diff --git a/.devcontainer/docker-compose.yml b/.devcontainer/docker-compose.yml index c69af5ffb..e817efdfc 100644 --- a/.devcontainer/docker-compose.yml +++ b/.devcontainer/docker-compose.yml @@ -6,7 +6,7 @@ version: '3.7' services: rover: - image: aztfmod/rover:1.5.4-2307.2804 + image: aztfmod/rover:1.5.6-2309.0507 user: vscode labels: diff --git a/.github/workflows/landingzones-tf100.yml b/.github/workflows/landingzones-tf100.yml index a10157458..99ef0bae1 100644 --- a/.github/workflows/landingzones-tf100.yml +++ b/.github/workflows/landingzones-tf100.yml @@ -39,7 +39,7 @@ jobs: random_length: ['5'] container: - image: aztfmod/rover:1.5.4-2307.2804 + image: aztfmod/rover:1.5.6-2309.0507 options: --user 0 steps: @@ -96,7 +96,7 @@ jobs: ] container: - image: aztfmod/rover:1.5.4-2307.2804 + image: aztfmod/rover:1.5.6-2309.0507 options: --user 0 steps: @@ -143,7 +143,7 @@ jobs: random_length: ['5'] container: - image: aztfmod/rover:1.5.4-2307.2804 + image: aztfmod/rover:1.5.6-2309.0507 options: --user 0 steps: @@ -198,7 +198,7 @@ jobs: ] container: - image: aztfmod/rover:1.5.4-2307.2804 + image: aztfmod/rover:1.5.6-2309.0507 options: --user 0 steps: @@ -244,7 +244,7 @@ jobs: random_length: ['5'] container: - image: aztfmod/rover:1.5.4-2307.2804 + image: aztfmod/rover:1.5.6-2309.0507 options: --user 0 steps: diff --git a/README.md b/README.md index 1ff0861e8..2d02e548e 100644 --- a/README.md +++ b/README.md @@ -2,22 +2,20 @@ [![Gitter](https://badges.gitter.im/aztfmod/community.svg)](https://gitter.im/aztfmod/community?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge) -# Cloud Adoption Framework for Azure Terraform landing zones +# Azure Terraform SRE -Microsoft [Cloud Adoption Framework for Azure](https://docs.microsoft.com/azure/cloud-adoption-framework/overview) provides you with guidance and best practices to adopt Azure. -CAF Terraform landing zones team mission statement is to: +Azure Terraform SRE (formely CAF Terraform) ambitions: * Equip the Site Reliability Engineering teams for Terraform on Azure. * Democratize an IaC: Infrastructure-as-Configuration. * Commoditize state management and enterprise-wide composition. -* Standardize deployments using Azure enterprise-scale landing zones. -* Implement Azure enterprise-scale design and approach with native Terraform and DevOps. +* Standardize deployments leveraging official Azure landing zones components. * Propose a prescriptive guidance on how to enable DevOps for infrastructure as code on Microsoft Azure. * Foster a community of Azure *Terraformers* using a common set of practices and sharing best practices. -You can review the different components parts of the Cloud Adoption Framework for Azure Terraform landing zones and look at the quick intro video below: +You can review the different components parts of the Azure Terraform SRE and look at the quick intro video below: [![caf_elements](./_pictures/caf_elements.png)](https://www.youtube.com/watch?v=FlQ17u4NNts "CAF Introduction") @@ -26,7 +24,7 @@ You can review the different components parts of the Cloud Adoption Framework fo When starting an enterprise deployment, we recommend you start creating a configuration repository where you craft the configuration files for your environments. -The best way to start is to clone the [platform starter repository](https://github.com/Azure/caf-terraform-landingzones-platform-starter) and getting started with the configuration files. +The best way to start is to clone the [platform starter repository](https://github.com/Azure/caf-terraform-landingzones-platform-starter) and getting started with the configuration files. If you are reading this, you are probably interested also in reading the doc as below: :books: Read our [centralized documentation page](https://aka.ms/caf/terraform) diff --git a/caf_launchpad/dynamic_secrets.tf b/caf_launchpad/dynamic_secrets.tf index 42d6183f3..4ba4dfb39 100644 --- a/caf_launchpad/dynamic_secrets.tf +++ b/caf_launchpad/dynamic_secrets.tf @@ -1,7 +1,7 @@ module "dynamic_keyvault_secrets" { source = "aztfmod/caf/azurerm//modules/security/dynamic_keyvault_secrets" - version = "5.7.3" + version = "5.7.4" for_each = try(var.dynamic_keyvault_secrets, {}) diff --git a/caf_launchpad/landingzone.tf b/caf_launchpad/landingzone.tf index baa939107..d894d5e43 100644 --- a/caf_launchpad/landingzone.tf +++ b/caf_launchpad/landingzone.tf @@ -1,6 +1,6 @@ module "launchpad" { source = "aztfmod/caf/azurerm" - version = "5.7.3" + version = "5.7.4" # source = "git::https://github.com/aztfmod/terraform-azurerm-caf.git?ref=main" providers = { diff --git a/caf_launchpad/scenario/200/diagnostics_definition.tfvars b/caf_launchpad/scenario/200/diagnostics_definition.tfvars index 10a20c4dd..24bdd4d0a 100644 --- a/caf_launchpad/scenario/200/diagnostics_definition.tfvars +++ b/caf_launchpad/scenario/200/diagnostics_definition.tfvars @@ -9,11 +9,11 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["Audit", true, false, 7], + ["Audit", true, false, 0], ] metric = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", true, false, 7], + ["AllMetrics", true, false, 0], ] } @@ -24,11 +24,11 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AuditEvent", true, false, 7], + ["AuditEvent", true, false, 0], ] metric = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", true, false, 7], + ["AllMetrics", true, false, 0], ] } @@ -39,7 +39,7 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["BastionAuditLogs", true, false, 7], + ["BastionAuditLogs", true, false, 0], ] } @@ -50,11 +50,11 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["VMProtectionAlerts", true, false, 7], + ["VMProtectionAlerts", true, false, 0], ] metric = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", true, false, 7], + ["AllMetrics", true, false, 0], ] } @@ -65,13 +65,13 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["DDoSProtectionNotifications", true, false, 7], - ["DDoSMitigationFlowLogs", true, false, 7], - ["DDoSMitigationReports", true, false, 7], + ["DDoSProtectionNotifications", true, false, 0], + ["DDoSMitigationFlowLogs", true, false, 0], + ["DDoSMitigationReports", true, false, 0], ] metric = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", true, false, 7], + ["AllMetrics", true, false, 0], ] } @@ -82,8 +82,8 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["NetworkSecurityGroupEvent", true, false, 7], - ["NetworkSecurityGroupRuleCounter", true, false, 7], + ["NetworkSecurityGroupEvent", true, false, 0], + ["NetworkSecurityGroupRuleCounter", true, false, 0], ] } @@ -94,11 +94,11 @@ diagnostics_definition = { categories = { # log = [ # # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - # ["AuditEvent", true, false, 7], + # ["AuditEvent", true, false, 0], # ] metric = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", true, false, 7], + ["AllMetrics", true, false, 0], ] } @@ -109,12 +109,12 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["ContainerRegistryRepositoryEvents", true, false, 7], - ["ContainerRegistryLoginEvents", true, false, 7], + ["ContainerRegistryRepositoryEvents", true, false, 0], + ["ContainerRegistryLoginEvents", true, false, 0], ] metric = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", true, false, 7], + ["AllMetrics", true, false, 0], ] } } @@ -124,17 +124,17 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["kube-apiserver", true, false, 7], - ["kube-audit", true, false, 7], - ["kube-audit-admin", true, false, 7], - ["kube-controller-manager", true, false, 7], - ["kube-scheduler", true, false, 7], - ["cluster-autoscaler", true, false, 7], - ["guard", true, false, 7], + ["kube-apiserver", true, false, 0], + ["kube-audit", true, false, 0], + ["kube-audit-admin", true, false, 0], + ["kube-controller-manager", true, false, 0], + ["kube-scheduler", true, false, 0], + ["cluster-autoscaler", true, false, 0], + ["guard", true, false, 0], ] metric = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", true, false, 7], + ["AllMetrics", true, false, 0], ] } } @@ -145,20 +145,20 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AzureBackupReport", true, true, 