AzInitiativeAdvertizer

last sync: 2025-Jul-24 17:34:09 UTC

Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) for Identity

Azure Monitor Baseline Alerts (AMBA) Policy Initiative (PolicySet)

Source

Repository Azure Monitor Baseline Alerts (AMBA) GitHub

Display name

Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) for Identity

Id

Alerting-Identity

Version

1.1.2
Details on versioning

Category

Monitoring

Description

This initiative deploys Azure Monitor Baseline Alerts (AMBA-ALZ) to monitor identity components.

Cloud environments

AzureCloud

Type

Custom Azure Monitor Baseline Alerts (AMBA)

Deprecated

False

Preview

False

Policy-used summary

Policy types	Policy states	Policy categories
Total Policies: 8 Builtin Policies: 0 Static Policies: 0 AMBA Policies: 8	GA: 8	1 categories: Key Vault: 8

Policy-used

Loading extensions...

Rows: 1-8 / 8
Records:
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, **[empty]**, **[nonempty]**, **rgx:**
Learn more
TableFilter v0.7.3
https://www.tablefilter.com/
©2015-2025 Max Guglielmi
Close
?
Page of 1
Policy DisplayName	Policy Id	Category	Effect	Roles#	Roles	State	Type	policy in AzUSGov

Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Activity Log Key Vault Delete Alert	Deploy_activitylog_KeyVault_Delete	Key Vault	Default deployIfNotExists Allowed deployIfNotExists, disabled	1	Contributor	GA	AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Activity Log Managed HSMs Delete Alert	Deploy_ActivityLog_ManagedHSMs_Delete	Key Vault	Default deployIfNotExists Allowed deployIfNotExists, disabled	1	Contributor	GA	AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Key Vault Availability Alert	Deploy_KeyVault_Availability_Alert	Key Vault	Default disabled Allowed deployIfNotExists, disabled	1	Contributor	GA	AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Key Vault Capacity Alert	Deploy_KeyVault_Capacity_Alert	Key Vault	Default disabled Allowed deployIfNotExists, disabled	1	Contributor	GA	AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Key Vault Latency Alert	Deploy_KeyVault_Latency_Alert	Key Vault	Default disabled Allowed deployIfNotExists, disabled	1	Contributor	GA	AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Key Vault Requests Alert	Deploy_KeyVault_Requests_Alert	Key Vault	Default disabled Allowed deployIfNotExists, disabled	1	Contributor	GA	AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Managed HSMs Availability Alert	Deploy_ManagedHSMs_Availability_Alert	Key Vault	Default disabled Allowed deployIfNotExists, disabled	1	Contributor	GA	AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Managed HSMs Latency Alert	Deploy_ManagedHSMs_Latency_Alert	Key Vault	Default disabled Allowed deployIfNotExists, disabled	1	Contributor	GA	AMBA

Roles used

Total Roles usage: 8
Total Roles unique usage: 1

Role	Role Id	#Policies	Policies
Contributor	b24988ac-6180-42a0-ab88-20f7382dd24c	8	Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Activity Log Key Vault Delete Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Activity Log Managed HSMs Delete Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Key Vault Availability Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Key Vault Capacity Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Key Vault Latency Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Key Vault Requests Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Managed HSMs Availability Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Managed HSMs Latency Alert

