Used in 2 Policy Set(s):
• Enable allLogs category group resource logging for supported resources to Event Hub (85175a36-2f12-419a-96b4-18d5b0096531) [Monitoring] BuiltIn
• Enable audit category group resource logging for supported resources to Event Hub (1020d527-2764-4230-92cc-7035e4fcf8a7) [Monitoring] BuiltIn
thenExistenceCondition (5)
• 'Microsoft.Insights/diagnosticSettings/eventHubAuthorizationRuleId' (ref)
• 'Microsoft.Insights/diagnosticSettings/eventHubName' (ref)
• 'Microsoft.Insights/diagnosticSettings/logs[*]' (ref)
• 'Microsoft.Insights/diagnosticSettings/logs[*].enabled' (ref)
• 'microsoft.insights/diagnosticSettings/logs[*].categoryGroup' (ref)
{
"displayName": "Enable logging by category group for Azure FarmBeats (microsoft.agfoodplatform/farmbeats) to Event Hub",
"policyType": "BuiltIn",
"mode": "Indexed",
"description": "Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This policy deploys a diagnostic setting using a category group to route logs to an Event Hub for Azure FarmBeats (microsoft.agfoodplatform/farmbeats).",
"metadata": {
"category": "Monitoring",
"version": "1.2.0"
},
"parameters": {
"effect": {
"type": "String",
"metadata": {
"displayName": "Effect",
"description": "Enable or disable the execution of the policy"
},
"allowedValues": [
"DeployIfNotExists",
"AuditIfNotExists",
"Disabled"
],
"defaultValue": "DeployIfNotExists"
},
"diagnosticSettingName": {
"type": "String",
"metadata": {
"displayName": "Diagnostic Setting Name",
"description": "Diagnostic Setting Name"
},
"defaultValue": "setByPolicy-EventHub"
},
"categoryGroup": {
"type": "String",
"metadata": {
"displayName": "Category Group",
"description": "Diagnostic category group - none, audit, or allLogs."
},
"allowedValues": [
"audit",
"allLogs"
],
"defaultValue": "audit"
},
"resourceLocation": {
"type": "String",
"metadata": {
"displayName": "Resource Location",
"description": "Resource Location must be in the same location as the Event Hub Namespace.",
"strongType": "location"
}
},
"eventHubAuthorizationRuleId": {
"type": "String",
"metadata": {
"displayName": "Event Hub Authorization Rule Id",
"description": "Event Hub Authorization Rule Id - the authorization rule needs to be at Event Hub namespace level. e.g. /subscriptions/{subscription Id}/resourceGroups/{resource group}/providers/Microsoft.EventHub/namespaces/{Event Hub namespace}/authorizationrules/{authorization rule}",
"strongType": "Microsoft.EventHub/Namespaces/AuthorizationRules",
"assignPermissions": true
}
},
"eventHubName": {
"type": "String",
"metadata": {
"displayName": "Event Hub Name",
"description": "Event Hub Name."
