| JSON |
{
"displayName": "Deploy Diagnostic Settings for Key Vault to Event Hub",
"policyType": "BuiltIn",
"mode": "Indexed",
"description": "Deploys the diagnostic settings for Key Vault to stream to a regional Event Hub when any Key Vault which is missing this diagnostic settings is created or updated.",
"metadata": {
"version": "2.0.0",
"category": "Key Vault"
},
"parameters": {
"profileName": {
"type": "String",
"metadata": {
"displayName": "Profile name",
"description": "The diagnostic settings profile name"
},
"defaultValue": "setbypolicy"
},
"eventHubRuleId": {
"type": "String",
"metadata": {
"displayName": "Event Hub Authorization Rule Id",
"description": "The Event Hub authorization rule Id for Azure Diagnostics. The authorization rule needs to be at Event Hub namespace level. e.g. /subscriptions/{subscription Id}/resourceGroups/{resource group}/providers/Microsoft.EventHub/namespaces/{Event Hub namespace}/authorizationrules/{authorization rule}",
"strongType": "Microsoft.EventHub/Namespaces/AuthorizationRules",
"assignPermissions": true
}
},
"eventHubLocation": {
"type": "String",
"metadata": {
"displayName": "Event Hub Location",
"description": "The location the Event Hub resides in. Only Key Vaults in this location will be linked to this Event Hub.",
"strongType": "location"
},
"defaultValue": ""
},
"metricsEnabled": {
"type": "String",
"metadata": {
"displayName": "Enable metrics",
"description": "Whether to enable metrics stream to the Event Hub - True or False"
},
"allowedValues": [
"True",
"False"
],
"defaultValue": "False"
},
"logsEnabled": {
"type": "String",
"metadata": {
"displayName": "Enable logs",
"description": "Whether to enable logs stream to the Event Hub - True or False"
},
"allowedValues": [
"True",
"False"
],
"defaultValue": "True"
}
},
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals": "Microsoft.KeyVault/vaults"
},
{
"anyOf": [
{
"value": "[parameters('eventHubLocation')]",
"equals": ""
},
{
"field": "location",
"equals": "[parameters('eventHubLocation')]"
}
]
}
]
},
"then": {
"effect": "deployIfNotExists",
"details": {
"type": "Microsoft.Insights/diagnosticSettings",
"name": "[parameters('profileName')]",
"existenceCondition": {
"allOf": [
{
"field": "Microsoft.Insights/diagnosticSettings/logs.enabled",
"equals": "[parameters('logsEnabled')]"
},
{
"field": "Microsoft.Insights/diagnosticSettings/metrics.enabled",
"equals": "[parameters('metricsEnabled')]"
}
]
},
"roleDefinitionIds": [
"/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c"
],
"deployment": {
"properties": {
"mode": "incremental",
"template": {
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vaultName": {
"type": "string"
},
"location": {
"type": "string"
},
"eventHubRuleId": {
"type": "string"
},
"metricsEnabled": {
"type": "string"
},
"logsEnabled": {
"type": "string"
},
"profileName": {
"type": "string"
}
},
"resources": [
{
"type": "Microsoft.KeyVault/vaults/providers/diagnosticSettings",
"apiVersion": "2017-05-01-preview",
"name": "[concat(parameters('vaultName'), '/', 'Microsoft.Insights/', parameters('profileName'))]",
"location": "[parameters('location')]",
"dependsOn": [],
"properties": {
"eventHubAuthorizationRuleId": "[parameters('eventHubRuleId')]",
"metrics": [
{
"category": "AllMetrics",
"enabled": "[parameters('metricsEnabled')]",
"retentionPolicy": {
"enabled": false,
"days": 0
}
}
],
"logs": [
{
"category": "AuditEvent",
"enabled": "[parameters('logsEnabled')]"
}
]
}
}
],
"outputs": {
"policy": {
"type": "string",
"value": "[concat('Enabled diagnostic settings for ', parameters('vaultName'))]"
}
}
},
"parameters": {
"location": {
"value": "[field('location')]"
},
"vaultName": {
"value": "[field('name')]"
},
"eventHubRuleId": {
"value": "[parameters('eventHubRuleId')]"
},
"metricsEnabled": {
"value": "[parameters('metricsEnabled')]"
},
"logsEnabled": {
"value": "[parameters('logsEnabled')]"
},
"profileName": {
"value": "[parameters('profileName')]"
}
}
}
}
}
}
}
}
|