",
          "Disabled"
        ],
        "defaultValue": "DeployIfNotExists"
      },
      "profileName": {
        "type": "String",
        "metadata": {
          "displayName": "Profile name",
          "description": "The diagnostic settings profile name"
        },
        "defaultValue": "setbypolicy_eventHub"
      },
      "eventHubRuleId": {
        "type": "String",
        "metadata": {
          "displayName": "Event Hub Authorization Rule Id",
        "description": "The Event Hub authorization rule Id for Azure Diagnostics. The authorization rule needs to be at Event Hub namespace level. e.g. /subscriptions/{subscription Id}/resourceGroups/{resource group}/providers/Microsoft.EventHub/namespaces/{Event Hub namespace}/authorizationrules/{authorization rule}",
          "strongType": "Microsoft.EventHub/Namespaces/AuthorizationRules",
          "assignPermissions": true
        }
      },
      "eventHubLocation": {
        "type": "String",
        "metadata": {
          "displayName": "Event Hub Location",
          "description": "The location the Event Hub resides in. Only Data Lake Storage in this location will be linked to this Event Hub.",
          "strongType": "location"
        },
        "defaultValue": ""
      },
      "metricsEnabled": {
        "type": "String",
        "metadata": {
          "displayName": "Enable metrics",
          "description": "Whether to enable metrics stream to the Event Hub - True or False"
        },
        "allowedValues": [
          "True",
          "False"
        ],
        "defaultValue": "False"
      },
      "logsEnabled": {
        "type": "String",
        "metadata": {
          "displayName": "Enable logs",
          "description": "Whether to enable logs stream to the Event Hub  - True or False"
        },
        "allowedValues": [
          "True",
          "False"
        ],
        "defaultValue": "True"
      }
    },
    "policyRule": {
      "if": {
        "allOf": [
          {
            "field": "type",
            "equals": "Microsoft.DataLakeStore/accounts"
          },
          {
            "anyOf": [
              {
              "value": "[parameters('eventHubLocation')]",
                "equals": ""
              },
              {
                "field": "location",
              "equals": "[parameters('eventHubLocation')]"
              }
            ]
          }
        ]
      },
      "then": {
      "effect": "[parameters('effect')]",
        "details": {
          "type": "Microsoft.Insights/diagnosticSettings",
        "name": "[parameters('profileName')]",
          "existenceCondition": {
            "allOf": [
              {
                "field": "Microsoft.Insights/diagnosticSettings/logs.enabled",
              "equals": "[parameters('logsEnabled')]"
              },
              {
                "field": "Microsoft.Insights/diagnosticSettings/metrics.enabled",
              "equals": "[parameters('metricsEnabled')]"
              }
            ]
          },
          "roleDefinitionIds": [
            "/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c"
          ],
          "deployment": {
            "properties": {
              "mode": "incremental",
              "template": {
                "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
                "contentVersion": "1.0.0.0",
                "parameters": {
                  "resourceName": {
                    "type": "string"
                  },
                  "location": {
                    "type": "string"
                  },
                  "eventHubRuleId": {
                    "type": "string"
                  },
                  "metricsEnabled": {
                    "type": "string"
                  },
                  "logsEnabled": {
                    "type": "string"
                  },
                  "profileName": {
                    "type": "string"
                  }
                },
                "variables": {
                  
                },
                "resources": [
                  {
                    "type": "Microsoft.DataLakeStore/accounts/providers/diagnosticSettings",
                    "apiVersion": "2017-05-01-preview",
                  "name": "[concat(parameters('resourceName'), '/', 'Microsoft.Insights/', parameters('profileName'))]",
                  "location": "[parameters('location')]",
                    "dependsOn": [
                      
                    ],
                    "properties": {
                    "eventHubAuthorizationRuleId": "[parameters('eventHubRuleId')]",
                      "metrics": [
                        {
                          "category": "AllMetrics",
                        "enabled": "[parameters('metricsEnabled')]",
                          "retentionPolicy": {
                            "enabled": false,
                            "days": 0
                          }
                        }
                      ],
                      "logs": [
                        {
                          "category": "Audit",
                        "enabled": "[parameters('logsEnabled')]"
                        },
                        {
                          "category": "Requests",
                        "enabled": "[parameters('logsEnabled')]"
                        }
                      ]
                    }
                  }
                ],
                "outputs": {
                  
                }
              },
              "parameters": {
                "location": {
                "value": "[field('location')]"
                },
                "resourceName": {
                "value": "[field('name')]"
                },
                "eventHubRuleId": {
                "value": "[parameters('eventHubRuleId')]"
                },
                "metricsEnabled": {
                "value": "[parameters('metricsEnabled')]"
                },
                "logsEnabled": {
                "value": "[parameters('logsEnabled')]"
                },
                "profileName": {
                "value": "[parameters('profileName')]"
                }
              }
            }
          }
        }
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/e8d096bc-85de-4c5f-8cfb-857bd1b9d62d",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "e8d096bc-85de-4c5f-8cfb-857bd1b9d62d"
}