Updated Azure Policy Definitions for Azure Diagnostics Settings Again

less than 1 minute read

I firstly published a set of policy definitions for configuring Azure resource diagnostics settings last year. You can find the original post here: https://blog.tyang.org/2018/11/19/configuring-azure-resources-diagnostic-log-settings-using-azure-policy/. I have been keeping them up-to-date since then.

I’ve updated the Policy Definitions for the resource Diagnostic Settings again today with the following updates:

  • New Policies added:
    • Azure Bastion Hosts
    • Azure AD Domain Services
  • Existing Policy Updated:
    • Azure App Service – with the support for the additional logs announced at Ignite 2019. Also the name of the policy file has changed.
  • Removed (since they were incorrectly written in the first place and never worked):
    • VM
    • VMSS

You can find the latest version on my GitHub repo: https://github.com/tyconsulting/azurepolicy/tree/master/policy-definitions/resource-diagnostics-settings

Leave a comment