},
"defaultValue": "Monitoring"
}
},
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals": "microsoft.agfoodplatform/farmbeats"
},
{
"field": "location",
"equals": "[parameters('resourceLocation')]"
}
]
},
"then": {
"effect": "[parameters('effect')]",
"details": {
"type": "Microsoft.Insights/diagnosticSettings",
"evaluationDelay": "AfterProvisioning",
"existenceCondition": {
"allOf": [
{
"count": {
"field": "Microsoft.Insights/diagnosticSettings/logs[*]",
"where": {
"allOf": [
{
"field": "Microsoft.Insights/diagnosticSettings/logs[*].enabled",
"equals": "[equals(parameters('categoryGroup'), 'audit')]"
},
{
"field": "microsoft.insights/diagnosticSettings/logs[*].categoryGroup",
"equals": "audit"
}
]
}
},
"equals": 1
},
{
"count": {
"field": "Microsoft.Insights/diagnosticSettings/logs[*]",
"where": {
"allOf": [
{
"field": "Microsoft.Insights/diagnosticSettings/logs[*].enabled",
"equals": "[equals(parameters('categoryGroup'), 'allLogs')]"
},
{
"field": "microsoft.insights/diagnosticSettings/logs[*].categoryGroup",
"equals": "allLogs"
}
]
}
},
"equals": 1
},
{
"field": "Microsoft.Insights/diagnosticSettings/eventHubAuthorizationRuleId",
"equals": "[parameters('eventHubAuthorizationRuleId')]"
},
{
"field": "Microsoft.Insights/diagnosticSettings/eventHubName",
"equals": "[parameters('eventHubName')]"
}
]
},
"roleDefinitionIds": [
"/providers/Microsoft.Authorization/roleDefinitions/92aaf0da-9dab-42b6-94a3-d43ce8d16293",
"/providers/Microsoft.Authorization/roleDefinitions/f526a384-b230-433a-b45c-95f59c4a2dec"
],
"deployment": {
"properties": {
"mode": "incremental",
"template": {
"$schema": "http://schema.management.azure.com/schemas/2019-08-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"diagnosticSettingName": {
"type": "string"
},
"categoryGroup": {
"type": "String"
},
"eventHubName": {
"type": "string"
},
"eventHubAuthorizationRuleId": {
"type": "string"
},
"resourceLocation": {
"type": "string"
},
"resourceName": {
"type": "string"
}
},
"variables": {},
"resources": [
{
"type": "microsoft.agfoodplatform/farmbeats/providers/diagnosticSettings",
"apiVersion": "2021-05-01-preview",
"name": "[concat(parameters('resourceName'), '/', 'Microsoft.Insights/', parameters('diagnosticSettingName'))]",
"location": "[parameters('resourceLocation')]",
"properties": {
"eventHubName": "[parameters('eventHubName')]",
"eventHubAuthorizationRuleId": "[parameters('eventHubAuthorizationRuleId')]",
"logs": [
{
"categoryGroup": "audit",
"enabled": "[equals(parameters('categoryGroup'), 'audit')]"
},
{
"categoryGroup": "allLogs",
"enabled": "[equals(parameters('categoryGroup'), 'allLogs')]"
}
],
"metrics": []
}
}
],
"outputs": {
"policy": {
"type": "string",
"value": "[concat('Diagnostic setting ', parameters('diagnosticSettingName'), ' for type Azure FarmBeats (microsoft.agfoodplatform/farmbeats), resourceName ', parameters('resourceName'), ' to EventHub ', parameters('eventHubAuthorizationRuleId'), ':', parameters('eventHubName'), ' configured')]"
}
}
},
"parameters": {
"diagnosticSettingName": {
"value": "[parameters('diagnosticSettingName')]"
},
"categoryGroup": {
"value": "[parameters('categoryGroup')]"
},
"eventHubName": {
"value": "[parameters('eventHubName')]"
},
"eventHubAuthorizationRuleId": {
"value": "[parameters('eventHubAuthorizationRuleId')]"
},
"resourceLocation": {
"value": "[field('location')]"
},
"resourceName": {
"value": "[field('name')]"
}
}
}
}
}
}
}
