module/ConfigurationProvider/ControlConfigurations/Services/AVDWorkspaces.json
|
{
"FeatureName": "AVDWorkspaces", "Reference": "", "IsMaintenanceMode": false, "Controls": [ { "ControlID": "Azure_AVD_Audit_Enable_Workspace_Diagnostics", "Description": "Diagnostic settings must be enabled for AVD Workspaces", "Id": "AVDWorkspaces100", "ControlSeverity": "High", "Automated": "Yes", "MethodName": "CheckDiagnosticsSettings", "DisplayName": "Diagnostic settings must be enabled for AVD Workspaces", "Category": "Monitoring must be correctly configured", "ControlRequirements": "Monitoring and auditing must be enabled and correctly configured according to prescribed organizational guidance", "Rationale": "Diagnostic logs are needed for creating activity trail while investigating an incident or a compromise.", "Recommendation": "You can create or update the diagnostic settings from the Azure Portal by following the steps given here: https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/diagnostic-settings?tabs=portal#create-diagnostic-settings.", "Tags": [ "SDL", "Automated", "Audit", "AVDWorkspaces", "Baseline", "Diagnostics" ], "ControlEvaluationDetails": { "RequiredProperties": [ "DiagnosticSettings" ] }, "ControlSettings": { "DiagnosticForeverRetentionValue": "0", "DiagnosticMinRetentionPeriod": "365", "DiagnosticLogs": [ "Checkpoint", "Management", "Error", "Feed" ] }, "Enabled": true, "CustomTags": [ "Daily", "TenantBaseline", "MSD", "TBv10", "TRWave4", "TRPreview", "TRBaseline", "CAIPreview", "EDPreview", "SMTPreview", "SN:AVD_WorkspaceDiagnostics" ] } ] } |