Share via

Microsoft.AlertsManagement tenantActivityLogAlerts

  • Article
  • 12/09/2024
Choose a deployment language

Bicep resource definition

The tenantActivityLogAlerts resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.AlertsManagement/tenantActivityLogAlerts resource, add the following Bicep to your template.

resource symbolicname 'Microsoft.AlertsManagement/tenantActivityLogAlerts@2023-04-01-preview' = {
  location: 'string'
  name: 'string'
  properties: {
    actions: {
      actionGroups: [
        {
          actionGroupId: 'string'
          actionProperties: {
            {customized property}: 'string'
          }
          webhookProperties: {
            {customized property}: 'string'
          }
        }
      ]
    }
    condition: {
      allOf: [
        {
          anyOf: [
            {
              containsAny: [
                'string'
              ]
              equals: 'string'
              field: 'string'
            }
          ]
          containsAny: [
            'string'
          ]
          equals: 'string'
          field: 'string'
        }
      ]
    }
    description: 'string'
    enabled: bool
    scopes: [
      'string'
    ]
    tenantScope: 'string'
  }
  tags: {
    {customized property}: 'string'
  }
}

Property Values

ActionGroup

Name Description Value
actionGroupId The resource ID of the Action Group. This cannot be null or empty. string (required)
actionProperties Predefined list of properties and configuration items for the action group. ActionGroupActionProperties
webhookProperties the dictionary of custom properties to include with the post operation. These data are appended to the webhook payload. ActionGroupWebhookProperties

ActionGroupActionProperties

Name Description Value

ActionGroupWebhookProperties

Name Description Value

ActionList

Name Description Value
actionGroups The list of the Action Groups. ActionGroup[]

AlertRuleAllOfCondition

Name Description Value
allOf The list of Activity Log Alert rule conditions. AlertRuleAnyOfOrLeafCondition[] (required)

AlertRuleAnyOfOrLeafCondition

Name Description Value
anyOf An Activity Log Alert rule condition that is met when at least one of its member leaf conditions are met. AlertRuleLeafCondition[]
containsAny The value of the event's field will be compared to the values in this array (case-insensitive) to determine if the condition is met. string[]
equals The value of the event's field will be compared to this value (case-insensitive) to determine if the condition is met. string
field The name of the Activity Log event's field that this condition will examine.
The possible values for this field are (case-insensitive): 'resourceId', 'category', 'caller', 'level', 'operationName', 'resourceGroup', 'resourceProvider', 'status', 'subStatus', 'resourceType', or anything beginning with 'properties'.		 string

AlertRuleLeafCondition

Name Description Value
containsAny The value of the event's field will be compared to the values in this array (case-insensitive) to determine if the condition is met. string[]
equals The value of the event's field will be compared to this value (case-insensitive) to determine if the condition is met. string
field The name of the Activity Log event's field that this condition will examine.
The possible values for this field are (case-insensitive): 'resourceId', 'category', 'caller', 'level', 'operationName', 'resourceGroup', 'resourceProvider', 'status', 'subStatus', 'resourceType', or anything beginning with 'properties'.		 string

AlertRuleProperties

Name Description Value
actions The actions that will activate when the condition is met. ActionList (required)
condition The condition that will cause this alert to activate. AlertRuleAllOfCondition (required)
description A description of this Activity Log Alert rule. string
enabled Indicates whether this Activity Log Alert rule is enabled. If an Activity Log Alert rule is not enabled, then none of its actions will be activated. bool
scopes A list of resource IDs that will be used as prefixes. The alert will only apply to Activity Log events with resource IDs that fall under one of these prefixes. This list must include at least one item. string[]
tenantScope The tenant GUID. Must be provided for tenant-level and management group events rules. string

AzureResourceTags

Name Description Value

Microsoft.AlertsManagement/tenantActivityLogAlerts

Name Description Value
location The location of the resource. Since Azure Activity Log Alerts is a global service, the location of the rules should always be 'global'. string
name The resource name string

Constraints:
Pattern = ^[-\w\._\(\)]+$ (required)
properties The Activity Log Alert rule properties of the resource. AlertRuleProperties (required)
tags Resource tags Dictionary of tag names and values. See Tags in templates

ARM template resource definition

The tenantActivityLogAlerts resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.AlertsManagement/tenantActivityLogAlerts resource, add the following JSON to your template.

