Few months ago, I published a set of Azure Policy definitions to configure Azure resources diagnostic settings. You can find the original post here: https://blog.tyang.org/2018/11/19/configuring-azure-resources-diagnostic-log-settings-using-azure-policy/. The definitions were offered in the form of an ARM template.
Since then, I have updated these policies, with the following updates:
Additional policies for connecting Diagnostic Settings to Azure Event Hub
In addition to policies to connect diagnostic settings to Log Analytics, I have added another set of policies to connect diagnostic settings of applicable resources to Azure Event Hubs
Added ExistenceCondition in policy definitions
ExistenceCondition detects if the resource you are trying to deploy via Azure Policy already exists. This is helpful if your Azure resource has already got diagnostic settings connected. In this condition, the policy definition will skip the deployment defined in DeployIfNotExist effect. You can read more about ExistenceCondition here: https://docs.microsoft.com/en-us/azure/governance/policy/concepts/effects#deployifnotexists
Various bug fixes
I have decided not to maintain the ARM template for these policies, because it is too big (hard to maintain), and currently you can not deploy ARM templates to management groups. The updated and new definitions come in the format of individual definition files.
To bulk deploy them, I recommend you to use deploy-policyDef.ps1 script, which I covered my my previous post: https://blog.tyang.org/2019/05/19/deploying-azure-policy-definitions-via-azure-devops-part-1/
I have also added two Policy Initiative definitions for these policies: https://github.com/tyconsulting/azurepolicy/tree/master/initiative-definitions/resource-diagnostics-settings. To deploy these initiative definitions, you MUST use my deploy-policySetDef.ps1 script, which is explained in the same post.