}{"displayName":"Enable logging by category group for Azure FarmBeats (microsoft.agfoodplatform/farmbeats) to Event Hub","policyType":"BuiltIn","mode":"Indexed","description":"Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This policy deploys a diagnostic setting using a category group to route logs to an Event Hub for Azure FarmBeats (microsoft.agfoodplatform/farmbeats).","metadata":{"category":"Monitoring","version":"1.2.0"},"parameters":{"effect":{"type":"String","metadata":{"displayName":"Effect","description":"Enable or disable the execution of the policy"},"allowedValues":["DeployIfNotExists","AuditIfNotExists","Disabled"],"defaultValue":"DeployIfNotExists"},"diagnosticSettingName":{"type":"String","metadata":{"displayName":"Diagnostic Setting Name","description":"Diagnostic Setting Name"},"defaultValue":"setByPolicy-EventHub"},"categoryGroup":{"type":"String","metadata":{"displayName":"Category Group","description":"Diagnostic category group - none,audit,or allLogs."},"allowedValues":["audit","allLogs"],"defaultValue":"audit"},"resourceLocation":{"type":"String","metadata":{"displayName":"Resource Location","description":"Resource Location must be in the same location as the Event Hub Namespace.","strongType":"location"}},"eventHubAuthorizationRuleId":{"type":"String","metadata":{"displayName":"Event Hub Authorization Rule Id","description":"Event Hub Authorization Rule Id - the authorization rule needs to be at Event Hub namespace level. e.g. /subscriptions/{subscription Id}/resourceGroups/{resource group}/providers/Microsoft.EventHub/namespaces/{Event Hub namespace}/authorizationrules/{authorization rule}","strongType":"Microsoft.EventHub/Namespaces/AuthorizationRules","assignPermissions":true}},"eventHubName":{"type":"String","metadata":{"displayName":"Event Hub Name","description":"Event Hub Name."},"defaultValue":"Monitoring"}},"policyRule":{"if":{"allOf":[{"field":"type","equals":"microsoft.agfoodplatform/farmbeats"},{"field":"location","equals":"[parameters('resourceLocation')]"}]},"then":{"effect":"[parameters('effect')]","details":{"type":"Microsoft.Insights/diagnosticSettings","evaluationDelay":"AfterProvisioning","existenceCondition":{"allOf":[{"count":{"field":"Microsoft.Insights/diagnosticSettings/logs[*]","where":{"allOf":[{"field":"Microsoft.Insights/diagnosticSettings/logs[*].enabled","equals":"[equals(parameters('categoryGroup'),'audit')]"},{"field":"microsoft.insights/diagnosticSettings/logs[*].categoryGroup","equals":"audit"}]}},"equals":1},{"count":{"field":"Microsoft.Insights/diagnosticSettings/logs[*]","where":{"allOf":[{"field":"Microsoft.Insights/diagnosticSettings/logs[*].enabled","equals":"[equals(parameters('categoryGroup'),'allLogs')]"},{"field":"microsoft.insights/diagnosticSettings/logs[*].categoryGroup","equals":"allLogs"}]}},"equals":1},{"field":"Microsoft.Insights/diagnosticSettings/eventHubAuthorizationRuleId","equals":"[parameters('eventHubAuthorizationRuleId')]"},{"field":"Microsoft.Insights/diagnosticSettings/eventHubName","equals":"[parameters('eventHubName')]"}]},"roleDefinitionIds":["/providers/Microsoft.Authorization/roleDefinitions/92aaf0da-9dab-42b6-94a3-d43ce8d16293","/providers/Microsoft.Authorization/roleDefinitions/f526a384-b230-433a-b45c-95f59c4a2dec"],"deployment":{"properties":{"mode":"incremental","template":{"$schema":"http://schema.management.azure.com/schemas/2019-08-01/deploymentTemplate.json#","contentVersion":"1.0.0.0","parameters":{"diagnosticSettingName":{"type":"string"},"categoryGroup":{"type":"String"},"eventHubName":{"type":"string"},"eventHubAuthorizationRuleId":{"type":"string"},"resourceLocation":{"type":"string"},"resourceName":{"type":"string"}},"variables":{},"resources":[{"type":"microsoft.agfoodplatform/farmbeats/providers/diagnosticSettings","apiVersion":"2021-05-01-preview","name":"[concat(parameters('resourceName'),'/','Microsoft.Insights/',parameters('diagnosticSettingName'))]","location":"[parameters('resourceLocation')]","properties":{"eventHubName":"[parameters('eventHubName')]","eventHubAuthorizationRuleId":"[parameters('eventHubAuthorizationRuleId')]","logs":[{"categoryGroup":"audit","enabled":"[equals(parameters('categoryGroup'),'audit')]"},{"categoryGroup":"allLogs","enabled":"[equals(parameters('categoryGroup'),'allLogs')]"}],"metrics":[]}}],"outputs":{"policy":{"type":"string","value":"[concat('Diagnostic