terraform-azurerm-diaganostics

Diagnostic module for Azure. Enables FedRAMP required log settings for supported resources to a Log Analytics Workspace.

Learn more at Coalfire OpenSource.

Description

Cloud(s) supported:{Government/Commercial} Both
Cloud(s) verified: Government
Product Version/License:
FedRAMP Compliance Support: Moderate, High
DoD Compliance Support:{IL4/5} IL4, IL5
Misc Framework Support:

Setup and usage

You can consume this as part of any Azure project. There are no known outside dependencies. View the module README for detailed instructions.

Code updates

If you need to support resources in addition to this list, you will need to creation additional config files.

These are the resources that this module supports:

ACR
Application Gateway
AKS
App Service
App Service Environment
Automation Accounts
Azure Virtual Desktop Hostpool
Azure Virtual Desktop Workspace
Backup (Recovery Services Vault)
Cosmos Database
Data Factory
Databricks
Event Hub
Functions
Azure Firewall
Key Vault
Kusto
Log Analytics Workspace
Load Balancer
Logic App
MSSQL Database
MSSQL Elastic Pools
MSSQL Server
MySQL Managed Instance
NSG
PostgreSQL Managed Instance
Redis
Redis Enterprise Cluster
SQL
Storage Accounts
Subscriptions
Vnet
Web App

Usage

provider "azurerm" {
  features {}
}

module "kv_diag" {
  source                = "github.com/Coalfire-CF/terraform-azurerm-diagnostics"
  diag_log_analytics_id = var.diag_log_analytics_id
  resource_id           = azurerm_key_vault.default.id
  resource_type         = "kv"
}

Requirements

No requirements.

Providers

Name	Version
azurerm	n/a

Modules

No modules.

Resources

Name	Type
azurerm_monitor_diagnostic_setting.aa_diag	resource
azurerm_monitor_diagnostic_setting.acr_diag	resource
azurerm_monitor_diagnostic_setting.agw_diag	resource
azurerm_monitor_diagnostic_setting.aks_diag	resource
azurerm_monitor_diagnostic_setting.ase_diag	resource
azurerm_monitor_diagnostic_setting.asp_diag	resource
azurerm_monitor_diagnostic_setting.avd_hostpool_diag	resource
azurerm_monitor_diagnostic_setting.avd_workspace_diag	resource
azurerm_monitor_diagnostic_setting.cdb_diag	resource
azurerm_monitor_diagnostic_setting.dbk_diag	resource
azurerm_monitor_diagnostic_setting.df_diag	resource
azurerm_monitor_diagnostic_setting.eh_diag	resource
azurerm_monitor_diagnostic_setting.file_table_diag	resource
azurerm_monitor_diagnostic_setting.func_diag	resource
azurerm_monitor_diagnostic_setting.fw_diag	resource
azurerm_monitor_diagnostic_setting.kusto_diag	resource
azurerm_monitor_diagnostic_setting.kv_diag	resource
azurerm_monitor_diagnostic_setting.law_diag	resource
azurerm_monitor_diagnostic_setting.lb_diag	resource
azurerm_monitor_diagnostic_setting.logicapp_diag	resource
azurerm_monitor_diagnostic_setting.msql_diag	resource
azurerm_monitor_diagnostic_setting.mssql_db_diag	resource
azurerm_monitor_diagnostic_setting.mssql_diag	resource
azurerm_monitor_diagnostic_setting.mssql_ep_diag	resource
azurerm_monitor_diagnostic_setting.nsg_diag	resource
azurerm_monitor_diagnostic_setting.psql_diag	resource
azurerm_monitor_diagnostic_setting.rdc_diag	resource
azurerm_monitor_diagnostic_setting.rdec_diag	resource
azurerm_monitor_diagnostic_setting.rsv_backup_diag	resource
azurerm_monitor_diagnostic_setting.rsv_site_recovery_diag	resource
azurerm_monitor_diagnostic_setting.sa_blob_diag	resource
azurerm_monitor_diagnostic_setting.sa_diag	resource
azurerm_monitor_diagnostic_setting.sa_queue_diag	resource
azurerm_monitor_diagnostic_setting.sa_table_diag	resource
azurerm_monitor_diagnostic_setting.sql_diag	resource
azurerm_monitor_diagnostic_setting.sub_diag	resource
azurerm_monitor_diagnostic_setting.vnet_diag	resource
azurerm_monitor_diagnostic_setting.webapp_diag	resource
azurerm_mssql_database_extended_auditing_policy.mssql_db_audit_policy	resource
azurerm_mssql_server_extended_auditing_policy.mssql_audit_policy	resource

Inputs

Name	Description	Type	Default	Required
diag_log_analytics_id	ID of the Log Analytics Workspace diagnostic logs should be sent to	`string`	n/a	yes
resource_id	Target resource ID	`string`	n/a	yes
resource_type	The resource type i.e Azure product name (follow CF naming convention).	`string`	n/a	yes

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
.github		.github
.gitignore		.gitignore
CONTRIBUTING.md		CONTRIBUTING.md
License.md		License.md
README.md		README.md
acr.tf		acr.tf
agw.tf		agw.tf
aks.tf		aks.tf
app_service.tf		app_service.tf
ase.tf		ase.tf
automation_account.tf		automation_account.tf
avd_hostpool.tf		avd_hostpool.tf
avd_workspace.tf		avd_workspace.tf
backup_vault.tf		backup_vault.tf
coalfire_logo.png		coalfire_logo.png
cosmos.tf		cosmos.tf
data_factory.tf		data_factory.tf
databricks.tf		databricks.tf
eventhub.tf		eventhub.tf
functions.tf		functions.tf
fw.tf		fw.tf
keyvault.tf		keyvault.tf
kusto.tf		kusto.tf
law.tf		law.tf
lb.tf		lb.tf
logicapp.tf		logicapp.tf
mssql.tf		mssql.tf
mssql_db.tf		mssql_db.tf
mssql_ep.tf		mssql_ep.tf
mysql.tf		mysql.tf
nsg.tf		nsg.tf
output.tf		output.tf
psql.tf		psql.tf
redis.tf		redis.tf
redis_enterprise.tf		redis_enterprise.tf
sql.tf		sql.tf
storage.tf		storage.tf
subscription.tf		subscription.tf
variables.tf		variables.tf
vnet.tf		vnet.tf
webapp.tf		webapp.tf

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

terraform-azurerm-diaganostics

Description

Setup and usage

Code updates

Usage

Requirements

Providers

Modules

Resources

Inputs

Outputs

Contributing

License

Contact Us

Copyright

About

Releases 1

Contributors 3

Languages

License

Coalfire-CF/terraform-azurerm-diagnostics

Folders and files

Latest commit

History

Repository files navigation

terraform-azurerm-diaganostics

Description

Setup and usage

Code updates

Usage

Requirements

Providers

Modules

Resources

Inputs

Outputs

Contributing

License

Contact Us

Copyright

About

Topics

Resources

License

Code of conduct

Stars

Watchers

Forks

Releases 1

Contributors 3

Languages