Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(azure): customize entra and platform logs (SSPROD-43735) #52

Merged
merged 9 commits into from
Sep 2, 2024
Merged

feat(azure): customize entra and platform logs (SSPROD-43735) #52

merged 9 commits into from
Sep 2, 2024

Conversation

SKosier
Copy link
Contributor

@SKosier SKosier commented Aug 27, 2024

No description provided.

@SKosier SKosier requested a review from a team as a code owner August 27, 2024 15:40
@SKosier SKosier self-assigned this Aug 27, 2024
@SKosier SKosier force-pushed the skosier/modular-onboarding/entra-logs branch from b85e015 to 15c7ea8 Compare August 27, 2024 16:29
@SKosier SKosier requested a review from a team as a code owner August 27, 2024 16:29
legobrick
legobrick suggested changes Aug 29, 2024
View reviewed changes
Copy link

@legobrick legobrick left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need to make this backwards compatible, so the default setup should enable everything. We should also continue supporting enable_entra variable for the time being, for whomever has a onboarding setup generated after that was introduced

modules/integrations/event-hub/main.tf Outdated Show resolved Hide resolved
modules/integrations/event-hub/variables.tf Outdated Show resolved Hide resolved
SKosier and others added 2 commits August 29, 2024 11:46
@SKosier @legobrick
Update entra default settings
6c07997 
Co-authored-by: Paolo Polidori <[email protected]>
@SKosier @legobrick
update if entra will be enabled
e7b0022 
Co-authored-by: Paolo Polidori <[email protected]>
legobrick
legobrick suggested changes Sep 2, 2024
View reviewed changes
Copy link

@legobrick legobrick left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please adapt the README to add the new variables
Also mark enabled_entra_logs as deprecated

jacalvo
jacalvo approved these changes Sep 2, 2024
View reviewed changes
Copy link
Contributor

@jacalvo jacalvo left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can confirm this is working, tested pointing to the local module on skosier/modular-onboarding/entra-logs branch with this:

  enabled_entra_logs       = ["SignInLogs","NonInteractiveUserSignInLogs","ServicePrincipalSignInLogs","ManagedIdentitySignInLogs","ProvisioningLogs","ADFSSignInLogs","RiskyUsers","UserRiskEvents","NetworkAccessTrafficLogs","RiskyServicePrincipals","ServicePrincipalRiskEvents","EnrichedOffice365AuditLogs","MicrosoftGraphActivityLogs"]
  enabled_platform_logs    = ["Administrative","Policy"]

And diagnostic settings are created as expected:
image
image

@SKosier SKosier requested a review from legobrick September 2, 2024 14:14
Sanja Kosier added 2 commits September 2, 2024 16:23
@SKosier @legobrick
apply feedback
2730c1c 
Co-authored-by: Paolo Polidori <[email protected]>
@SKosier SKosier force-pushed the skosier/modular-onboarding/entra-logs branch from 8d7e556 to 2730c1c Compare September 2, 2024 14:36
@SKosier SKosier requested a review from legobrick September 2, 2024 14:37
@SKosier SKosier merged commit 917593e into main Sep 2, 2024
@SKosier SKosier deleted the skosier/modular-onboarding/entra-logs branch September 2, 2024 14:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@legobrick legobrick legobrick approved these changes

@jacalvo jacalvo jacalvo approved these changes

Assignees

@SKosier SKosier

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@SKosier @jacalvo @legobrick