Feature Request: Azure Event Hub and Even Management

[archmangler]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Configuration and Configuration Framework to create a centralised Azure Eventhub for streaming events from infrastructure to an eventhub in the management subscription. Configuration scheme to allow event-subscriptions to be created as well as filtering of events into/from the eventhub.

Is your feature request related to a problem?

Need for a centralised event hub in Azure which can be used to integrate with external SIEM.

Describe the solution you'd like

• A default central event hub created in the management subscription.
• By default set to collect some basic Azure infrastructure events from landing zone subscriptions.
• Either set to configure events and collect all events from the Landing Zones deployed using the module - or -
• providing the configuration method to configure events to be sent to the event hub from new landing zones

Alternative currently available:

Manual creation of eventhub using an external terraform module.

Additional context

It seems reasonable that centralised event hub should be part of the landing zone definition for Azure CAF.