TL;DR You can run Azure Functions with Managed Identity for assigning Azure and API permissions.
read moreTL;DR You can set Diagnostic Settings on Azure Management Groups with API, and by extension Terraform AzApi!
read moreTL;DR Connect Subscription Activity Log with Azure Event Hubs for sending logs to third party SIEM using Terraform.
read moreTL:DR; Both the AzureRM provider and the Remote Backend (if applicable) require authentication.
read moreTL:DR; Use Terraform AzApi provider to deploy an Azure Firewall Policy Rule Collection Group containing Mssql type application rule.
read moreTL:DR; You can use checkov to scan your Terraform Iac for misconfigurations adding some level of DevSecOps.
read more