marrobi
commented
1 year ago We can do this via Azure Policy similar to https://github.com/microsoft/AzureTRE/pull/3623#issuecomment-1673318288
Then remove all diagnostic settings from resources.
This will also improve experience when have orphaned diagnostic settings in Azure monitor.
For auditing and troubleshooting purposes, all Azure resources provisioned should have logging and auditing enabled. At this moment, we don't have any policies explicitly defined. These needs to be defined, implemented and clearly documented.
_Originally posted by @deniscep in https://github.com/microsoft/AzureTRE/pull/49#discussion_r628223315_