Review / Update Diagnostics Collection

[AErmie]

In Azure Monitor > Settings: Diagnostic Settings, not all Azure resource types have diagnostics enabled. We should conduct a review/spot-check to ensure the appropriate Azure Policies are deployed and applied, to ensure we are capturing required diagnostics data.

From a quick review, the following Azure resource types are missing diagnostics:

• Virtual Hub
• Firewall
• Storage (blob, queue, table, file)
• Azure Machine Learning workspace
• Log Analytics workspace
• Automaton Account

Acceptance Criteria

Generated by Zenhub AI

• [ ] Scenario: Review and update diagnostics collection for Azure resources
  • Given a list of missing Azure resource types without diagnostics is provided
  • When the team reviews and updates the diagnostic settings for these resources
  • Then all required diagnostics data should be captured for the mentioned resources

[AErmie]

It appeared that some Azure Policy errors occurred due to various Resource Providers not being registered.

However, in this specific instance, the microsoft.insights provider was already registered!

Triggered re-register the provider. Then triggered a re-deploy of the Azure Policy template, which completed successfully.

Resource Providers (FORGE vs LIVE)

Connectivity Subscription

In comparing the FORGE environment with the LIVE environment (specifically the Connectivity subscription), the following Resource Providers were registered in FORGE, but not in LIVE:

• Microsoft.AlertsManagement
• Microsoft.ChangeAnalysis
• Microsoft.TimeSeriesInsights

Management Subscription

In comparing the FORGE environment with the LIVE environment (specifically the Management subscription), the following Resource Providers were registered in FORGE, but not in LIVE:

• Microsoft.CloudShell
• Microsoft.TimeSeriesInsights

[AErmie]

This might be due to some Azure Policies not being applied/deploying correctly. Needs investigation.