Bicep Module Documentation
← Back to Overview
Module activity-log-alert
activityLogAlert
| Property | Value | Description |
|---|---|---|
| general (required) | general | |
| allOfCondition (required) | allOfCondition[] | The list of Activity Log Alert rule conditions. |
| actionGroups (required) | actionGroup[] | |
| scopes (required) | string[] | A list of Resource IDs that will be used as prefixes. The alert will only apply to Activity Log events with Resource IDs that fall under one of these prefixes. This list must include at least one item. |
anyOf
| Property | Value | Description |
|---|---|---|
| field (required) | 'caller' 'category' 'level' 'operationName' 'properties' 'resourceGroup' 'resourceId' 'resourceProvider' 'resourceType' 'status' 'subStatus' |
The name of the Activity Log event field that this condition will examine. |
| equals | string | The value of the event field will be compared to this value (case-insensitive) to determine if the condition is met |
| containsAny | string[] | The value of the event field will be compared to the values in this array (case-insensitive) to determine if the condition is met. |
allOfCondition
| Property | Value | Description |
|---|---|---|
| field (required) | 'caller' 'category' 'level' 'operationName' 'properties' 'resourceGroup' 'resourceId' 'resourceProvider' 'resourceType' 'status' 'subStatus' |
The name of the Activity Log event field that this condition will examine. |
| equals | string | The value of the event field will be compared to this value (case-insensitive) to determine if the condition is met |
| containsAny | string[] | The value of the event field will be compared to the values in this array (case-insensitive) to determine if the condition is met. |
| anyOf | anyOf[] | An Activity Log Alert rule condition that is met when at least one of its member leaf conditions are met. |
actionGroup
| Property | Value | Description |
|---|---|---|
| enabled | bool | Indicates whether this Activity Log Alert rule is enabled. If an Activity Log Alert rule is not enabled, then none of its actions will be activated. (default: true) |
| groupShortName (required) | string | The short name of the action group. This will be used in SMS messages. |
| emailReceivers | emailReceivers[] | The list of email receivers that are part of this action group. |
| armRoleReceivers | armRoleReceivers[] | The list of ARM role receivers that are part of this action group. Roles are Azure RBAC roles and only built-in roles are supported. |
| automationRunbookReceivers | automationRunbookReceivers[] | The list of AutomationRunbook receivers that are part of this action group. |
| azureAppPushReceivers | azureAppPushReceivers[] | The list of AzureAppPush receivers that are part of this action group. |
| azureFunctionReceivers | azureFunctionReceivers[] | The list of Azure function receivers that are part of this action group. |
| eventHubReceivers | eventHubReceivers[] | The list of event hub receivers that are part of this action group. |
| itsmReceivers | itsmReceivers[] | The list of ITSM receivers that are part of this action group. |
| logicAppReceivers | logicAppReceivers[] | The list of logic app receivers that are part of this action group. |
| smsReceivers | smsReceivers[] | The list of SMS receivers that are part of this action group. |
| voiceReceivers | voiceReceivers[] | The list of voice receivers that are part of this action group. |
| webhookReceivers | webhookReceivers[] | The list of webhook receivers that are part of this action group. |
emailReceivers
| Property | Value | Description |
|---|---|---|
| emailAddress (required) | string | The email address of this receiver. |
| name (required) | string | The name of the email receiver. Names must be unique across all receivers within an action group. |
| useCommonAlertSchema (required) | bool | Indicates whether to use common alert schema. |
armRoleReceivers
| Property | Value | Description |
|---|---|---|
| name (required) | string | The name of the arm role receiver. Names must be unique across all receivers within an action group. |
| roleId (required) | string | The arm role id. |
| useCommonAlertSchema | bool | Indicates whether to use common alert schema. |
automationRunbookReceivers
| Property | Value | Description |
|---|---|---|
| automationAccountId (required) | string | The Azure automation account Id which holds this runbook and authenticate to Azure resource. |
| isGlobalRunbook (required) | bool | Indicates whether this instance is global runbook. |
| name (required) | string | Indicates name of the webhook. |
| runbookName (required) | string | The name for this runbook. |
| serviceUri (required) | string | The URI where webhooks should be sent. |
| useCommonAlertSchema (required) | bool | Indicates whether to use common alert schema. |
| webhookResourceId (required) | string | The Resource ID for webhook linked to this runbook. |
azureAppPushReceivers
| Property | Value | Description |
|---|---|---|
| emailAddress (required) | string | The email address registered for the Azure mobile app. |
| name (required) | string | The name of the Azure mobile app push receiver. Names must be unique across all receivers within an action group. |
azureFunctionReceivers
| Property | Value | Description |
|---|---|---|
| functionAppResourceId (required) | string | The Azure Resource ID of the function app. |
| functionName (required) | string | The function name in the function app. |
| httpTriggerUrl (required) | string | The HTTP trigger URL where HTTP requests are sent to. |
| name (required) | string | The name of the Azure function receiver. Names must be unique across all receivers within an action group. |
| useCommonAlertSchema (required) | bool | Indicates whether to use common alert schema. |
eventHubReceivers
| Property | Value | Description |
|---|---|---|
| eventHubName (required) | string | The name of the specific Event Hub queue |
| eventHubNameSpace (required) | string | The Event Hub namespace |
| name (required) | string | The name of the Event hub receiver. Names must be unique across all receivers within an action group. |
| subscriptionId (required) | string | The Id for the subscription containing this event hub |
| tenantId (required) | string | The tenant Id for the subscription containing this event hub |