setting ',parameters('diagnosticSettingName'),' for type Azure FarmBeats (microsoft.agfoodplatform/farmbeats),resourceName ',parameters('resourceName'),' to EventHub ',parameters('eventHubAuthorizationRuleId'),':',parameters('eventHubName'),' configured')]"}}},"parameters":{"diagnosticSettingName":{"value":"[parameters('diagnosticSettingName')]"},"categoryGroup":{"value":"[parameters('categoryGroup')]"},"eventHubName":{"value":"[parameters('eventHubName')]"},"eventHubAuthorizationRuleId":{"value":"[parameters('eventHubAuthorizationRuleId')]"},"resourceLocation":{"value":"[field('location')]"},"resourceName":{"value":"[field('name')]"}}}}}}}}Used in 2 Policy Set(s):
• Enable allLogs category group resource logging for supported resources to Log Analytics (0884adba-2312-4468-abeb-5422caed1038) [Monitoring] BuiltIn
• Enable audit category group resource logging for supported resources to Log Analytics (f5b29bc4-feca-4cc6-a58a-772dd5e290a5) [Monitoring] BuiltIn
{
"displayName": "Enable logging by category group for Azure FarmBeats (microsoft.agfoodplatform/farmbeats) to Log Analytics",
"policyType": "BuiltIn",
"mode": "Indexed",
"description": "Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This policy deploys a diagnostic setting using a category group to route logs to a Log Analytics workspace for Azure FarmBeats (microsoft.agfoodplatform/farmbeats).",
"metadata": {
"category": "Monitoring",
"version": "1.1.0"
},
"parameters": {
"effect": {
"type": "String",
"metadata": {
"displayName": "Effect",
"description": "Enable or disable the execution of the policy"
},
"allowedValues": [
"DeployIfNotExists",
"AuditIfNotExists",
"Disabled"
],
"defaultValue": "DeployIfNotExists"
},
"diagnosticSettingName": {
"type": "String",
"metadata": {
"displayName": "Diagnostic Setting Name",
"description": "Diagnostic Setting Name"
},
"defaultValue": "setByPolicy-LogAnalytics"
},
"categoryGroup": {
"type": "String",
"metadata": {
"displayName": "Category Group",
"description": "Diagnostic category group - none, audit, or allLogs."
},
"allowedValues": [
"audit",
"allLogs"
],
"defaultValue": "audit"
},
"resourceLocationList": {
"type": "Array",
"metadata": {
"displayName": "Resource Location List",
"description": "Resource Location List to send logs to nearby Log Analytics. A single entry \"*\" selects all locations (default)."
},
"defaultValue": [
"*"
]
},
"logAnalytics": {
"type": "String",
"metadata": {
"displayName": "Log Analytics Workspace",
"description": "Log Analytics Workspace",
"strongType": "omsWorkspace",
"assignPermissions": true
}
}
},
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals": "microsoft.agfoodplatform/farmbeats"
},
{
"anyOf": [
{
"value": "[first(parameters('resourceLocationList'))]",
"equals": "*"
},
{
"field": "location",
"in": "[parameters('resourceLocationList')]"
}
]
}
]
},
"then": {
"effect": "[parameters('effect')]",
"details": {
"type": "Microsoft.Insights/diagnosticSettings",
"evaluationDelay": "AfterProvisioning",
"existenceCondition": {
"allOf": [
{
"count": {
"field": "Microsoft.Insights/diagnosticSettings/logs[*]",
"where": {
"allOf": [
{
"field": "Microsoft.Insights/diagnosticSettings/logs[*].enabled",
"equals": "[equals(parameters('categoryGroup'), 'audit')]"
},
{
"field": "microsoft.insights/diagnosticSettings/logs[*].categoryGroup",
"equals": "audit"
}
]
}
},
"equals": 1
},
{
"count": {
"field": "Microsoft.Insights/diagnosticSettings/logs[*]",
