EventGrid/EventSubscription not supported for Diagnostics Settings to Log Analytics - Githubissues

Azure / CanadaPubSecALZ

This reference implementation is based on Cloud Adoption Framework for Azure and provides an opinionated implementation that enables ITSG-33 regulatory compliance by using NIST SP 800-53 Rev. 4 and Canada Federal PBMM Regulatory Compliance Policy Sets.

MIT License

121 stars 87 forks source link

EventGrid/EventSubscription not supported for Diagnostics Settings to Log Analytics #386

Closed CldEng-DT closed 10 months ago

CldEng-DT commented 12 months ago

Describe the bug After deploying the policy from ALZ 1.2, compliance could not be achieved on the Audit diagnostic setting for selected resource types . (CBS eventgrid/eventsubscription from the CCCS tool)

Expected behavior Expect that after remediation, resource types included in the above policy audit would be marked as compliant.

Screenshots I

The definition (https://github.com/Azure/CanadaPubSecALZ/blob/main/policy/custom/definitions/policyset/LogAnalytics.bicep) for Log Analytics includes 'Microsoft.EventGrid/eventSubscriptions' in the default values which targets it in the audit for diagnostics settings but this resource type does not support Diagnostics Settings as per the Microsoft documentation : https://learn.microsoft.com/en-us/azure/event-grid/enable-diagnostic-logs-topic

Additional context Add any other context about the problem here

CldEng-DT commented 12 months ago

Also found this in the assignment of PBMM built in policy https://github.com/Azure/CanadaPubSecALZ/blob/main/policy/builtin/assignments/pbmm.bicep