Я создал политику для исправления учетных записей хранения, для которых не включены журналы параметров диагностики (классические). Однако я получаю эту ошибку:
{"code": "DeploymentFailed", "message": "По крайней мере одна операция развертывания ресурса завершилась неудачно. Пожалуйста, перечислите операции развертывания для получения подробной информации. См. https://aka.ms/arm-debug для получения подробной информации об использовании. "," details ": [{" code ":" BadRequest "," message ":" {\ r \ n \ "error \": {\ r \ n \ "code \": \ "InvalidTemplate \", \ r \ n \ "message \": \ "Невозможно обработать выражения языка шаблонов для ресурса '/ subscriptions / provider / Microsoft .Insights / diagnosticsSettings / StorageLogs 'в строке' 1 'и столбце' 429 '. 'Параметр шаблона' logAnalytics 'не найден. Подробнее об использовании см. https://aka.ms/arm-template/#parameters. . '\ ", \ r \ n \" additionalInfo \ ": [\ r \ n {\ r \ n \" type \ ": \" TemplateViolation \ ", \ r \ n \" info \ ": {\ r \ n \ "lineNumber \": 1, \ r \ n \ "linePosition \": 429, \ r \ n \ "путь \": \ "\" \ r \ n} \ r \ n} \ r \ n ] \ r \ n} \ r \ n} "}]}
{
"properties": {
"displayName": "Deploy Diagnostic Settings for Storage Accounts to Log Analytics",
"mode": "Indexed",
"description": "Deploys the diagnostic settings for Storage Accounts to log read/write/delete and retain logs.",
"metadata": {
"category": "Monitoring"
},
"parameters": {
"effect": {
"type": "String",
"metadata": {
"displayName": "Effect",
"description": "Enable or disable the execution of the policy"
},
"allowedValues": [
"DeployIfNotExists",
"Disabled"
],
"defaultValue": "DeployIfNotExists"
},
"profileName": {
"type": "String",
"metadata": {
"displayName": "Profile Name",
"description": "The diagnostic setting profile name"
},
"default": "setbypolicy_logAnalytics"
},
"logAnalytics": {
"type": "String",
"metadata": {
"displayName": "Log Analytics workspace",
"description": "Select Log Analytics workspace from dropdown list. If this workspace is outside of the scope of the assignment you must manually grant 'Log Analytics Contributor' permissions (or similar) to the policy assignment's principal ID.",
"strongType": "omsWorkspace",
"assignPermissions": true
}
},
"metricsEnabled": {
"type": "String",
"metadata": {
"displayName": "Enable metrics",
"description": "Whether to enable metrics stream to the Event Hub - True or False"
},
"allowedValues": [
"True",
"False"
],
"defaultValue": "False"
},
"logsEnabled": {
"type": "String",
"metadata": {
"displayName": "Enable logs",
"description": "Whether to enable logs stream to the Event Hub - True or False"
},
"allowedValues": [
"True",
"False"
],
"defaultValue": "True"
}
},
"policyRule": {
"if": {
"field": "type",
"equals": "Microsoft.Storage/storageAccounts"
},
"then": {
"effect": "[parameters('effect')]",
"details": {
"type": "Microsoft.Insights/diagnosticSettings",
"name": "[parameters('profileName')]",
"existenceCondition": {
"allOf": [
{
"field": "Microsoft.Insights/diagnosticSettings/logs.enabled",
"equals": "parameters('logsEnabled')"
},
{
"field": "Microsoft.Insights/diagnosticSettings/metrics.enabled",
"equals": "parameters('metricsEnabled')]"
}
]
},
"roleDefinitionIds": [
"/providers/Microsoft.Authorization/roleDefinitions/"
],
"deployment": {
"properties": {
"mode": "Incremental",
"template": {
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"resourceName": {
"type": "string"
},
"logAnaltics": {
"type": "string"
},
"location": {
"type": "string"
},
"metricsEnabled": {
"type": "string"
},
"logsEnabled": {
"type": "string"
},
"profileName": {
"type": "string"
}
},
"variables": {},
"resources": [
{
"type": "Microsoft.Storage/storageAccounts/providers/diagnosticSettings",
"apiVersion": "2017-05-01-preview",
"name": "[concat(parameters('resourceName'), '/', 'Microsoft.Insights/', parameters('profileName'))]",
"location": "[parameters('location')]",
"dependsOn": [],
"properties": {
"workspaceId": "[parameters('logAnalytics')]",
"metrics": [
{
"category": "AllMetrics",
"enabled": true,
"retentionPolicy": {
"enabled": true,
"days": 365
}
}
],
"logs": [
{
"category": "Audit",
"enabled": true
},
{
"category": "Requests",
"enabled": true
}
]
}
}
],
"outputs": {}
},
"parameters": {
"location": {
"value": "[field('location')]"
},
"resourceName": {
"value": "[field('name')]"
},
"profileName": {
"value": "[parameters('profileName')]"
},
"metricsEnabled": {
"value": "[parameters('metricsEnabled')]"
},
"logsEnabled": {
"value": "[parameters('logsEnabled')]"
},
"logAnaltics": {
"value": "[parameters('logAnalytics')]"
}
}
}
}
}
}
}
}
}