JSON

EPAC

{7 itemsdisplayName: "Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) for Identity",
description: "This initiative deploys Azure Monitor Baseline Alerts (AMBA-ALZ) to monitor identity components.",
metadata: {5 itemsversion: "1.1.2",
category: "Monitoring",
source: "https://github.com/Azure/azure-monitor-baseline-alerts/",
alzCloudEnvironments: [1 item"AzureCloud"
],
_deployed_by_amba: true
},
parameters: {44 itemsALZMonitorResourceGroupName: {3 itemstype: "String",
defaultValue: "rg-amba-monitoring-001",
metadata: {2 itemsdisplayName: "ALZ Monitor Resource Group Name",
description: "Name of the resource group where the alerting resources will be deployed"
}
},
ALZMonitorResourceGroupTags: {3 itemstype: "Object",
defaultValue: {1 item_deployed_by_alz_monitor: true
},
metadata: {2 itemsdisplayName: "ALZ Monitor Resource Group Tags",
description: "Tags for the resource group where the alerting resources will be deployed"
}
},
ALZMonitorResourceGroupLocation: {3 itemstype: "String",
defaultValue: "centralus",
metadata: {2 itemsdisplayName: "ALZ Monitor Resource Group Location",
description: "Location of the resource group where the alerting resources will be deployed"
}
},
ALZMonitorDisableTagName: {3 itemstype: "String",
metadata: {2 itemsdisplayName: "ALZ Monitoring disabled tag name",
description: "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled."
},
defaultValue: "MonitorDisable"
},
ALZMonitorDisableTagValues: {3 itemstype: "Array",
metadata: {2 itemsdisplayName: "ALZ Monitoring disabled tag values(s)",
description: "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled."
},
defaultValue: [4 items"true",
"Test",
"Dev",
"Sandbox"
]
},
KVRequestAlertSeverity: {4 itemstype: "String",
defaultValue: "2",
allowedValues: [5 items"0",
"1",
"2",
"3",
"4"
],
metadata: {2 itemsdisplayName: "KeyVault Request Alert Severity",
description: "Severity of the alert"
}
},
KVRequestWindowSize: {4 itemstype: "string",
defaultValue: "PT5M",
allowedValues: [8 items"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"P1D"
],
metadata: {2 itemsdisplayName: "KeyVault Request Alert Window Size",
description: "Window size for the alert"
}
},
KVRequestEvaluationFrequency: {4 itemstype: "string",
defaultValue: "PT5M",
allowedValues: [5 items"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H"
],
metadata: {2 itemsdisplayName: "KeyVault Request Alert Evaluation Frequency",
description: "Evaluation frequency for the alert"
}
},
KVRequestPolicyEffect: {4 itemstype: "string",
defaultValue: "disabled",
allowedValues: [2 items"deployIfNotExists",
"disabled"
],
metadata: {2 itemsdisplayName: "KeyVault Request Alert Policy Effect",
description: "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert"
}
},
KVRequestAlertState: {3 itemstype: "string",
defaultValue: "true",
metadata: {2 itemsdisplayName: "KeyVault Request Alert State",
description: "State of the alert, true will enable the alert, false will disable the alert"
}
},
KvAvailabilityAlertSeverity: {4 itemstype: "String",
defaultValue: "1",
allowedValues: [5 items"0",
"1",
"2",
"3",
"4"
],
metadata: {2 itemsdisplayName: "KeyVault Availability Alert Severity",
description: "Severity of the alert"
}
},
KvAvailabilityWindowSize: {4 itemstype: "string",
defaultValue: "PT1M",
allowedValues: [8 items"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"P1D"
],
metadata: {2 itemsdisplayName: "KeyVault Availability Alert Window Size",
description: "Window size for the alert"
}
},
KvAvailabilityEvaluationFrequency: {4 itemstype: "string",
defaultValue: "PT1M",
allowedValues: [5 items"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H"
],
metadata: {2 itemsdisplayName: "KeyVault Availability Alert Evaluation Frequency",