{
  "type": "Microsoft.AlertsManagement/tenantActivityLogAlerts",
  "apiVersion": "2023-04-01-preview",
  "name": "string",
  "location": "string",
  "properties": {
    "actions": {
      "actionGroups": [
        {
          "actionGroupId": "string",
          "actionProperties": {
            "{customized property}": "string"
          },
          "webhookProperties": {
            "{customized property}": "string"
          }
        }
      ]
    },
    "condition": {
      "allOf": [
        {
          "anyOf": [
            {
              "containsAny": [ "string" ],
              "equals": "string",
              "field": "string"
            }
          ],
          "containsAny": [ "string" ],
          "equals": "string",
          "field": "string"
        }
      ]
    },
    "description": "string",
    "enabled": "bool",
    "scopes": [ "string" ],
    "tenantScope": "string"
  },
  "tags": {
    "{customized property}": "string"
  }
}

Property Values

ActionGroup

Name Description Value
actionGroupId The resource ID of the Action Group. This cannot be null or empty. string (required)
actionProperties Predefined list of properties and configuration items for the action group. ActionGroupActionProperties
webhookProperties the dictionary of custom properties to include with the post operation. These data are appended to the webhook payload. ActionGroupWebhookProperties

ActionGroupActionProperties

Name Description Value

ActionGroupWebhookProperties

Name Description Value

ActionList

Name Description Value
actionGroups The list of the Action Groups. ActionGroup[]

AlertRuleAllOfCondition

Name Description Value
allOf The list of Activity Log Alert rule conditions. AlertRuleAnyOfOrLeafCondition[] (required)

AlertRuleAnyOfOrLeafCondition

Name Description Value
anyOf An Activity Log Alert rule condition that is met when at least one of its member leaf conditions are met. AlertRuleLeafCondition[]
containsAny The value of the event's field will be compared to the values in this array (case-insensitive) to determine if the condition is met. string[]
equals The value of the event's field will be compared to this value (case-insensitive) to determine if the condition is met. string
field The name of the Activity Log event's field that this condition will examine.
The possible values for this field are (case-insensitive): 'resourceId', 'category', 'caller', 'level', 'operationName', 'resourceGroup', 'resourceProvider', 'status', 'subStatus', 'resourceType', or anything beginning with 'properties'.		 string

AlertRuleLeafCondition

Name Description Value
containsAny The value of the event's field will be compared to the values in this array (case-insensitive) to determine if the condition is met. string[]
equals The value of the event's field will be compared to this value (case-insensitive) to determine if the condition is met. string
field The name of the Activity Log event's field that this condition will examine.
The possible values for this field are (case-insensitive): 'resourceId', 'category', 'caller', 'level', 'operationName', 'resourceGroup', 'resourceProvider', 'status', 'subStatus', 'resourceType', or anything beginning with 'properties'.		 string

AlertRuleProperties

Name Description Value
actions The actions that will activate when the condition is met. ActionList (required)
condition The condition that will cause this alert to activate. AlertRuleAllOfCondition (required)
description A description of this Activity Log Alert rule. string
enabled Indicates whether this Activity Log Alert rule is enabled. If an Activity Log Alert rule is not enabled, then none of its actions will be activated. bool
scopes A list of resource IDs that will be used as prefixes. The alert will only apply to Activity Log events with resource IDs that fall under one of these prefixes. This list must include at least one item. string[]
tenantScope The tenant GUID. Must be provided for tenant-level and management group events rules. string

AzureResourceTags

Name Description Value

Microsoft.AlertsManagement/tenantActivityLogAlerts

Name Description Value
apiVersion The api version '2023-04-01-preview'
location The location of the resource. Since Azure Activity Log Alerts is a global service, the location of the rules should always be 'global'. string
name The resource name string

Constraints:
Pattern = ^[-\w\._\(\)]+$ (required)
properties The Activity Log Alert rule properties of the resource. AlertRuleProperties (required)
tags Resource tags Dictionary of tag names and values. See Tags in templates
type The resource type 'Microsoft.AlertsManagement/tenantActivityLogAlerts'

