Aug 03 2022 01:00 AM
Hi all,
I have been tasked to create an Azure Advisor digest which would send an email to the subscription owner every 30 days with Azure Advisor digest. I have tens of subscriptions under different management groups. The first task is to create an Action Group for each subscription. I am thinking of using Azure Policy on the top management group level to create an AG for each sub. Where can I find a template for the action group creation policy definition? I have below one I tried to convert from network watcher but it is missing so many fields that I am sure I am nowhere close to it. Maybe using Blueprints is a better way of achieving this? Any ideas?
{
"properties": {
"displayName": "Deploy Action Group for each subscription",
"mode": "Indexed",
"description": "This policy deploys Action Group for a subscription if it doesn't exists.",
"metadata": {
"category": "Monitor"
},
"parameters": {},
"policyRule": {
"if": {
"field": "type",
"equals": "Microsoft.Insights/actiongroups"
},
"then": {
"effect": "DeployIfNotExists",
"details": {
"type": "Microsoft.Insights/actiongroups",
"resourceGroupName": "rg-actiongroups",
"existenceCondition": {
"field": "location",
"equals": "[field('location')]"
},
"roleDefinitionIds": [
"/providers/Microsoft.Authorization/roleDefinitions/4d97b98b-1d4f-4787-a291-c67834d212e7"
],
"deployment": {
"properties": {
"mode": "incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string"
}
},
"resources": [{
"apiVersion": "2016-09-01",
"type": "Microsoft.Insights/actiongroups",
"name": "[concat('actiongroup_',parameters('subscription')),parameters('location'))]",
"location": "[parameters('location')]"
}]
},
"parameters": {
"location": {
"value": "[field('location')]"
}
}
}
}
}
}
}
}
}