description: "Evaluation frequency for the alert"
}
},
KvAvailabilityPolicyEffect: {4 itemstype: "string",
defaultValue: "disabled",
allowedValues: [2 items"deployIfNotExists",
"disabled"
],
metadata: {2 itemsdisplayName: "KeyVault Availability Alert Policy Effect",
description: "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert"
}
},
KvAvailabilityAlertState: {3 itemstype: "string",
defaultValue: "true",
metadata: {2 itemsdisplayName: "KeyVault Availability Alert State",
description: "State of the alert, true will enable the alert, false will disable the alert"
}
},
KVAvailabilityThreshold: {3 itemstype: "string",
defaultValue: "20",
metadata: {2 itemsdisplayName: "KeyVault Availability Alert Threshold",
description: "Threshold for the alert"
}
},
KvLatencyAvailabilityAlertSeverity: {4 itemstype: "String",
defaultValue: "3",
allowedValues: [5 items"0",
"1",
"2",
"3",
"4"
],
metadata: {2 itemsdisplayName: "KeyVault Latency Alert Severity",
description: "Severity of the alert"
}
},
KvLatencyAvailabilityWindowSize: {4 itemstype: "string",
defaultValue: "PT5M",
allowedValues: [8 items"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"P1D"
],
metadata: {2 itemsdisplayName: "KeyVault Latency Alert Window Size",
description: "Window size for the alert"
}
},
KvLatencyAvailabilityEvaluationFrequency: {4 itemstype: "string",
defaultValue: "PT5M",
allowedValues: [5 items"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H"
],
metadata: {2 itemsdisplayName: "KeyVault Latency Alert Evaluation Frequency",
description: "Evaluation frequency for the alert"
}
},
KvLatencyAvailabilityPolicyEffect: {4 itemstype: "string",
defaultValue: "disabled",
allowedValues: [2 items"deployIfNotExists",
"disabled"
],
metadata: {2 itemsdisplayName: "KeyVault Latency Alert Policy Effect",
description: "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert"
}
},
KvLatencyAvailabilityAlertState: {3 itemstype: "string",
defaultValue: "true",
metadata: {2 itemsdisplayName: "KeyVault Latency Alert State",
description: "State of the alert, true will enable the alert, false will disable the alert"
}
},
KvLatencyAvailabilityThreshold: {3 itemstype: "string",
defaultValue: "1000",
metadata: {2 itemsdisplayName: "KeyVault Latency Alert Threshold",
description: "Threshold for the alert"
}
},
KVCapacityAlertSeverity: {4 itemstype: "String",
defaultValue: "1",
allowedValues: [5 items"0",
"1",
"2",
"3",
"4"
],
metadata: {2 itemsdisplayName: "KeyVault Capacity Alert Severity",
description: "Severity of the alert"
}
},
KVCapacityWindowSize: {4 itemstype: "string",
defaultValue: "PT5M",
allowedValues: [8 items"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"P1D"
],
metadata: {2 itemsdisplayName: "KeyVault Capacity Alert Window Size",
description: "Window size for the alert"
}
},
KVCapacityEvaluationFrequency: {4 itemstype: "string",
defaultValue: "PT1M",
allowedValues: [5 items"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H"
],
metadata: {2 itemsdisplayName: "KeyVault Capacity Alert Evaluation Frequency",
description: "Evaluation frequency for the alert"
}
},
KVCapacityPolicyEffect: {4 itemstype: "string",
defaultValue: "disabled",
allowedValues: [2 items"deployIfNotExists",
"disabled"
],
metadata: {2 itemsdisplayName: "KeyVault Capacity Alert Policy Effect",
description: "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert"
}
},
KVCapacityAlertState: {3 itemstype: "string",
defaultValue: "true",
metadata: {2 itemsdisplayName: "KeyVault Capacity Alert State",
description: "State of the alert, true will enable the alert, false will disable the alert"
}
},
KVCapacityThreshold: {3 itemstype: "string",
defaultValue: "75",
metadata: {2 itemsdisplayName: "KeyVault Capacity Alert Threshold",
description: "Threshold for the alert"
