There's a built-in Policy Definition 'Deploy a Flow Log resource with target virtual network' that can enable Flow Logging for virtual networks to a storage account. However, it doesn't support logging to a Log Analytics workspace.
There's a Community Policy 'Deploy a traffic analytics enabled flow log resource with target tagged network security group' that supports this, but only for NSG Flow Logging, not virtual network Flow Logging.
I combined built-in and Community Policy to support virtual network Flow Logging to a Log Analytics workspace.
There's a built-in Policy Definition 'Deploy a Flow Log resource with target virtual network' that can enable Flow Logging for virtual networks to a storage account. However, it doesn't support logging to a Log Analytics workspace.
There's a Community Policy 'Deploy a traffic analytics enabled flow log resource with target tagged network security group' that supports this, but only for NSG Flow Logging, not virtual network Flow Logging.
I combined built-in and Community Policy to support virtual network Flow Logging to a Log Analytics workspace.