AzPolicyAdvertizer

last sync: 2025-Aug-20 17:22:59 UTC

Deploy Diagnostic Settings on Azure Kubernetes Service and send to EventHub

Community Policy definition

Source Repository Community-Policy GitHub
JSON Community-Policy GitHub
Deploy policy f18e54e4-f480-4559-9d20-a6f37e9a62ea (1.0.0) to Azure
Display name Deploy Diagnostic Settings on Azure Kubernetes Service and send to EventHub
Id f18e54e4-f480-4559-9d20-a6f37e9a62ea
Version 1.0.0
Details on versioning
Category Monitoring
Microsoft Learn
Description This Policy will deploy Diagnostic Settings on Azure Kubernetes Service with parameters to individually configure the log and metrics configurations
Mode All
Type Custom Community
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
Monitoring Contributor 749f88d5-cbae-40b8-bcfc-e573ddc772fa
Azure Event Hubs Data Owner f526a384-b230-433a-b45c-95f59c4a2dec
Azure Kubernetes Service RBAC Reader 7f6c6a51-bcf8-42ba-9220-52d62157d7db
Rule aliases THEN-ExistenceCondition (5)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Insights/diagnosticSettings/eventHubAuthorizationRuleId microsoft.insights diagnosticSettings properties.eventHubAuthorizationRuleId True False
Microsoft.Insights/diagnosticSettings/logs[*] microsoft.insights diagnosticSettings properties.logs[*] True False
Microsoft.Insights/diagnosticSettings/logs[*].category microsoft.insights diagnosticSettings properties.logs[*].category True False
Microsoft.Insights/diagnosticSettings/logs[*].enabled microsoft.insights diagnosticSettings properties.logs[*].enabled True False
Microsoft.Insights/diagnosticSettings/metrics.enabled microsoft.insights diagnosticSettings properties.metrics[*].enabled True False
Rule resource types IF (1)
Microsoft.ContainerService/managedClusters
JSON
EPAC
Deploy policy f18e54e4-f480-4559-9d20-a6f37e9a62ea (1.0.0) to Azure