}
},
activityKVDeleteAlertState: {3 itemstype: "string",
defaultValue: "true",
metadata: {2 itemsdisplayName: "Activity Log KeyVault Delete Alert State",
description: "State of the alert, true will enable the alert, false will disable the alert"
}
},
activityKVDeletePolicyEffect: {4 itemstype: "string",
defaultValue: "deployIfNotExists",
allowedValues: [2 items"deployIfNotExists",
"disabled"
],
metadata: {2 itemsdisplayName: "Key Vault Delete Policy Effect",
description: "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist"
}
},
HSMsAvailabilityAlertSeverity: {4 itemstype: "String",
defaultValue: "1",
allowedValues: [5 items"0",
"1",
"2",
"3",
"4"
],
metadata: {2 itemsdisplayName: "Key Vault Managed HSMs Availability Alert Severity",
description: "Severity of the alert for Key Vault Managed HSMs Availability"
}
},
HSMsAvailabilityWindowSize: {4 itemstype: "string",
defaultValue: "PT1M",
allowedValues: [8 items"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"P1D"
],
metadata: {2 itemsdisplayName: "Key Vault Managed HSMs Availability Window Size",
description: "Window size for the alert"
}
},
HSMsAvailabilityEvaluationFrequency: {4 itemstype: "string",
defaultValue: "PT1M",
allowedValues: [5 items"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H"
],
metadata: {2 itemsdisplayName: "Key Vault Managed HSMs Availability Evaluation Frequency",
description: "Evaluation frequency for the alert"
}
},
HSMsAvailabilityPolicyEffect: {4 itemstype: "string",
defaultValue: "disabled",
allowedValues: [2 items"deployIfNotExists",
"disabled"
],
metadata: {2 itemsdisplayName: "Key Vault Managed HSMs Availability Policy Effect",
description: "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist"
}
},
HSMsAvailabilityAlertState: {3 itemstype: "string",
defaultValue: "true",
metadata: {2 itemsdisplayName: "Key Vault Managed HSMs Availability Alert State",
description: "Alert state for the alert"
}
},
HSMsAvailabilityThreshold: {3 itemstype: "string",
defaultValue: "20",
metadata: {2 itemsdisplayName: "Key Vault Managed HSMs Availability Threshold",
description: "Threshold for the alert"
}
},
HSMsLatencyAvailabilityAlertSeverity: {4 itemstype: "String",
defaultValue: "3",
allowedValues: [5 items"0",
"1",
"2",
"3",
"4"
],
metadata: {2 itemsdisplayName: "Key Vault Managed HSMs Latency Availability Alert Severity",
description: "Severity of the alert for Key Vault Managed HSMs Latency Availability"
}
},
HSMsLatencyAvailabilityWindowSize: {4 itemstype: "string",
defaultValue: "PT5M",
allowedValues: [8 items"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"P1D"
],
metadata: {2 itemsdisplayName: "Key Vault Managed HSMs Latency Availability Window Size",
description: "Window size for the alert"
}
},
HSMsLatencyAvailabilityEvaluationFrequency: {4 itemstype: "string",
defaultValue: "PT5M",
allowedValues: [5 items"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H"
],
metadata: {2 itemsdisplayName: "Key Vault Managed HSMs Latency Availability Evaluation Frequency",
description: "Evaluation frequency for the alert"
}
},
HSMsLatencyAvailabilityPolicyEffect: {4 itemstype: "string",
defaultValue: "disabled",
allowedValues: [2 items"deployIfNotExists",
"disabled"
],
metadata: {2 itemsdisplayName: "Key Vault Managed HSMs Latency Availability Policy Effect",
description: "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist"
}
},
HSMsLatencyAvailabilityAlertState: {3 itemstype: "string",
defaultValue: "true",
metadata: {2 itemsdisplayName: "Key Vault Managed HSMs Latency Availability Alert State",
description: "Alert state for the alert"
}
},
HSMsLatencyAvailabilityThreshold: {3 itemstype: "string",
defaultValue: "1000",
metadata: {2 itemsdisplayName: "Key Vault Managed HSMs Latency Availability Threshold",
