last sync: 2021-May-10 15:04:35 UTC

Azure Policy Initiative

Flow logs should be configured and enabled for every network security group

NameFlow logs should be configured and enabled for every network security group
Azure Portal
Id62329546-775b-4a3d-a4cb-eb4bb990d2c0
Version1.0.0
details on versioning
CategoryNetwork
Microsoft docs
DescriptionAudit for network security groups to verify if flow logs are configured and if flow log status is enabled. Enabling flow logs allows to log information about IP traffic flowing through network security group. It can be used for optimizing network flows, monitoring throughput, verifying compliance, detecting intrusions and more.
TypeBuiltIn
DeprecatedFalse
PreviewFalse
History
Date/Time (UTC ymd) (i) Changes
2021-03-10 14:52:45 add Initiative 62329546-775b-4a3d-a4cb-eb4bb990d2c0
Policy count Total Policies: 2
Builtin Policies: 2
Static Policies: 0
Policy used
Policy DisplayName Policy Id Category Effect State
Flow logs should be configured for every network security group c251913d-7d24-4958-af87-478ed3b9ba41 Network Default: Audit
Allowed: (Audit, Disabled)
GA
Flow logs should be enabled for every network security group 27960feb-a23c-4577-8d36-ef8b5f35e0be Network Default: Audit
Allowed: (Audit, Disabled)
GA
JSON
{
  "properties": {
    "displayName": "Flow logs should be configured and enabled for every network security group",
    "policyType": "BuiltIn",
    "description": "Audit for network security groups to verify if flow logs are configured and if flow log status is enabled. Enabling flow logs allows to log information about IP traffic flowing through network security group. It can be used for optimizing network flows, monitoring throughput, verifying compliance, detecting intrusions and more.",
    "metadata": {
      "version": "1.0.0",
      "category": "Network"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "Audit",
          "Disabled"
        ],
        "defaultValue": "Audit"
      }
    },
    "policyDefinitions": [
      {
        "policyDefinitionReferenceId": "NetworkSecurityGroup_FlowLog_Audit",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c251913d-7d24-4958-af87-478ed3b9ba41",
        "parameters": {
          "effect": {
          "value": "[parameters('effect')]"
          }
        },
        "groupNames": [
          
        ]
      },
      {
        "policyDefinitionReferenceId": "NetworkWatcherFlowLog_Enabled_Audit",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/27960feb-a23c-4577-8d36-ef8b5f35e0be",
        "parameters": {
          "effect": {
          "value": "[parameters('effect')]"
          }
        },
        "groupNames": [
          
        ]
      }
    ],
    "policyDefinitionGroups": [
      
    ]
  },
  "id": "/providers/Microsoft.Authorization/policySetDefinitions/62329546-775b-4a3d-a4cb-eb4bb990d2c0",
  "type": "Microsoft.Authorization/policySetDefinitions",
  "name": "62329546-775b-4a3d-a4cb-eb4bb990d2c0"
}