-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpolicyAssignment.ps1
37 lines (24 loc) · 1.45 KB
/
policyAssignment.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
param
(
[Parameter(Mandatory = $True)]
[string]$resourceGroup,
[Parameter(Mandatory = $True)]
[string]$location,
[Parameter(Mandatory = $True)]
[string]$eventhubName,
[Parameter(Mandatory = $True)]
[string]$eventhubNameSpace,
[Parameter(Mandatory = $True)]
[string]$eventhubAuthorizationId,
[Parameter(Mandatory =$True)]
[string]$targetResourceGroup
)
$definition = Get-AzPolicySetDefinition | Where-Object { $_.Properties.DisplayName -eq 'Azure Diagnostics Policy Initiative to LM' }
$eventHubNamespaceId = Get-AzEventHubNamespace -ResourceGroupName $targetresourceGroup -NamespaceName $eventhubNameSpace
$eventHubId = Get-AzEventHub -ResourceGroupName $targetresourceGroup -NamespaceName $eventhubNameSpace -EventHubName $eventhubName
$eventHubAuthorizationIdParam = Get-AzEventHubAuthorizationRule -ResourceGroupName $targetresourceGroup -NamespaceName $eventhubNameSpace -Name $eventhubAuthorizationId
$azureRegionParam= @{'azureRegions'=($location)}
$eventHubParam = @{'eventHubName'=($eventHubId.Id);'eventHubRuleId'=($eventhubAuthorizationIdParam.Id);'azureRegions'=(-split $location);'profileName'=($resourceGroup);'metricsEnabled'=('True')}
$resource = Get-AzResourceGroup -Name $resourceGroup
$assignment = New-AzPolicyAssignment -Name $resourceGroup -DisplayName $resourceGroup -Scope $resource.ResourceId -PolicySetDefinition $definition -Location $location -PolicyParameterObject $eventHubParam -AssignIdentity
return $assignment