description: "Threshold for the alert"
}
},
activityHSMsDeleteAlertState: {3 itemstype: "string",
defaultValue: "true",
metadata: {2 itemsdisplayName: "Activity Key Vault Managed HSMs Delete Alert State",
description: "Alert state for the alert"
}
},
activityHSMsDeletePolicyEffect: {4 itemstype: "string",
defaultValue: "deployIfNotExists",
allowedValues: [2 items"deployIfNotExists",
"disabled"
],
metadata: {2 itemsdisplayName: "Key Vault Managed HSMs Delete Policy Effect",
description: "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist"
}
}
},
policyDefinitions: [8 items{3 itemspolicyDefinitionReferenceId: "ALZ_KVRequest",
policyDefinitionId: "/providers/Microsoft.Management/managementGroups/contoso/providers/Microsoft.Authorization/policyDefinitions/Deploy_KeyVault_Requests_Alert",
parameters: {7 itemsseverity: {1 itemvalue: "[parameters('KVRequestAlertSeverity')]"
},
windowSize: {1 itemvalue: "[parameters('KVRequestWindowSize')]"
},
evaluationFrequency: {1 itemvalue: "[parameters('KVRequestEvaluationFrequency')]"
},
effect: {1 itemvalue: "[parameters('KVRequestPolicyEffect')]"
},
enabled: {1 itemvalue: "[parameters('KVRequestAlertState')]"
},
MonitorDisableTagName: {1 itemvalue: "[parameters('ALZMonitorDisableTagName')]"
},
MonitorDisableTagValues: {1 itemvalue: "[parameters('ALZMonitorDisableTagValues')]"
}
}
},
{3 itemspolicyDefinitionReferenceId: "ALZ_KvAvailability",
policyDefinitionId: "/providers/Microsoft.Management/managementGroups/contoso/providers/Microsoft.Authorization/policyDefinitions/Deploy_KeyVault_Availability_Alert",
parameters: {8 itemsseverity: {1 itemvalue: "[parameters('KvAvailabilityAlertSeverity')]"
},
windowSize: {1 itemvalue: "[parameters('KvAvailabilityWindowSize')]"
},
evaluationFrequency: {1 itemvalue: "[parameters('KvAvailabilityEvaluationFrequency')]"
},
effect: {1 itemvalue: "[parameters('KvAvailabilityPolicyEffect')]"
},
enabled: {1 itemvalue: "[parameters('KvAvailabilityAlertState')]"
},
threshold: {1 itemvalue: "[parameters('KVAvailabilityThreshold')]"
},
MonitorDisableTagName: {1 itemvalue: "[parameters('ALZMonitorDisableTagName')]"
},
MonitorDisableTagValues: {1 itemvalue: "[parameters('ALZMonitorDisableTagValues')]"
}
}
},
{3 itemspolicyDefinitionReferenceId: "ALZ_KvLatencyAvailability",
policyDefinitionId: "/providers/Microsoft.Management/managementGroups/contoso/providers/Microsoft.Authorization/policyDefinitions/Deploy_KeyVault_Latency_Alert",
parameters: {8 itemsseverity: {1 itemvalue: "[parameters('KvLatencyAvailabilityAlertSeverity')]"
},
windowSize: {1 itemvalue: "[parameters('KvLatencyAvailabilityWindowSize')]"
},
evaluationFrequency: {1 itemvalue: "[parameters('KvLatencyAvailabilityEvaluationFrequency')]"
},
effect: {1 itemvalue: "[parameters('KvLatencyAvailabilityPolicyEffect')]"
},
enabled: {1 itemvalue: "[parameters('KvLatencyAvailabilityAlertState')]"
},
threshold: {1 itemvalue: "[parameters('KvLatencyAvailabilityThreshold')]"
},
MonitorDisableTagName: {1 itemvalue: "[parameters('ALZMonitorDisableTagName')]"
},
MonitorDisableTagValues: {1 itemvalue: "[parameters('ALZMonitorDisableTagValues')]"
}
}
},
{3 itemspolicyDefinitionReferenceId: "ALZ_KVCapacity",
policyDefinitionId: "/providers/Microsoft.Management/managementGroups/contoso/providers/Microsoft.Authorization/policyDefinitions/Deploy_KeyVault_Capacity_Alert",
parameters: {8 itemsseverity: {1 itemvalue: "[parameters('KVCapacityAlertSeverity')]"
},
windowSize: {1 itemvalue: "[parameters('KVCapacityWindowSize')]"
},
evaluationFrequency: {1 itemvalue: "[parameters('KVCapacityEvaluationFrequency')]"
},
effect: {1 itemvalue: "[parameters('KVCapacityPolicyEffect')]"
},
enabled: {1 itemvalue: "[parameters('KVCapacityAlertState')]"
},
threshold: {1 itemvalue: "[parameters('KVCapacityThreshold')]"