"where": {
"allOf": [
{
"field": "Microsoft.Insights/diagnosticSettings/logs[*].enabled",
"equals": "[equals(parameters('categoryGroup'), 'allLogs')]"
},
{
"field": "microsoft.insights/diagnosticSettings/logs[*].categoryGroup",
"equals": "allLogs"
}
]
}
},
"equals": 1
},
{
"field": "Microsoft.Insights/diagnosticSettings/workspaceId",
"equals": "[parameters('logAnalytics')]"
}
]
},
"roleDefinitionIds": [
"/providers/Microsoft.Authorization/roleDefinitions/92aaf0da-9dab-42b6-94a3-d43ce8d16293"
],
"deployment": {
"properties": {
"mode": "incremental",
"template": {
"$schema": "http://schema.management.azure.com/schemas/2019-08-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"diagnosticSettingName": {
"type": "string"
},
"logAnalytics": {
"type": "string"
},
"categoryGroup": {
"type": "String"
},
"resourceName": {
"type": "string"
}
},
"variables": {},
"resources": [
{
"type": "microsoft.agfoodplatform/farmbeats/providers/diagnosticSettings",
"apiVersion": "2021-05-01-preview",
"name": "[concat(parameters('resourceName'), '/', 'Microsoft.Insights/', parameters('diagnosticSettingName'))]",
"properties": {
"workspaceId": "[parameters('logAnalytics')]",
"logs": [
{
"categoryGroup": "audit",
"enabled": "[equals(parameters('categoryGroup'), 'audit')]"
},
{
"categoryGroup": "allLogs",
"enabled": "[equals(parameters('categoryGroup'), 'allLogs')]"
}
],
"metrics": []
}
}
],
"outputs": {
"policy": {
"type": "string",
"value": "[concat('Diagnostic setting ', parameters('diagnosticSettingName'), ' for type Azure FarmBeats (microsoft.agfoodplatform/farmbeats), resourceName ', parameters('resourceName'), ' to Log Analytics ', parameters('logAnalytics'), ' configured')]"
}
}
},
"parameters": {
"diagnosticSettingName": {
"value": "[parameters('diagnosticSettingName')]"
},
"logAnalytics": {
"value": "[parameters('logAnalytics')]"
},
"categoryGroup": {
"value": "[parameters('categoryGroup')]"
},
"resourceName": {
"value": "[field('name')]"
}
}
}
}
}
}
}
}{"displayName":"Enable logging by category group for Azure FarmBeats (microsoft.agfoodplatform/farmbeats) to Log Analytics","policyType":"BuiltIn","mode":"Indexed","description":"Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This policy deploys a diagnostic setting using a category group to route logs to a Log Analytics workspace for Azure FarmBeats (microsoft.agfoodplatform/farmbeats).","metadata":{"category":"Monitoring","version":"1.1.0"},"parameters":{"effect":{"type":"String","metadata":{"displayName":"Effect","description":"Enable or disable the execution of the policy"},"allowedValues":["DeployIfNotExists","AuditIfNotExists","Disabled"],"defaultValue":"DeployIfNotExists"},"diagnosticSettingName":{"type":"String","metadata":{"displayName":"Diagnostic Setting Name","description":"Diagnostic Setting Name"},"defaultValue":"setByPolicy-LogAnalytics"},"categoryGroup":{"type":"String","metadata":{"displayName":"Category Group","description":"Diagnostic category group - none,audit,or allLogs."},"allowedValues":["audit","allLogs"],"defaultValue":"audit"},"resourceLocationList":{"type":"Array","metadata":{"displayName":"Resource Location List","description":"Resource Location List to send logs to nearby Log Analytics. A single entry \"*\" selects all locations (default)."