Sacha Narinx

@kennethmac2000 I'm not sure if I understand. You obviously cannot deploy the Azure Landing Zone, without having access to subscriptions (minimum 3 - best practice). These permissions need to be...

Hi @kennethmac2000, welcome your contribution with updates to documentation to clarify the topics you've outlined.

Hi @kennethmac2000. For an Azure Landing Zone deployment, you need to provide subscriptions IDs for the functional areas of ALZ as it deploys management, identity, connectivity and optionally landing zones...

Hi @kennethmac2000. I'm a little unclear on what you are trying to achieve and the multiple tenant scenario you are describing. To clarify, as long as your account is an...

I do want to clarify that it is not recommended to grant owner permissions to guest accounts (accounts outside the tenant in question), and it is a recommended practice to...

Hi @NikolaiKleppe. Thanks for sharing your detailed feedback. Our approach has always been to maximize visibility and security for the platform, which includes ingesting all available logs. However, your point...

@NikolaiKleppe please note, we've transitioned to the new category based Diagnostic Settings policies that cover most Azure services and provide options to configure log targets. Note, by default ALZ will...

@gjongeneel I'm not sure I'm following the issue. We use policy to do peering in a trusted management group. Peering is between a hub and a spoke (not multiple spokes)...

Closing this issue as there is a known platform bug impacting this policy. For details, please follow https://github.com/Azure/Enterprise-Scale/issues/1657

Hi @adrianjagodzinski, thanks for raising this. We have several open issues around diagnostic settings and `metrics/logs`. The issue you have raised is valid, however, at the moment we are holding...