7], - ["CoreAzureBackup", true, true, 7], - ["AddonAzureBackupAlerts", true, true, 7], - ["AddonAzureBackupJobs", true, true, 7], - ["AddonAzureBackupPolicy", true, true, 7], - ["AddonAzureBackupProtectedInstance", true, true, 7], - ["AddonAzureBackupStorage", true, true, 7], - ["AzureSiteRecoveryJobs", true, true, 7], - ["AzureSiteRecoveryEvents", true, true, 7], - ["AzureSiteRecoveryReplicatedItems", true, true, 7], - ["AzureSiteRecoveryReplicationStats", true, true, 7], - ["AzureSiteRecoveryRecoveryPoints", true, true, 7], - ["AzureSiteRecoveryReplicationDataUploadRate", true, true, 7], - ["AzureSiteRecoveryProtectedDiskDataChurn", true, true, 30], + ["AzureBackupReport", true, true, 0], + ["CoreAzureBackup", true, true, 0], + ["AddonAzureBackupAlerts", true, true, 0], + ["AddonAzureBackupJobs", true, true, 0], + ["AddonAzureBackupPolicy", true, true, 0], + ["AddonAzureBackupProtectedInstance", true, true, 0], + ["AddonAzureBackupStorage", true, true, 0], + ["AzureSiteRecoveryJobs", true, true, 0], + ["AzureSiteRecoveryEvents", true, true, 0], + ["AzureSiteRecoveryReplicatedItems", true, true, 0], + ["AzureSiteRecoveryReplicationStats", true, true, 0], + ["AzureSiteRecoveryRecoveryPoints", true, true, 0], + ["AzureSiteRecoveryReplicationDataUploadRate", true, true, 0], + ["AzureSiteRecoveryProtectedDiskDataChurn", true, true, 0], ] metric = [ #["AllMetrics", 60, True], @@ -172,13 +172,13 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["JobLogs", true, true, 30], - ["JobStreams", true, true, 30], - ["DscNodeStatus", true, true, 30], + ["JobLogs", true, true, 0], + ["JobStreams", true, true, 0], + ["DscNodeStatus", true, true, 0], ] metric = [ # ["Category name", "Metric Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", true, true, 30], + ["AllMetrics", true, true, 0], ] } @@ -189,17 +189,17 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["ArchiveLogs", true, false, 7], - ["OperationalLogs", true, false, 7], - ["AutoScaleLogs", true, false, 7], - ["KafkaCoordinatorLogs", true, false, 7], - ["KafkaUserErrorLogs", true, false, 7], - ["EventHubVNetConnectionEvent", true, false, 7], - ["CustomerManagedKeyUserLogs", true, false, 7], + ["ArchiveLogs", true, false, 0], + ["OperationalLogs", true, false, 0], + ["AutoScaleLogs", true, false, 0], + ["KafkaCoordinatorLogs", true, false, 0], + ["KafkaUserErrorLogs", true, false, 0], + ["EventHubVNetConnectionEvent", true, false, 0], + ["CustomerManagedKeyUserLogs", true, false, 0], ] metric = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", true, false, 7], + ["AllMetrics", true, false, 0], ] } @@ -210,11 +210,11 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AuditEvent", true, true, 365], + ["AuditEvent", true, true, 0], ] metric = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", false, false, 7], + ["AllMetrics", false, false, 0], ] } diff --git a/caf_solution/dynamic_secrets.tf b/caf_solution/dynamic_secrets.tf index d8b00f864..6d00d0631 100644 --- a/caf_solution/dynamic_secrets.tf +++ b/caf_solution/dynamic_secrets.tf @@ -1,6 +1,6 @@ module "dynamic_keyvault_secrets" { source = "aztfmod/caf/azurerm//modules/security/dynamic_keyvault_secrets" - version = "5.7.3" + version = "5.7.4" for_each = { for keyvault_key, secrets in try(var.dynamic_keyvault_secrets, {}) : keyvault_key => { diff --git a/caf_solution/landingzone.tf b/caf_solution/landingzone.tf index 4a63f077b..eb594e8c1 100644 --- a/caf_solution/landingzone.tf +++ b/caf_solution/landingzone.tf @@ -1,6 +1,6 @@ module "solution" { source = "aztfmod/caf/azurerm" - version = "5.7.3" + version = "5.7.4" # source = "git::https://github.com/aztfmod/terraform-azurerm-caf.git?ref=main" providers = { diff --git a/caf_solution/local.maps.tf b/caf_solution/local.maps.tf index 81514faa4..fe56eabe2 100644 --- a/caf_solution/local.maps.tf +++ b/caf_solution/local.maps.tf @@ -2,7 +2,7 @@ locals { maps = merge( var.maps, { - maps_accounts = var.maps_accounts + maps_accounts = var.maps_accounts } ) } diff --git a/caf_solution/scenario/networking/200-single-region-hub/configuration.tfvars b/caf_solution/scenario/networking/200-single-region-hub/configuration.tfvars index 6a6126d07..481535344 100644 --- a/caf_solution/scenario/networking/200-single-region-hub/configuration.tfvars +++ b/caf_solution/scenario/networking/200-single-region-hub/configuration.tfvars @@ -563,12 +563,12 @@ diagnostics_definition = { categories = { log = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AzureFirewallApplicationRule", true, true, 7], - ["AzureFirewallNetworkRule", true, true, 7], - ["AzureFirewallDnsProxy", true, true, 7], + ["AzureFirewallApplicationRule", true, true, 0], + ["AzureFirewallNetworkRule", true, true, 0], + ["AzureFirewallDnsProxy", true, true, 0], ] metric = [ - ["AllMetrics", true, true, 7], + ["AllMetrics", true, true, 0], ] } } @@ -578,12 +578,12 @@ diagnostics_definition = { categories = { log = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["DDoSProtectionNotifications", true, true, 7], - ["DDoSMitigationFlowLogs", true, true, 7], - ["DDoSMitigationReports", true, true, 7], + ["DDoSProtectionNotifications", true, true, 0], + ["DDoSMitigationFlowLogs", true, true, 0], + ["DDoSMitigationReports", true, true, 0], ] metric = [ - ["AllMetrics", true, true, 7], + ["AllMetrics", true, true, 0], ] } } @@ -593,12 +593,12 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["ContainerRegistryRepositoryEvents", true, false, 7], - ["ContainerRegistryLoginEvents", true, false, 7], + ["ContainerRegistryRepositoryEvents", true, false, 0], + ["ContainerRegistryLoginEvents", true, false, 0], ] metric = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", true, false, 7], + ["AllMetrics", true, false, 0], ] } } diff --git a/caf_solution/scenario/networking/201-multi-region-hub/configuration.tfvars b/caf_solution/scenario/networking/201-multi-region-hub/configuration.tfvars index c402061e0..3c3ad0ce0 100644 --- a/caf_solution/scenario/networking/201-multi-region-hub/configuration.tfvars +++ b/caf_solution/scenario/networking/201-multi-region-hub/configuration.tfvars @@ -718,12 +718,12 @@ diagnostics_definition = { categories = { log = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AzureFirewallApplicationRule", true, true, 7], - ["AzureFirewallNetworkRule", true, true, 7], - ["AzureFirewallDnsProxy", true, true, 7], + ["AzureFirewallApplicationRule", true, true, 0], + ["AzureFirewallNetworkRule", true, true, 0], + ["AzureFirewallDnsProxy", true, true, 0], ] metric = [ - ["AllMetrics", true, true, 7], + ["AllMetrics", true, true, 0], ] } } @@ -733,12 +733,12 @@ diagnostics_definition = { categories = { log = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["DDoSProtectionNotifications", true, true, 7], - ["DDoSMitigationFlowLogs", true, true, 7], - ["DDoSMitigationReports", true, true, 7], + ["DDoSProtectionNotifications", true, true, 0], + ["DDoSMitigationFlowLogs", true, true, 0], + ["DDoSMitigationReports", true, true, 0], ] metric = [ - ["AllMetrics", true, true, 7], + ["AllMetrics", true, true, 0], ] } } @@ -748,12 +748,12 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["ContainerRegistryRepositoryEvents", true, false, 7], - ["ContainerRegistryLoginEvents", true, false, 7], + ["ContainerRegistryRepositoryEvents", true, false, 0], + ["ContainerRegistryLoginEvents", true, false, 0], ] metric = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", true, false, 7], + ["AllMetrics", true, false, 0], ] } } diff --git a/caf_solution/scenario/networking/210-aks-private/configuration.tfvars b/caf_solution/scenario/networking/210-aks-private/configuration.tfvars index f243d609e..96a62cd59 100644 --- a/caf_solution/scenario/networking/210-aks-private/configuration.tfvars +++ b/caf_solution/scenario/networking/210-aks-private/configuration.tfvars @@ -691,12 +691,12 @@ diagnostics_definition = { categories = { log = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AzureFirewallApplicationRule", true, true, 7], - ["AzureFirewallNetworkRule", true, true, 7], - ["AzureFirewallDnsProxy", true, true, 7], + ["AzureFirewallApplicationRule", true, true, 0], + ["AzureFirewallNetworkRule", true, true, 0], + ["AzureFirewallDnsProxy", true, true, 0], ] metric = [ - ["AllMetrics", true, true, 7], + ["AllMetrics", true, true, 0], ] } } @@ -706,12 +706,12 @@ diagnostics_definition = { categories = { log = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["DDoSProtectionNotifications", true, true, 7], - ["DDoSMitigationFlowLogs", true, true, 7], - ["DDoSMitigationReports", true, true, 7], + ["DDoSProtectionNotifications", true, true, 0], + ["DDoSMitigationFlowLogs", true, true, 0], + ["DDoSMitigationReports", true, true, 0], ] metric = [ - ["AllMetrics", true, true, 7], + ["AllMetrics", true, true, 0], ] } } @@ -721,12 +721,12 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["ContainerRegistryRepositoryEvents", true, false, 7], - ["ContainerRegistryLoginEvents", true, false, 7], + ["ContainerRegistryRepositoryEvents", true, false, 0], + ["ContainerRegistryLoginEvents", true, false, 0], ] metric = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", true, false, 7], + ["AllMetrics", true, false, 0], ] } } diff --git a/caf_solution/variables.maps.tf b/caf_solution/variables.maps.tf index daeacbb05..b289a7c07 100644 --- a/caf_solution/variables.maps.tf +++ b/caf_solution/variables.maps.tf @@ -1,5 +1,5 @@ variable "maps" { - default = {} + default = {} } variable "maps_accounts" { diff --git a/rover_on_ssh_host.yml b/rover_on_ssh_host.yml index 6d6678b7e..f00cff7fc 100644 --- a/rover_on_ssh_host.yml +++ b/rover_on_ssh_host.yml @@ -11,7 +11,7 @@ version: '3.7' services: rover: - image: aztfmod/rover:1.5.4-2307.2804 + image: aztfmod/rover:1.5.6-2309.0507 user: vscode diff --git a/templates/resources/diagnostics_definition.tfvars.j2 b/templates/resources/diagnostics_definition.tfvars.j2 index c6a7a3ce2..091310606 100644 --- a/templates/resources/diagnostics_definition.tfvars.j2 +++ b/templates/resources/diagnostics_definition.tfvars.j2 @@ -9,11 +9,11 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["Audit", true, false, 7], + ["Audit", true, false, 0], ] metric = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", true, false, 7], + ["AllMetrics", true, false, 0], ] } @@ -24,11 +24,11 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AuditEvent", true, false, 7], + ["AuditEvent", true, false, 0], ] metric = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", true, false, 7], + ["AllMetrics", true, false, 0], ] } @@ -39,7 +39,7 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["BastionAuditLogs", true, false, 7], + ["BastionAuditLogs", true, false, 0], ] } @@ -50,11 +50,11 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["VMProtectionAlerts", true, false, 7], + ["VMProtectionAlerts", true, false, 0], ] metric = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", true, false, 7], + ["AllMetrics", true, false, 0], ] } @@ -65,13 +65,13 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["DDoSProtectionNotifications", true, false, 7], - ["DDoSMitigationFlowLogs", true, false, 7], - ["DDoSMitigationReports", true, false, 7], + ["DDoSProtectionNotifications", true, false, 0], + ["DDoSMitigationFlowLogs", true, false, 0], + ["DDoSMitigationReports", true, false, 0], ] metric = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", true, false, 7], + ["AllMetrics", true, false, 0], ] } @@ -82,8 +82,8 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["NetworkSecurityGroupEvent", true, false, 7], - ["NetworkSecurityGroupRuleCounter", true, false, 7], + ["NetworkSecurityGroupEvent", true, false, 0], + ["NetworkSecurityGroupRuleCounter", true, false, 0], ] } @@ -94,11 +94,11 @@ diagnostics_definition = { categories = { # log = [ # # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - # ["AuditEvent", true, false, 7], + # ["AuditEvent", true, false, 0], # ] metric = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", true, false, 7], + ["AllMetrics", true, false, 0], ] } @@ -109,12 +109,12 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["ContainerRegistryRepositoryEvents", true, false, 7], - ["ContainerRegistryLoginEvents", true, false, 7], + ["ContainerRegistryRepositoryEvents", true, false, 0], + ["ContainerRegistryLoginEvents", true, false, 0], ] metric = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", true, false, 7], + ["AllMetrics", true, false, 0], ] } } @@ -124,17 +124,17 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["kube-apiserver", true, false, 7], - ["kube-audit", true, false, 7], - ["kube-audit-admin", true, false, 7], - ["kube-controller-manager", true, false, 7], - ["kube-scheduler", true, false, 7], - ["cluster-autoscaler", true, false, 7], - ["guard", true, false, 7], + ["kube-apiserver", true, false, 0], + ["kube-audit", true, false, 0], + ["kube-audit-admin", true, false, 0], + ["kube-controller-manager", true, false, 0], + ["kube-scheduler", true, false, 0], + ["cluster-autoscaler", true, false, 0], + ["guard", true, false, 0], ] metric = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", true, false, 7], + ["AllMetrics", true, false, 0], ] } } @@ -145,20 +145,20 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AzureBackupReport", true, true, 7], - ["CoreAzureBackup", true, true, 7], - ["AddonAzureBackupAlerts", true, true, 7], - ["AddonAzureBackupJobs", true, true, 7], - ["AddonAzureBackupPolicy", true, true, 7], - ["AddonAzureBackupProtectedInstance", true, true, 7], - ["AddonAzureBackupStorage", true, true, 7], - ["AzureSiteRecoveryJobs", true, true, 7], - ["AzureSiteRecoveryEvents", true, true, 7], - ["AzureSiteRecoveryReplicatedItems", true, true, 7], - ["AzureSiteRecoveryReplicationStats", true, true, 7], - ["AzureSiteRecoveryRecoveryPoints", true, true, 7], - ["AzureSiteRecoveryReplicationDataUploadRate", true, true, 7], - ["AzureSiteRecoveryProtectedDiskDataChurn", true, true, 30], + ["AzureBackupReport", true, true, 0], + ["CoreAzureBackup", true, true, 0], + ["AddonAzureBackupAlerts", true, true, 0], + ["AddonAzureBackupJobs", true, true, 0], + ["AddonAzureBackupPolicy", true, true, 0], + ["AddonAzureBackupProtectedInstance", true, true, 0], + ["AddonAzureBackupStorage", true, true, 0], + ["AzureSiteRecoveryJobs", true, true, 0], + ["AzureSiteRecoveryEvents", true, true, 0], + ["AzureSiteRecoveryReplicatedItems", true, true, 0], + ["AzureSiteRecoveryReplicationStats", true, true, 0], + ["AzureSiteRecoveryRecoveryPoints", true, true, 0], + ["AzureSiteRecoveryReplicationDataUploadRate", true, true, 0], + ["AzureSiteRecoveryProtectedDiskDataChurn", true, true, 0], ] metric = [ #["AllMetrics", 60, True], @@ -172,13 +172,13 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["JobLogs", true, true, 30], - ["JobStreams", true, true, 30], - ["DscNodeStatus", true, true, 30], + ["JobLogs", true, true, 0], + ["JobStreams", true, true, 0], + ["DscNodeStatus", true, true, 0], ] metric = [ # ["Category name", "Metric Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", true, true, 30], + ["AllMetrics", true, true, 0], ] } @@ -189,17 +189,17 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["ArchiveLogs", true, false, 7], - ["OperationalLogs", true, false, 7], - ["AutoScaleLogs", true, false, 7], - ["KafkaCoordinatorLogs", true, false, 7], - ["KafkaUserErrorLogs", true, false, 7], - ["EventHubVNetConnectionEvent", true, false, 7], - ["CustomerManagedKeyUserLogs", true, false, 7], + ["ArchiveLogs", true, false, 0], + ["OperationalLogs", true, false, 0], + ["AutoScaleLogs", true, false, 0], + ["KafkaCoordinatorLogs", true, false, 0], + ["KafkaUserErrorLogs", true, false, 0], + ["EventHubVNetConnectionEvent", true, false, 0], + ["CustomerManagedKeyUserLogs", true, false, 0], ] metric = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", true, false, 7], + ["AllMetrics", true, false, 0], ] } @@ -210,11 +210,11 @@ diagnostics_definition = { categories = { log = [ # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AuditEvent", true, true, 365], + ["AuditEvent", true, true, 0], ] metric = [ #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period] - ["AllMetrics", false, false, 7], + ["AllMetrics", false, false, 0], ] }