},"defaultValue":["*"]},"logAnalytics":{"type":"String","metadata":{"displayName":"Log Analytics Workspace","description":"Log Analytics Workspace","strongType":"omsWorkspace","assignPermissions":true}}},"policyRule":{"if":{"allOf":[{"field":"type","equals":"microsoft.agfoodplatform/farmbeats"},{"anyOf":[{"value":"[first(parameters('resourceLocationList'))]","equals":"*"},{"field":"location","in":"[parameters('resourceLocationList')]"}]}]},"then":{"effect":"[parameters('effect')]","details":{"type":"Microsoft.Insights/diagnosticSettings","evaluationDelay":"AfterProvisioning","existenceCondition":{"allOf":[{"count":{"field":"Microsoft.Insights/diagnosticSettings/logs[*]","where":{"allOf":[{"field":"Microsoft.Insights/diagnosticSettings/logs[*].enabled","equals":"[equals(parameters('categoryGroup'),'audit')]"},{"field":"microsoft.insights/diagnosticSettings/logs[*].categoryGroup","equals":"audit"}]}},"equals":1},{"count":{"field":"Microsoft.Insights/diagnosticSettings/logs[*]","where":{"allOf":[{"field":"Microsoft.Insights/diagnosticSettings/logs[*].enabled","equals":"[equals(parameters('categoryGroup'),'allLogs')]"},{"field":"microsoft.insights/diagnosticSettings/logs[*].categoryGroup","equals":"allLogs"}]}},"equals":1},{"field":"Microsoft.Insights/diagnosticSettings/workspaceId","equals":"[parameters('logAnalytics')]"}]},"roleDefinitionIds":["/providers/Microsoft.Authorization/roleDefinitions/92aaf0da-9dab-42b6-94a3-d43ce8d16293"],"deployment":{"properties":{"mode":"incremental","template":{"$schema":"http://schema.management.azure.com/schemas/2019-08-01/deploymentTemplate.json#","contentVersion":"1.0.0.0","parameters":{"diagnosticSettingName":{"type":"string"},"logAnalytics":{"type":"string"},"categoryGroup":{"type":"String"},"resourceName":{"type":"string"}},"variables":{},"resources":[{"type":"microsoft.agfoodplatform/farmbeats/providers/diagnosticSettings","apiVersion":"2021-05-01-preview","name":"[concat(parameters('resourceName'),'/','Microsoft.Insights/',parameters('diagnosticSettingName'))]","properties":{"workspaceId":"[parameters('logAnalytics')]","logs":[{"categoryGroup":"audit","enabled":"[equals(parameters('categoryGroup'),'audit')]"},{"categoryGroup":"allLogs","enabled":"[equals(parameters('categoryGroup'),'allLogs')]"}],"metrics":[]}}],"outputs":{"policy":{"type":"string","value":"[concat('Diagnostic setting ',parameters('diagnosticSettingName'),' for type Azure FarmBeats (microsoft.agfoodplatform/farmbeats),resourceName ',parameters('resourceName'),' to Log Analytics ',parameters('logAnalytics'),' configured')]"}}},"parameters":{"diagnosticSettingName":{"value":"[parameters('diagnosticSettingName')]"},"logAnalytics":{"value":"[parameters('logAnalytics')]"},"categoryGroup":{"value":"[parameters('categoryGroup')]"},"resourceName":{"value":"[field('name')]"}}}}}}}}Used in 2 Policy Set(s):
• Enable allLogs category group resource logging for supported resources to storage (b6b86da9-e527-49de-ac59-6af0a9db10b8) [Monitoring] BuiltIn
• Enable audit category group resource logging for supported resources to storage (8d723fb6-6680-45be-9d37-b1a4adb52207) [Monitoring] BuiltIn
{
"displayName": "Enable logging by category group for Azure FarmBeats (microsoft.agfoodplatform/farmbeats) to Storage",
"policyType": "BuiltIn",
"mode": "Indexed",
"description": "Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This policy deploys a diagnostic setting using a category group to route logs to a Storage Account for Azure FarmBeats (microsoft.agfoodplatform/farmbeats).",
"metadata": {
"category": "Monitoring",
"version": "1.1.0"
},
"parameters": {
"effect": {
"type": "String",
"metadata": {
"displayName": "Effect",
"description": "Enable or disable the execution of the policy"
},
"allowedValues": [
"DeployIfNotExists",
"AuditIfNotExists",
"Disabled"
],
"defaultValue": "DeployIfNotExists"
},
"diagnosticSettingName": {
"type": "String",
"metadata": {
"displayName": "Diagnostic Setting Name",
"description": "Diagnostic Setting Name"
},
"defaultValue": "setByPolicy-Storage"
},
"categoryGroup": {
"type": "String",
"metadata": {
"displayName": "Category Group",
"description": "Diagnostic category group - none, audit, or allLogs."
