Skip to content

Ensure AKS logging to Azure Monitoring is Configured

Default Severity: medium

Explanation

Ensure AKS logging to Azure Monitoring is configured for containers to monitor the performance of workloads.

Possible Impact

Logging provides valuable information about access and usage

Suggested Resolution

Enable logging for AKS

Insecure Example

The following example will fail the azure-container-logging check.

 resource "azurerm_kubernetes_cluster" "bad_example" {
     addon_profile {}
 }

Secure Example

The following example will pass the azure-container-logging check.

 resource "azurerm_kubernetes_cluster" "good_example" {
     addon_profile {
        oms_agent {
            enabled = true
        }
    }
 }