Pattern: Missing capture of all Azure Monitor regions
Issue: -
Log profiles should capture all regions to ensure that all events are logged
Resolution: Enable capture for all locations.
Example of incorrect code:
resource "azurerm_monitor_log_profile" "bad_example" {
name = "bad_example"
categories = []
locations = [
"westus",
"global",
]
retention_policy {
enabled = true
days = 7
}
}Example of correct code:
resource "azurerm_monitor_log_profile" "bad_example" {
name = "bad_example"
categories = []
locations = [
"eastus",
"eastus2",
"southcentralus",
"westus2",
"westus3",
"australiaeast",
"southeastasia",
"northeurope",
"swedencentral",
"uksouth",
"westeurope",
"centralus",
"northcentralus",
"westus",
"southafricanorth",
"centralindia",
"eastasia",
"japaneast",
"jioindiawest",
"koreacentral",
"canadacentral",
"francecentral",
"germanywestcentral",
"norwayeast",
"switzerlandnorth",
"uaenorth",
"brazilsouth",
"centralusstage",
"eastusstage",
"eastus2stage",
"northcentralusstage",
"southcentralusstage",
"westusstage",
"westus2stage",
"asia",
"asiapacific",
"australia",
"brazil",
"canada",
"europe",
"global",
"india",
"japan",
"uk",
"unitedstates",
"eastasiastage",
"southeastasiastage",
"centraluseuap",
"eastus2euap",
"westcentralus",
"southafricawest",
"australiacentral",
"australiacentral2",
"australiasoutheast",
"japanwest",
"jioindiacentral",
"koreasouth",
"southindia",
"westindia",
"canadaeast",
"francesouth",
"germanynorth",
"norwaywest",
"swedensouth",
"switzerlandwest",
"ukwest",
"uaecentral",
"brazilsoutheast",
]
retention_policy {
enabled = true
days = 7
}
}