AKS Clusters Not Included in "Enable allLogs Category Group Resource Logging for Supported Resources to Log Analytics" Policy

[qaiserali]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Versions

terraform: 1.7

azure provider: 3.107

module: 6.1.0

Description

We have enabled diagnostic settings for all of our AKS clusters through the policy "Deploy Diagnostic Settings to Azure Services." This policy is now superseded by the built-in initiative Enable allLogs Category Group Resource Logging for Supported Resources to Log Analytics.

While this new policy initiative supports various Azure services, but it does not seem to include AKS clusters, leaving us unable to manage diagnostic settings for AKS through the policy.

Questions:

• Is there a reason why AKS clusters are not currently included in this policy initiative?
• Would it be advisable to individually assign the "Deploy Diagnostic Settings for Kubernetes Service to Log Analytics workspace" policy at the management group level to cover the diagnostic settings AKS clusters, or is there a better alternative?

Any clarification or recommendations would be greatly appreciated.

[matt-FFFFFF]

Hi routing upstream as pertains to policies

[gbr759]

It appears as though Microsoft.storage/storageaccounts is also missing from the list of supported resources.