krnese/deploy log analytics

## deploy log analytics
{
    "properties": {
        "displayName": "Deploy Azure Log Analytics if not exist on subscription",
        "mode": "All",
        "policyType": "Custom",
        "parameters": {
            "workspaceName": {
                "type": "string",
                "metadata": {
                    "description": "Provide suffix for Log Analytics workspace that will be created per subscription"
                }
            },
            "workspaceRegion": {
                "type": "string",
                "metadata": {
                    "description": "Select Azure region for Log Analytics workspace"
                }
            }
        },
        "policyRule": {
            "if": {
                "allOf": [
                    {
                        "field": "type",
                        "equals": "Microsoft.Resources/subscriptions"
                    }
                ]
            },
            "then": {
                "effect": "deployIfNotExists",
                "details": {
                    "type": "Microsoft.OperationalInsights/workspaces",
                    "deploymentScope": "Subscription",
                    "existenceScope": "Subscription",
                    "roleDefinitionIds": [
                        "/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635"
                    ],
                    "existenceCondition": {
                        "allOf": [
                            {
                                "field": "name",
                                "like": "[concat(subscription().displayName, '-', parameters('workspaceName'))]"
                            },
                            {
                                "field": "location",
                                "equals": "[parameters('workspaceRegion')]"
                            }
                        ]
                    },
                    "deployment": {
                        "location": "westeurope",
                        "properties": {
                            "mode": "incremental",
                            "parameters": {
                                "rgName": {
                                    "value": "[concat(subscription().displayName, '-logs')]"
                                },
                                "workspaceName": {
                                    "value": "[concat(subscription().displayName, '-', parameters('workspaceName'))]"
                                },
                                "workspaceRegion": {
                                    "value": "[parameters('workspaceRegion')]"
                                }
                            },
                            "template": {
                                "$schema": "http://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json",
                                "contentVersion": "1.0.0.0",
                                "parameters": {
                                    "rgName": {
                                        "type": "string"
                                    },
                                    "workspaceName": {
                                        "type": "string"
                                    },
                                    "workspaceRegion": {
                                        "type": "string"
                                    }
                                },
                                "variables": {
                                },
                                "resources": [
                                    {
                                        "type": "Microsoft.Resources/resourceGroups",
                                        "apiVersion": "2018-05-01",
                                        "name": "[parameters('rgName')]",
                                        "location": "[parameters('workspaceRegion')]",
                                        "properties": {}
                                    },
                                    {
                                        "type": "Microsoft.Resources/deployments",
                                        "apiVersion": "2018-05-01",
                                        "name": "[concat('mgmt', uniqueString('dep'))]",
                                        "resourceGroup": "[parameters('rgName')]",
                                        "dependsOn": [
                                            "[resourceId('Microsoft.Resources/resourceGroups/', parameters('rgName'))]"
                                        ],
                                        "properties": {
                                            "mode": "Incremental",
                                            "template": {
                                                "$schema": "http://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json",
                                                "contentVersion": "1.0.0.0",
                                                "parameters": {},
                                                "variables": {},
                                                "resources": [
                                                    {
                                                        "apiVersion": "2017-03-15-preview",
                                                        "location": "[parameters('workspaceRegion')]",
                                                        "name": "[parameters('workspaceName')]",
                                                        "type": "Microsoft.OperationalInsights/workspaces",
                                                        "properties": {
                                                            "sku": {
                                                                "name": "pergb2018"
                                                            },
                                                            "enableLogAccessUsingOnlyResourcePermissions": true
                                                        }
                                                    }
                                                ],
                                                "outputs": {}
                                            }
                                        }
                                    }
                                ],
                                "outputs": {}
                            }
                        }
                    }
                }
            }
        }
    }
}
	{
	"properties": {
	"displayName": "Deploy Azure Log Analytics if not exist on subscription",
	"mode": "All",
	"policyType": "Custom",
	"parameters": {
	"workspaceName": {
	"type": "string",
	"metadata": {
	"description": "Provide suffix for Log Analytics workspace that will be created per subscription"
	}
	},
	"workspaceRegion": {
	"type": "string",
	"metadata": {
	"description": "Select Azure region for Log Analytics workspace"
	}
	}
	},
	"policyRule": {
	"if": {
	"allOf": [
	{
	"field": "type",
	"equals": "Microsoft.Resources/subscriptions"
	}
	]
	},
	"then": {
	"effect": "deployIfNotExists",
	"details": {
	"type": "Microsoft.OperationalInsights/workspaces",
	"deploymentScope": "Subscription",
	"existenceScope": "Subscription",
	"roleDefinitionIds": [
	"/providers/Microsoft.Authorization/roleDefinitions/8e3af657-a8ff-443c-a75c-2fe8c4bcb635"
	],
	"existenceCondition": {
	"allOf": [
	{
	"field": "name",
	"like": "[concat(subscription().displayName, '-', parameters('workspaceName'))]"
	},
	{
	"field": "location",
	"equals": "[parameters('workspaceRegion')]"
	}
	]
	},
	"deployment": {
	"location": "westeurope",
	"properties": {
	"mode": "incremental",
	"parameters": {
	"rgName": {
	"value": "[concat(subscription().displayName, '-logs')]"
	},
	"workspaceName": {
	"value": "[concat(subscription().displayName, '-', parameters('workspaceName'))]"
	},
	"workspaceRegion": {
	"value": "[parameters('workspaceRegion')]"
	}
	},
	"template": {
	"$schema": "http://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json",
	"contentVersion": "1.0.0.0",
	"parameters": {
	"rgName": {
	"type": "string"
	},
	"workspaceName": {
	"type": "string"
	},
	"workspaceRegion": {
	"type": "string"
	}
	},
	"variables": {
	},
	"resources": [
	{
	"type": "Microsoft.Resources/resourceGroups",
	"apiVersion": "2018-05-01",
	"name": "[parameters('rgName')]",
	"location": "[parameters('workspaceRegion')]",
	"properties": {}
	},
	{
	"type": "Microsoft.Resources/deployments",
	"apiVersion": "2018-05-01",
	"name": "[concat('mgmt', uniqueString('dep'))]",
	"resourceGroup": "[parameters('rgName')]",
	"dependsOn": [
	"[resourceId('Microsoft.Resources/resourceGroups/', parameters('rgName'))]"
	],
	"properties": {
	"mode": "Incremental",
	"template": {
	"$schema": "http://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json",
	"contentVersion": "1.0.0.0",
	"parameters": {},
	"variables": {},
	"resources": [
	{
	"apiVersion": "2017-03-15-preview",
	"location": "[parameters('workspaceRegion')]",
	"name": "[parameters('workspaceName')]",
	"type": "Microsoft.OperationalInsights/workspaces",
	"properties": {
	"sku": {
	"name": "pergb2018"
	},
	"enableLogAccessUsingOnlyResourcePermissions": true
	}
	}
	],
	"outputs": {}
	}
	}
	}
	],
	"outputs": {}
	}
	}
	}
	}
	}
	}
	}
	}