},
"allowedValues": [
"audit",
"allLogs"
],
"defaultValue": "audit"
},
"resourceLocation": {
"type": "String",
"metadata": {
"displayName": "Resource Location",
"description": "Resource Location must be in the same location as the Storage Account.",
"strongType": "location"
}
},
"storageAccount": {
"type": "String",
"metadata": {
"displayName": "Storage Account",
"description": "Full path (resourceId) to the storage account.",
"assignPermissions": true
}
}
},
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals": "microsoft.agfoodplatform/farmbeats"
},
{
"field": "location",
"equals": "[parameters('resourceLocation')]"
}
]
},
"then": {
"effect": "[parameters('effect')]",
"details": {
"type": "Microsoft.Insights/diagnosticSettings",
"evaluationDelay": "AfterProvisioning",
"existenceCondition": {
"allOf": [
{
"count": {
"field": "Microsoft.Insights/diagnosticSettings/logs[*]",
"where": {
"allOf": [
{
"field": "Microsoft.Insights/diagnosticSettings/logs[*].enabled",
"equals": "[equals(parameters('categoryGroup'), 'audit')]"
},
{
"field": "microsoft.insights/diagnosticSettings/logs[*].categoryGroup",
"equals": "audit"
}
]
}
},
"equals": 1
},
{
"count": {
"field": "Microsoft.Insights/diagnosticSettings/logs[*]",
"where": {
"allOf": [
{
"field": "Microsoft.Insights/diagnosticSettings/logs[*].enabled",
"equals": "[equals(parameters('categoryGroup'), 'allLogs')]"
},
{
"field": "microsoft.insights/diagnosticSettings/logs[*].categoryGroup",
"equals": "allLogs"
}
]
}
},
"equals": 1
},
{
"field": "Microsoft.Insights/diagnosticSettings/storageAccountId",
"equals": "[parameters('storageAccount')]"
}
]
},
"roleDefinitionIds": [
"/providers/Microsoft.Authorization/roleDefinitions/92aaf0da-9dab-42b6-94a3-d43ce8d16293"
],
"deployment": {
"properties": {
"mode": "incremental",
"template": {
"$schema": "http://schema.management.azure.com/schemas/2019-08-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"diagnosticSettingName": {
"type": "string"
},
"categoryGroup": {
"type": "String"
},
"storageAccount": {
"type": "string"
},
"resourceLocation": {
"type": "string"
},
"resourceName": {
"type": "string"
}
},
"variables": {},
"resources": [
{
"type": "microsoft.agfoodplatform/farmbeats/providers/diagnosticSettings",
"apiVersion": "2021-05-01-preview",
"name": "[concat(parameters('resourceName'), '/', 'Microsoft.Insights/', parameters('diagnosticSettingName'))]",
"location": "[parameters('resourceLocation')]",
"properties": {
"storageAccountId": "[parameters('storageAccount')]",
"logs": [
{
"categoryGroup": "audit",
"enabled": "[equals(parameters('categoryGroup'), 'audit')]"
},
{
"categoryGroup": "allLogs",
"enabled": "[equals(parameters('categoryGroup'), 'allLogs')]"
}
],
"metrics": []
}
}
],
"outputs": {
"policy": {
"type": "string",
"value": "[concat('Diagnostic setting ', parameters('diagnosticSettingName'), ' for type Azure FarmBeats (microsoft.agfoodplatform/farmbeats), resourceName ', parameters('resourceName'), ' to Storage Account ', parameters('storageAccount'), ' configured')]"
}
}
},
"parameters": {
"diagnosticSettingName": {
"value": "[parameters('diagnosticSettingName')]"
},
"categoryGroup": {
"value": "[parameters('categoryGroup')]"
},
"storageAccount": {
"value": "[parameters('storageAccount')]"
},
"resourceLocation": {
"value": "[field('location')]"
},
"resourceName": {
"value": "[field('name')]"
}
}
}
}
}
}
}
