@Sven Saatkamp Apologies, it looks like I misunderstood your requirement earlier, limited to automating the creation of Application insights resource alone.
I now understand that you're looking for a way to automate the integration of Application Insights with App Service Diagnostics.
As mentioned in the referenced blog post, this is how the integration works under the hood:
When you click Connect, an API key for your Application Insights is generated with read-only access to the telemetry and this API key along with the AppId for the Application Insights resource are stored as a hidden tag in ARM at the Azure App Service app level.
On the App Services side, you should see a new tag created at the app level with the name hidden-related:diagnostics/applicationInsightsSettings. The AppId is stored as is, but the API Key is encrypted using an internal key, so it is kept protected and not left as clear text. Using this information, App Services Diagnostics can query the Application Insights resource and is able to merge both the experiences together.
Here is how you can simulate the integration programmatically with a PowerShell script as done from the Azure Portal:
# Before running this script, run the following commands from an elevated Powershell console
# ---------------------------------------------------------------------------------------------
# Install-Module -Name PowershellGet -Repository PSGallery -Force -AllowClobber
# Install-Module -Name Az.ApplicationInsights -RequiredVersion 1.0.3
# Install-Module -Name Az.Resources
# IMPORTANT
# ==========
# Make sure the machine does not have any AzureRM version of commands installed. If it has run the following
# Uninstall-Module -Name AzureRm -AllVersions -Force
# Both Application Insights and Azure Web App should be in same subscription
$subscriptionId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
# Website on which AppInsights integration should be enabled
$siteName = "AppServiceDiagnosticsApp"
$siteResourceGroup = "AppServiceDiagnostics-RG"
# AppInsights resource which should be integrated with
$appinsightsName = "AppServiceDiagnosticsAppAI"
$appinsightsResourceGroup = "AppServiceDiagnostics-RG"
Connect-AzAccount | Out-Null
Set-AzContext -Subscription $subscriptionId | Out-Null
$appInsightsKeyName = "APPSERVICEDIAGNOSTICS_READONLYKEY_$siteName_" + (get-date).ticks
$permissions = @("ReadTelemetry")
$token = Get-AzAccessToken
"Got Access Token"
try
{
$newApiKey = New-AzApplicationInsightsApiKey -ResourceGroupName $appinsightsResourceGroup -Name $appinsightsName -Permissions $permissions -Description $appInsightsKeyName -ErrorAction Stop
$appInsights = Get-AzApplicationInsights -ResourceGroupName $appinsightsResourceGroup -Name $appinsightsName
"Got App Insights Resource"
$headers = @{
"Authorization"="Bearer $token";
"Accept"="application/json";
"appinsights-key"=$newApiKey.ApiKey
}
$keyAfterEncryption = Invoke-RestMethod -Uri https://appservice-diagnostics.azurefd.net/api/appinsights/encryptkey -Headers $headers -ContentType 'application/json' -ErrorAction Stop
"Generated Encryption Key"
$webSiteResource = Get-AzResource -Name $siteName -ResourceGroup $siteResourceGroup -ResourceType "Microsoft.Web/sites" -ErrorAction Stop
"Got Website resource"
$applicationInsightsSettingsTag = @{"ApiKey"=$keyAfterEncryption;"AppId"= $appInsights.AppId}
$tagValue = $applicationInsightsSettingsTag | ConvertTo-Json -Compress
$tags = @{"hidden-related:diagnostics/applicationInsightsSettings"= $tagValue}
"Updating Website resource tag..."
Update-AzTag -ResourceId $webSiteResource.id -Tag $tags -Operation Merge -ErrorAction Stop | Out-Null
"AppInsights Integration configured successfully!"
}
catch
{
Write-Host "An error occurred:"
Write-Host $_
}
Hope this helps. Do let us know if you have further questions.
----------
If an answer is helpful, please "Accept answer" and/or "Up-Vote" which might help other community members reading this thread.