Skip to content

[AVM Module Issue]: operations-management /solution #6499

New issue
New issue
Open
Open
[AVM Module Issue]: operations-management /solution#6499
Assignees
krbar
Labels
Class: Resource Module 📦This is a resource moduleType: AVM 🅰️ ✌️ Ⓜ️This is an AVM related issueType: Feature Request ➕New feature or request
@janinternet

Description

@janinternet
janinternet
opened on Jan 13, 2026

Check for previous/existing GitHub issues

  • I have checked for previous/existing GitHub issues

Issue Type?

Feature Request

Module Name

avm/res/operations-management/solution

(Optional) Module Version

No response

Description

We need to have the option to unable UEBA for Sentinel. Like this:

resource enable_euba 'Microsoft.SecurityInsights/settings@2024-01-01-preview' = {
name: 'EntityAnalytics'
scope: sentinel_workspace
kind: 'EntityAnalytics'
properties: {
entityProviders: ['ActiveDirectory','AzureActiveDirectory']
}

}

resource euba_setting 'Microsoft.SecurityInsights/settings@2024-01-01-preview' = {
name: 'Ueba'
scope: sentinel_workspace
kind: 'Ueba'
properties: {
dataSources: [
'AuditLogs'
'AzureActivity'
'SecurityEvent'
'SigninLogs']
}
dependsOn: [enable_euba]
}

https://learn.microsoft.com/en-us/answers/questions/1833689/how-to-enable-euba-via-bicep-arm-template

(Optional) Correlation Id

No response

Metadata

Metadata

Assignees

Labels

Class: Resource Module 📦This is a resource moduleType: AVM 🅰️ ✌️ Ⓜ️This is an AVM related issueType: Feature Request ➕New feature or request

Type

No type

Projects

AVM - Module Issues

Status

Needs: Triage

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions