AzPolicyAdvertizer

last sync: 2025-Jun-19 17:23:14 UTC

Deploy Diagnostic Settings for Logic Apps to Event Hub

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

Deploy Diagnostic Settings for Logic Apps to Event Hub

a1dae6c7-13f3-48ea-a149-ff8442661f60

Version

2.0.0
Details on versioning

Versioning

Versions supported for Versioning: 1
2.0.0
Built-in Versioning [Preview]

Category

Monitoring
Microsoft Learn

Description

Deploys the diagnostic settings for Logic Apps to stream to a regional Event Hub when any Logic Apps which is missing this diagnostic settings is created or updated.

Cloud environments

AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown

Available in AzUSGov

Unknown, no evidence if Policy definition is/not available in AzureUSGovernment

Mode

Indexed

Type

BuiltIn

Preview

False

Deprecated

False

Effect

Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled

RBAC role(s)

Role Name	Role Id
Contributor	b24988ac-6180-42a0-ab88-20f7382dd24c

Rule aliases

THEN-ExistenceCondition (2)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.Insights/diagnosticSettings/logs.enabled	microsoft.insights	diagnosticSettings	properties.logs[*].enabled	True		False
Microsoft.Insights/diagnosticSettings/metrics.enabled	microsoft.insights	diagnosticSettings	properties.metrics[*].enabled	True		False

Rule resource types

IF (1)

Microsoft.Logic/workflows

Compliance

The following 1 compliance controls are associated with this Policy definition 'Deploy Diagnostic Settings for Logic Apps to Event Hub' (a1dae6c7-13f3-48ea-a149-ff8442661f60)

Loading extensions...Loading extensions...

Rows: 1-1 / 1
Columns:
Select all:
Control Domain
Control
Name
MetadataId
Category
Title
Owner
Requirements
Description
Info
Policy#
Close
Columns▼Records:
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, **[empty]**, **[nonempty]**, **rgx:**
Learn more
TableFilter v0.7.3
https://www.tablefilter.com/
©2015-2025 Max Guglielmi
Close
?
Page of 1
Control Domain	Control	Name	MetadataId	Category	Title	Owner	Requirements	Description	Info	Policy#

RMiT_v1.0	10.66	RMiT_v1.0_10.66	RMiT 10.66	Security of Digital Services	Security of Digital Services - 10.66	Shared	n/a	A financial institution must implement robust technology security controls in providing digital services which assure the following: (a) confidentiality and integrity of customer and counterparty information and transactions; (b) reliability of services delivered via channels and devices with minimum disruption to services; (c) proper authentication of users or devices and authorisation of transactions; (d) sufficient audit trail and monitoring of anomalous transactions; (e) ability to identify and revert to the recovery point prior to incident or service disruption; and (f) strong physical control and logical control measures	link	29

Initiatives usage

Rows: 1-1 / 1
Records:
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, **[empty]**, **[nonempty]**, **rgx:**
Learn more
TableFilter v0.7.3
https://www.tablefilter.com/
©2015-2025 Max Guglielmi
Close
?
Page of 1
Initiative DisplayName	Initiative Id	Initiative Category	State	Type	polSet in AzUSGov

RMIT Malaysia	97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6	Regulatory Compliance	GA	BuiltIn	unknown

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2019-10-29 23:04:36	add	a1dae6c7-13f3-48ea-a149-ff8442661f60