| useCommonAlertSchema (required) | bool | Indicates whether to use common alert schema. |
itsmReceivers
| Property | Value | Description |
|---|---|---|
| connectionId (required) | string | Unique identification of ITSM connection among multiple defined in above workspace. |
| name (required) | string | The name of the Itsm receiver. Names must be unique across all receivers within an action group. |
| region (required) | 'australiasoutheast' 'canadacentral' 'centralindia' 'eastus' 'japaneast' 'southeastasia' 'uksouth' 'westcentralus' 'westeurope' |
Region in which workspace resides. |
| ticketConfiguration (required) | string | JSON blob for the configurations of the ITSM action. CreateMultipleWorkItems option will be part of this blob as well. |
| workspaceId (required) | string | Log Analytics Workspace Resource ID. |
logicAppReceivers
| Property | Value | Description |
|---|---|---|
| callbackUrl (required) | string | The callback url where http request sent to. |
| name (required) | string | The name of the logic app receiver. Names must be unique across all receivers within an action group. |
| resourceId (required) | string | The Azure Resource ID of the logic app receiver. |
| useCommonAlertSchema (required) | bool | Indicates whether to use common alert schema. |
smsReceivers
| Property | Value | Description |
|---|---|---|
| countryCode (required) | string | The country code of the SMS receiver. |
| name (required) | string | The name of the SMS receiver. Names must be unique across all receivers within an action group. |
| phoneNumber (required) | string | The phone number of the SMS receiver. |
voiceReceivers
| Property | Value | Description |
|---|---|---|
| countryCode (required) | string | The country code of the voice receiver. |
| name (required) | string | The name of the voice receiver. Names must be unique across all receivers within an action group. |
| phoneNumber (required) | string | The phone number of the voice receiver. |
webhookReceivers
| Property | Value | Description |
|---|---|---|
| identifierUri (required) | string | Indicates the identifier uri for aad auth. |
| name (required) | string | The name of the webhook receiver. Names must be unique across all receivers within an action group. |
| objectId (required) | string | Indicates the webhook app object Id for aad auth. |
| serviceUri (required) | string | The URI where webhooks should be sent. |
| tenantId (required) | string | Indicates the tenant id for aad auth. |
| useAadAuth (required) | bool | Indicates whether or not use Entra ID authentication. |
| useCommonAlertSchema (required) | bool | Indicates whether to use common alert schema. |
naming
| Property | Value | Description |
|---|---|---|
| forceFunctionAsFullName | bool | Use the function value as the full name of the resource |
| abbreviation | string | Override the abbreviation of this resource with this parameter |
| environment | string | The resource environment (for example: dev, tst, acc, prd) |
| location | string | The resource location (for example: weu, we, westeurope) |
| customer | string | The name of the customer |
| delimiter | string | The delimiter between resources (default: -) |
| nameFormat | Array containing any of: 'abbreviation' 'customer' 'environment' 'function' 'location' 'param1' 'param2' 'param3' 'useCaseName' |
The order of the array defines the order of elements in the naming scheme |
| param1 | string | Extra parameter self defined |
| param2 | string | Extra parameter self defined |
| param3 | string | Extra parameter self defined |
| function (required) | string | Function of the resource [can be app, db, security,...] |
| useCaseName | string | Name of the use case [can be hub, spoke,...] |
| suffix | string | Suffix for the resource, if empty non will be appended, otherwise will be added to the end [can be index, ...] |
| forceDefaultNaming | bool | Force the CAF naming instead of default company naming |
resourceLock
| Property | Value | Description |
|---|---|---|
| name | string | Character limit: 1-90. Valid characters: Alphanumerics, periods, underscores, hyphens, and parenthesis. Can't end in period. |
| level (required) | 'CanNotDelete' 'ReadOnly' |
The level of the lock. Possible values are: CanNotDelete and ReadOnly. CanNotDelete means authorized users are able to read and modify the resources, but not delete. ReadOnly means authorized users can only read from a resource, but they can't modify or delete it. Read-Only locks must be commented to be able to deploy again |
| notes | string | Notes about the lock. Maximum of 512 characters. |
| owners | resourceLockOwner[] | The owners of the lock |
resourceLockOwner
| Property | Value | Description |
|---|---|---|
| applicationId (required) | string | The application ID of the lock owner. |
roleAssignment
| Property | Value | Description |
|---|---|---|
| principalId (required) | string | The principal ID |
| roleDefinitionId (required) | string | The role definition ID, data file can be used for this |
| condition | string | Condition on the role assignment |
| conditionVersion | string | Version of the condition. Currently the only accepted value is "2.0" |
| delegatedManagedIdentityResourceId | string | Id of the delegated managed identity resource |
| description | string | Description of role assignment |
general
| Property | Value | Description |
|---|---|---|
| tags | object | Tags of the resource [hashtable] |
| location (required) | string | Location of the resource |
| naming (required) | naming | Naming module of the resource |
| resourceGroupName (required) | string | Name of the resource group where the resource should be located |
| sharedNaming (required) | naming | Reference to the default naming |
| roleAssignments | roleAssignment[] | Role assignments on the resource |
| resourceLocks | resourceLock[] | Resource Locks on the resource |
Changelog
3.0.0 (2026-04-30)
⚠ BREAKING CHANGES
- support multiple action groups and receivers
Features
- support multiple action groups and receivers
2.0.1 (2025-09-24)
Bug Fixes
- remove deployment name + cleanup
2.0.0 (2025-09-24)
⚠ BREAKING CHANGES
- remove deprecated outputs
Bug Fixes
- remove deprecated outputs
1.1.1 (2025-02-28)
Bug Fixes
- revise descriptions
1.1.0 (2024-12-16)
Features
- hele nieuwe feature