如何解决Azure策略创建一个deployifnotexists策略
我正在尝试从现有的AuditIfnotExists策略创建一个deployifnotexists策略。部署时不会出错,但是会出错,提示“没有相关资源与策略定义中的效果详细信息匹配”。评估政策时。当我将它部署到同一管理组时,AuditIfnotExists策略效果很好。我想知道我是否错过了什么。
此策略旨在为不存在的NSG组删除创建警报。 这是deployifnotexists政策-你们看到它有任何问题吗?任何输入表示赞赏。谢谢。
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#","contentVersion": "1.0.0.0","parameters": {
"effect": {
"type": "string","Metadata": {
"displayName": "Effect","description": "Enable or disable the execution of the policy"
},"allowedValues": [
"AuditIfNotExists","deployIfNotExists","disabled"
],"defaultValue": "deployIfNotExists"
}
},"variables": {
"actionGroupName": "dsactiongroup"
},"resources": [
{
"name": "CIS5.2.3-EnsureAuditDeleteNSG","type": "Microsoft.Authorization/policyDeFinitions","apiVersion": "2019-09-01","properties": {
"policyType": "Custom","displayName": "CIS 5.2.3 Ensure that Activity Log Alert exists for Delete Network Security Group (scored)","description": "Monitor Activity Alerts exist for specific activities.","mode": "all","Metadata": {
"category": "Audit"
},"parameters": {
},"policyRule": {
"if": {
"allOf": [
{
"field": "type","equals": "Microsoft.Resources/subscriptions"
}
]
},"then": {
"effect": "[parameters('effect')]","details": {
"type": "Microsoft.Insights/activitylogAlerts","existenceCondition": {
"allOf": [
{
"allOf": [
{
"not": {
"field": "Microsoft.Insights/activitylogAlerts/condition.allOf[*].field","notEquals": "category"
}
},{
"not": {
"field": "Microsoft.Insights/activitylogAlerts/condition.allOf[*].equals","notEquals": "Administrative"
}
}
]
},{
"allOf": [
{
"not": {
"field": "Microsoft.Insights/activitylogAlerts/condition.allOf[*].field","notEquals": "resourceType"
}
},"notEquals": "microsoft.network/networksecuritygroups"
}
}
]
},"notEquals": "operationName"
}
},"notEquals": "Microsoft.Network/networkSecurityGroups/delete"
}
}
]
}
]
},"roleDeFinitionIds": [
"/providers/microsoft.authorization/roleDeFinitions/749f88d5-cbae-40b8-bcfc-e573ddc772fa"
],"deployment": {
"properties": {
"mode": "incremental","template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#","parameters": {
},"variables": {
"actionGroupName": "dactiongroup"
},"resources": [
{
"name": "NSGRuleDeleted","type": "Microsoft.Insights/activitylogAlerts","location": "global","apiVersion": "2017-04-01","properties": {
"description": "NSG Rule Deleted","enabled": true,"condition": {
"allOf": [
{
"field": "category","equals": "Administrative"
},{
"field": "operationName","equals": "Microsoft.Network/networkSecurityGroups/securityRules/delete"
}
]
},"actions": {
"actionGroups": [
{
"actionGroupId": "[resourceId('Microsoft.Insights/actionGroups',variables('actionGroupName'))]"
}
]
}
}
}
],"outputs": {}
},"parameters": {
}
}
}
}
}
}
}
}
]
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