}{"displayName":"Enable logging by category group for Azure FarmBeats (microsoft.agfoodplatform/farmbeats) to Storage","policyType":"BuiltIn","mode":"Indexed","description":"Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This policy deploys a diagnostic setting using a category group to route logs to a Storage Account for Azure FarmBeats (microsoft.agfoodplatform/farmbeats).","metadata":{"category":"Monitoring","version":"1.1.0"},"parameters":{"effect":{"type":"String","metadata":{"displayName":"Effect","description":"Enable or disable the execution of the policy"},"allowedValues":["DeployIfNotExists","AuditIfNotExists","Disabled"],"defaultValue":"DeployIfNotExists"},"diagnosticSettingName":{"type":"String","metadata":{"displayName":"Diagnostic Setting Name","description":"Diagnostic Setting Name"},"defaultValue":"setByPolicy-Storage"},"categoryGroup":{"type":"String","metadata":{"displayName":"Category Group","description":"Diagnostic category group - none,audit,or allLogs."},"allowedValues":["audit","allLogs"],"defaultValue":"audit"},"resourceLocation":{"type":"String","metadata":{"displayName":"Resource Location","description":"Resource Location must be in the same location as the Storage Account.","strongType":"location"}},"storageAccount":{"type":"String","metadata":{"displayName":"Storage Account","description":"Full path (resourceId) to the storage account.","assignPermissions":true}}},"policyRule":{"if":{"allOf":[{"field":"type","equals":"microsoft.agfoodplatform/farmbeats"},{"field":"location","equals":"[parameters('resourceLocation')]"}]},"then":{"effect":"[parameters('effect')]","details":{"type":"Microsoft.Insights/diagnosticSettings","evaluationDelay":"AfterProvisioning","existenceCondition":{"allOf":[{"count":{"field":"Microsoft.Insights/diagnosticSettings/logs[*]","where":{"allOf":[{"field":"Microsoft.Insights/diagnosticSettings/logs[*].enabled","equals":"[equals(parameters('categoryGroup'),'audit')]"},{"field":"microsoft.insights/diagnosticSettings/logs[*].categoryGroup","equals":"audit"}]}},"equals":1},{"count":{"field":"Microsoft.Insights/diagnosticSettings/logs[*]","where":{"allOf":[{"field":"Microsoft.Insights/diagnosticSettings/logs[*].enabled","equals":"[equals(parameters('categoryGroup'),'allLogs')]"},{"field":"microsoft.insights/diagnosticSettings/logs[*].categoryGroup","equals":"allLogs"}]}},"equals":1},{"field":"Microsoft.Insights/diagnosticSettings/storageAccountId","equals":"[parameters('storageAccount')]"}]},"roleDefinitionIds":["/providers/Microsoft.Authorization/roleDefinitions/92aaf0da-9dab-42b6-94a3-d43ce8d16293"],"deployment":{"properties":{"mode":"incremental","template":{"$schema":"http://schema.management.azure.com/schemas/2019-08-01/deploymentTemplate.json#","contentVersion":"1.0.0.0","parameters":{"diagnosticSettingName":{"type":"string"},"categoryGroup":{"type":"String"},"storageAccount":{"type":"string"},"resourceLocation":{"type":"string"},"resourceName":{"type":"string"}},"variables":{},"resources":[{"type":"microsoft.agfoodplatform/farmbeats/providers/diagnosticSettings","apiVersion":"2021-05-01-preview","name":"[concat(parameters('resourceName'),'/','Microsoft.Insights/',parameters('diagnosticSettingName'))]","location":"[parameters('resourceLocation')]","properties":{"storageAccountId":"[parameters('storageAccount')]","logs":[{"categoryGroup":"audit","enabled":"[equals(parameters('categoryGroup'),'audit')]"},{"categoryGroup":"allLogs","enabled":"[equals(parameters('categoryGroup'),'allLogs')]"}],"metrics":[]}}],"outputs":{"policy":{"type":"string","value":"[concat('Diagnostic setting ',parameters('diagnosticSettingName'),' for type Azure FarmBeats (microsoft.agfoodplatform/farmbeats),resourceName ',parameters('resourceName'),' to Storage Account ',parameters('storageAccount'),' configured')]"}}},"parameters":{"diagnosticSettingName":{"value":"[parameters('diagnosticSettingName')]"},"categoryGroup":{"value":"[parameters('categoryGroup')]"},"storageAccount":{"value":"[parameters('storageAccount')]"},"resourceLocation":{"value":"[field('location')]"},"resourceName":{"value":"[field('name')]"}}}}}}}}