Alias Request: Microsoft.Security/logCollection

Azure / azure-policy

Repository for Azure Resource Policy built-in definitions and samples

MIT License

1.51k stars 1.09k forks source link

Alias Request: Microsoft.Security/logCollection #127

Closed klawrie closed 6 years ago

klawrie commented 6 years ago

Scenario - Audit that Data Collection is enabled in Security Center at a subscription level Definition - If Security Center data collection is off, audit as non-compliant Example;

{ "if": { "field": "type", "equals": "Microsoft.Security" }, "then": { "effect": "AuditIfNotExists", "details": { "type": "Microsoft.Security/logCollection", "name": "default", "existenceCondition": { "allOf": [{ "field": "Microsoft.Security/logCollection", "equals": "On" } ] } } } }

eladperets commented 6 years ago

There's no 'logCollection' resource, I assume you mean the logCollection property within Microsoft.Security/policies resource type

eladperets commented 6 years ago

Done