search

Azure / Enterprise-Scale

The Azure Landing Zones (Enterprise-Scale) architecture provides prescriptive guidance coupled with Azure best practices, and it follows design principles across the critical design areas for organizations to define their Azure architecture
https://aka.ms/alz
MIT License
1.72k stars 973 forks source link

Bug Report - Deploy Diagnostic Settings for Virtual Networks fails in USGovernment #1331

Open mwmeehan opened 1 year ago

mwmeehan commented 1 year ago

When running remediation for the custom policy "Deploy Diagnostic Settings for Virtual Network to Log Analytics workspace" the remediation fails due to VMProtectionAlerts not being available in Azure Government yet. A remediation fails due to a bad request. Wondering if this is something that can be addressed or if we will just need to edit the policy for now until it is available in Gov.

Steps to reproduce

  1. Run remediation task in US Government
  2. Remediation fails due to a bad request as VMProtectionAlerts is not available in the government client

Screenshots image

image

image

Springstone commented 1 year ago

Hi @mwmeehan, thanks for raising this issue. Please refer to this new wiki page: https://github.com/Azure/Enterprise-Scale/wiki/ALZ-Policies-FAQ There is a lot changing around Diagnostic Settings at the moment, and we have challenges testing in US Gov :) I would suggest as a short term workaround to edit the policy as you suggested.