Turbot Guardrails Hub 
Hub
Policy Packs
Azure CIS v2.0.0 - Section 5 - Logging and Monitoring
Overview
9
Policy Settings
0
Variables
DevelopersGithub

Policy Setting: Azure > Resource Group > Stack > Source

Policies

This policy setting is dependent on the following policy types:

Source

resource "turbot_policy_setting" "azure_resource_group_stack_source" {
  resource       = turbot_policy_pack.main.id
  type           = "tmod:@turbot/azure#/policy/types/resourceGroupStackSource"
  note           = "Azure CIS v2.0.0 - Controls: 5.3.1"
  template_input = <<-EOT
    {
      resourceGroup  {
        metadata
      }
    }
    EOT
  template       = <<-EOT
    |
    resource "azurerm_log_analytics_workspace" "workspace_5_3_1" {
      # Your workspace name
      name                = "myWorkspace"
      location            = {{ $.resourceGroup.metadata.azure.regionName }}
      resource_group_name = {{ $.resourceGroup.metadata.azure.resourceGroupName }}
      # SKU type
      sku                 = "PerGB2018"
      retention_in_days   = 30
    }


    resource "azurerm_application_insights" "application_insights_5_3_1" {
      name                = "application_insight_5_3_1_name"
      location            = {{ $.resourceGroup.metadata.azure.regionName }}
      resource_group_name = {{ $.resourceGroup.metadata.azure.resourceGroupName }}
      application_type    = "web"
      workspace_id        = azurerm_log_analytics_workspace.workspace_5_3_1.id
    }
    EOT
}