JSON compare

n/a

JSON

api-version=2021-06-01
EPAC

{7 itemsdisplayName: "Deploy Diagnostic Settings for Logic Apps to Event Hub",
policyType: "BuiltIn",
mode: "Indexed",
description: "Deploys the diagnostic settings for Logic Apps to stream to a regional Event Hub when any Logic Apps which is missing this diagnostic settings is created or updated.",
metadata: {2 itemsversion: "2.0.0",
category: "Monitoring"
},
parameters: {6 itemseffect: {4 itemstype: "String",
metadata: {2 itemsdisplayName: "Effect",
description: "Enable or disable the execution of the policy"
},
allowedValues: [2 items"DeployIfNotExists",
"Disabled"
],
defaultValue: "DeployIfNotExists"
},
profileName: {3 itemstype: "String",
metadata: {2 itemsdisplayName: "Profile name",
description: "The diagnostic settings profile name"
},
defaultValue: "setbypolicy_eventHub"
},
eventHubRuleId: {2 itemstype: "String",
metadata: {4 itemsdisplayName: "Event Hub Authorization Rule Id",
description: "The Event Hub authorization rule Id for Azure Diagnostics. The authorization rule needs to be at Event Hub namespace level. e.g. /subscriptions/{subscription Id}/resourceGroups/{resource group}/providers/Microsoft.EventHub/namespaces/{Event Hub namespace}/authorizationrules/{authorization rule}",
strongType: "Microsoft.EventHub/Namespaces/AuthorizationRules",
assignPermissions: true
}
},
eventHubLocation: {3 itemstype: "String",
metadata: {3 itemsdisplayName: "Event Hub Location",
description: "The location the Event Hub resides in. Only Logic Apps in this location will be linked to this Event Hub.",
strongType: "location"
},
defaultValue: ""
},
metricsEnabled: {4 itemstype: "String",
metadata: {2 itemsdisplayName: "Enable metrics",
description: "Whether to enable metrics stream to the Event Hub - True or False"
},
allowedValues: [2 items"True",
"False"
],
defaultValue: "False"
},
logsEnabled: {4 itemstype: "String",
metadata: {2 itemsdisplayName: "Enable logs",
description: "Whether to enable logs stream to the Event Hub  - True or False"
},
allowedValues: [2 items"True",
"False"
],
defaultValue: "True"
}
},
policyRule: {2 itemsif: {1 itemallOf: [2 items{2 itemsfield: "type",
equals: "Microsoft.Logic/workflows"
},
{1 itemanyOf: [2 items{2 itemsvalue: "[parameters('eventHubLocation')]",
equals: ""
},
{2 itemsfield: "location",
equals: "[parameters('eventHubLocation')]"
}
]
}
]
},
then: {2 itemseffect: "[parameters('effect')]",
details: {5 itemstype: "Microsoft.Insights/diagnosticSettings",
name: "[parameters('profileName')]",
existenceCondition: {1 itemallOf: [2 items{2 itemsfield: "Microsoft.Insights/diagnosticSettings/logs.enabled",
equals: "[parameters('logsEnabled')]"
},
{2 itemsfield: "Microsoft.Insights/diagnosticSettings/metrics.enabled",
equals: "[parameters('metricsEnabled')]"
}
]
},
roleDefinitionIds: [1 item"/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" Contributor 
],
deployment: {1 itemproperties: {3 itemsmode: "incremental",
template: {6 items$schema: "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
contentVersion: "1.0.0.0",
parameters: {6 itemsresourceName: {1 itemtype: "string"
},
location: {1 itemtype: "string"
},
eventHubRuleId: {1 itemtype: "string"
},
metricsEnabled: {1 itemtype: "string"
},
logsEnabled: {1 itemtype: "string"
},
profileName: {1 itemtype: "string"
}
},
variables: {},
resources: [1 item{6 itemstype: "Microsoft.Logic/workflows/providers/diagnosticSettings",
apiVersion: "2017-05-01-preview",
name: 🔍"[
    concat(
        parameters('resourceName'),
       '/',
        'Microsoft.Insights/',
         parameters('profileName')
    )
]",
location: "[parameters('location')]",
dependsOn: [],
properties: {3 itemseventHubAuthorizationRuleId: "[parameters('eventHubRuleId')]",
metrics: [1 item{3 itemscategory: "AllMetrics",
enabled: "[parameters('metricsEnabled')]",
retentionPolicy: {2 itemsenabled: false,
days: 0
}
}
],
logs: [1 item{2 itemscategory: "WorkflowRuntime",
enabled: "[parameters('logsEnabled')]"
}
]
}
}
],
outputs: {}
},
parameters: {6 itemslocation: {1 itemvalue: "[field('location')]"
},
resourceName: {1 itemvalue: "[field('name')]"
},
eventHubRuleId: {1 itemvalue: "[parameters('eventHubRuleId')]"
},
metricsEnabled: {1 itemvalue: "[parameters('metricsEnabled')]"
},
logsEnabled: {1 itemvalue: "[parameters('logsEnabled')]"
},
profileName: {1 itemvalue: "[parameters('profileName')]"
}
}
}
}
}
}
}
}

Deploy Diagnostic Settings for Logic Apps to Event Hub

Azure BuiltIn Policy definition

TableFilter v0.7.3

TableFilter v0.7.3