Usage Examples

Terraform (AzAPI provider) resource definition

The tenantActivityLogAlerts resource type can be deployed with operations that target:

  • Management groups

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.AlertsManagement/tenantActivityLogAlerts resource, add the following Terraform to your template.

resource "azapi_resource" "symbolicname" {
  type = "Microsoft.AlertsManagement/tenantActivityLogAlerts@2023-04-01-preview"
  name = "string"
  location = "string"
  tags = {
    {customized property} = "string"
  }
  body = {
    properties = {
      actions = {
        actionGroups = [
          {
            actionGroupId = "string"
            actionProperties = {
              {customized property} = "string"
            }
            webhookProperties = {
              {customized property} = "string"
            }
          }
        ]
      }
      condition = {
        allOf = [
          {
            anyOf = [
              {
                containsAny = [
                  "string"
                ]
                equals = "string"
                field = "string"
              }
            ]
            containsAny = [
              "string"
            ]
            equals = "string"
            field = "string"
          }
        ]
      }
      description = "string"
      enabled = bool
      scopes = [
        "string"
      ]
      tenantScope = "string"
    }
  }
}

Property Values

ActionGroup

Name Description Value
actionGroupId The resource ID of the Action Group. This cannot be null or empty. string (required)
actionProperties Predefined list of properties and configuration items for the action group. ActionGroupActionProperties
webhookProperties the dictionary of custom properties to include with the post operation. These data are appended to the webhook payload. ActionGroupWebhookProperties

ActionGroupActionProperties

Name Description Value

ActionGroupWebhookProperties

Name Description Value

ActionList

Name Description Value
actionGroups The list of the Action Groups. ActionGroup[]

AlertRuleAllOfCondition

Name Description Value
allOf The list of Activity Log Alert rule conditions. AlertRuleAnyOfOrLeafCondition[] (required)

AlertRuleAnyOfOrLeafCondition

Name Description Value
anyOf An Activity Log Alert rule condition that is met when at least one of its member leaf conditions are met. AlertRuleLeafCondition[]
containsAny The value of the event's field will be compared to the values in this array (case-insensitive) to determine if the condition is met. string[]
equals The value of the event's field will be compared to this value (case-insensitive) to determine if the condition is met. string
field The name of the Activity Log event's field that this condition will examine.
The possible values for this field are (case-insensitive): 'resourceId', 'category', 'caller', 'level', 'operationName', 'resourceGroup', 'resourceProvider', 'status', 'subStatus', 'resourceType', or anything beginning with 'properties'.		 string

AlertRuleLeafCondition

Name Description Value
containsAny The value of the event's field will be compared to the values in this array (case-insensitive) to determine if the condition is met. string[]
equals The value of the event's field will be compared to this value (case-insensitive) to determine if the condition is met. string
field The name of the Activity Log event's field that this condition will examine.
The possible values for this field are (case-insensitive): 'resourceId', 'category', 'caller', 'level', 'operationName', 'resourceGroup', 'resourceProvider', 'status', 'subStatus', 'resourceType', or anything beginning with 'properties'.		 string

AlertRuleProperties

Name Description Value
actions The actions that will activate when the condition is met. ActionList (required)
condition The condition that will cause this alert to activate. AlertRuleAllOfCondition (required)
description A description of this Activity Log Alert rule. string
enabled Indicates whether this Activity Log Alert rule is enabled. If an Activity Log Alert rule is not enabled, then none of its actions will be activated. bool
scopes A list of resource IDs that will be used as prefixes. The alert will only apply to Activity Log events with resource IDs that fall under one of these prefixes. This list must include at least one item. string[]
tenantScope The tenant GUID. Must be provided for tenant-level and management group events rules. string

AzureResourceTags

Name Description Value

Microsoft.AlertsManagement/tenantActivityLogAlerts

Name Description Value
location The location of the resource. Since Azure Activity Log Alerts is a global service, the location of the rules should always be 'global'. string
name The resource name string

Constraints:
Pattern = ^[-\w\._\(\)]+$ (required)
properties The Activity Log Alert rule properties of the resource. AlertRuleProperties (required)
tags Resource tags Dictionary of tag names and values.
type The resource type "Microsoft.AlertsManagement/tenantActivityLogAlerts@2023-04-01-preview"