},
MonitorDisableTagName: {1 itemvalue: "[parameters('ALZMonitorDisableTagName')]"
},
MonitorDisableTagValues: {1 itemvalue: "[parameters('ALZMonitorDisableTagValues')]"
}
}
},
{3 itemspolicyDefinitionReferenceId: "ALZ_activityKVDelete",
policyDefinitionId: "/providers/Microsoft.Management/managementGroups/contoso/providers/Microsoft.Authorization/policyDefinitions/Deploy_activitylog_KeyVault_Delete",
parameters: {7 itemseffect: {1 itemvalue: "[parameters('activityKVDeletePolicyEffect')]"
},
enabled: {1 itemvalue: "[parameters('activityKVDeleteAlertState')]"
},
alertResourceGroupName: {1 itemvalue: "[parameters('ALZMonitorResourceGroupName')]"
},
alertResourceGroupTags: {1 itemvalue: "[parameters('ALZMonitorResourceGroupTags')]"
},
alertResourceGroupLocation: {1 itemvalue: "[parameters('ALZMonitorResourceGroupLocation')]"
},
MonitorDisableTagName: {1 itemvalue: "[parameters('ALZMonitorDisableTagName')]"
},
MonitorDisableTagValues: {1 itemvalue: "[parameters('ALZMonitorDisableTagValues')]"
}
}
},
{3 itemspolicyDefinitionReferenceId: "ALZ_ManagedHSMsAvailability",
policyDefinitionId: "/providers/Microsoft.Management/managementGroups/contoso/providers/Microsoft.Authorization/policyDefinitions/Deploy_ManagedHSMs_Availability_Alert",
parameters: {8 itemsseverity: {1 itemvalue: "[parameters('HSMsAvailabilityAlertSeverity')]"
},
windowSize: {1 itemvalue: "[parameters('HSMsAvailabilityWindowSize')]"
},
evaluationFrequency: {1 itemvalue: "[parameters('HSMsAvailabilityEvaluationFrequency')]"
},
effect: {1 itemvalue: "[parameters('HSMsAvailabilityPolicyEffect')]"
},
enabled: {1 itemvalue: "[parameters('HSMsAvailabilityAlertState')]"
},
threshold: {1 itemvalue: "[parameters('HSMsAvailabilityThreshold')]"
},
MonitorDisableTagName: {1 itemvalue: "[parameters('ALZMonitorDisableTagName')]"
},
MonitorDisableTagValues: {1 itemvalue: "[parameters('ALZMonitorDisableTagValues')]"
}
}
},
{3 itemspolicyDefinitionReferenceId: "ALZ_ManagedHSMsLatencyAvailability",
policyDefinitionId: "/providers/Microsoft.Management/managementGroups/contoso/providers/Microsoft.Authorization/policyDefinitions/Deploy_ManagedHSMs_Latency_Alert",
parameters: {8 itemsseverity: {1 itemvalue: "[parameters('HSMsLatencyAvailabilityAlertSeverity')]"
},
windowSize: {1 itemvalue: "[parameters('HSMsLatencyAvailabilityWindowSize')]"
},
evaluationFrequency: {1 itemvalue: "[parameters('HSMsLatencyAvailabilityEvaluationFrequency')]"
},
effect: {1 itemvalue: "[parameters('HSMsLatencyAvailabilityPolicyEffect')]"
},
enabled: {1 itemvalue: "[parameters('HSMsLatencyAvailabilityAlertState')]"
},
threshold: {1 itemvalue: "[parameters('HSMsLatencyAvailabilityThreshold')]"
},
MonitorDisableTagName: {1 itemvalue: "[parameters('ALZMonitorDisableTagName')]"
},
MonitorDisableTagValues: {1 itemvalue: "[parameters('ALZMonitorDisableTagValues')]"
}
}
},
{3 itemspolicyDefinitionReferenceId: "ALZ_activityManagedHSMsDelete",
policyDefinitionId: "/providers/Microsoft.Management/managementGroups/contoso/providers/Microsoft.Authorization/policyDefinitions/Deploy_ActivityLog_ManagedHSMs_Delete",
parameters: {7 itemsenabled: {1 itemvalue: "[parameters('activityHSMsDeleteAlertState')]"
},
alertResourceGroupName: {1 itemvalue: "[parameters('ALZMonitorResourceGroupName')]"
},
alertResourceGroupTags: {1 itemvalue: "[parameters('ALZMonitorResourceGroupTags')]"
},
alertResourceGroupLocation: {1 itemvalue: "[parameters('ALZMonitorResourceGroupLocation')]"
},
effect: {1 itemvalue: "[parameters('activityHSMsDeletePolicyEffect')]"
},
MonitorDisableTagName: {1 itemvalue: "[parameters('ALZMonitorDisableTagName')]"
},
MonitorDisableTagValues: {1 itemvalue: "[parameters('ALZMonitorDisableTagValues')]"
}
}
}
],
policyType: "Custom",
policyDefinitionGroups: null
}