Sentinel bicep deployment : InvalidParameter - Solution product cannot start with 'OMSGallery/' as it is reserved for Microsoft first party solutions.

Dunvael LE ROUX 40 Reputation points
2023-01-17T16:00:00.0266667+00:00

Hello, i am learning how to script and i wish to deploy Sentinel with bicep. I have created a script from Microsoft templates and have added variables as well as a jsonc parameters file.

I use VSC with the bicep extension in order to "easily" correct errors. I am also using a test tenant (with a subscription i created with all the needed roles, rights and providers) in order to do all tests i need without impacting anyone's work.

When i try to deploy my file sentinel.bicep, i have the following error message :

InvalidParameter - Solution product cannot start with 'OMSGallery/' as it is reserved for Microsoft first party solutions.

Full error message :

sentinel_omsgalleryError

I have searched on Microsoft docs and it says that i should put 'OMSGallery/' and the solution type. On many videos, i saw that people were also putting it.

Microsoft_doc

Maybe i missed something but i can't find the solution to this problem. Does someone encounter it as well ?

Here is my script : The workspace is properly created and displays in my resource group (RG-Client-Sentinel) 

// ========== sentinel.bicep ==========

targetScope = 'resourceGroup'

// Parameters to modify according to needs
param location string

@description('Specifies the name of the client who needs Sentinel.')
param nameClient string

@description('Specifies the prefix for the data connectors.')
param connectorsPref string

// Variables
var sentinelName = 'Sentinel-xxxxx' // Sentinel-myCompanyName
var workspaceName = 'Workspace${nameClient}Sentinel'
var tag9 = 'Workspace pour les logs Sentinel' // sorry the description is in french
var configSentinel = loadJsonContent('../Configs/sentinel_config.json') 

// Sentinel creation
resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = {
  name: workspaceName
  location: location
  properties: {
    sku: {
      name: configSentinel.skuName
    }
    retentionInDays: configSentinel.retentionInDays
  }
}

// Sentinel solution creation
resource sentinel 'Microsoft.OperationsManagement/solutions@2015-11-01-preview' = {
  name: sentinelName
  location: location
  tags: {
    WorkshopSentinel: tag9
  }
  properties: {
    workspaceResourceId: workspace.id
  }
  plan:{
    name: '${sentinelName}-${workspaceName}'
    product: 'OMSGallery/SecurityInsights'
    promotionCode: ''
    publisher: 'Microsoft'
  }
}

My parameter file is the following :

// ========== sentinel.parameters.jsonc ==========

{
    "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
      "location": {
        "value": "francecentral"
      },
      "nameClient": {
        "value": "Client"
      },
      "connectorsPref": {
        "value": "connector"
      }
    }
  }

Could you please help me ? I apologize if this issue is due to my lack of knowledge or understanding. Thank you in advance for your help.

Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
2,802 questions
Microsoft Sentinel
Microsoft Sentinel
A scalable, cloud-native solution for security information event management and security orchestration automated response. Previously known as Azure Sentinel.
976 questions
0 comments
Accepted answer
  1. Stanislav Zhelyazkov 21,181 Reputation points MVP
    2023-01-18T07:31:30+00:00

    Hi,

    Sentinel is not just SecurityInsights solution resource. Resources of type Microsoft.OperationsManagement/solutions are predefined so certain properties needs to be specified in specific pattern. Below I did edit on the code around that resource type, and it should deploy.

    // ========== sentinel.bicep ==========

targetScope = 'resourceGroup'

// Parameters to modify according to needs
param location string

@description('Specifies the name of the client who needs Sentinel.')
param nameClient string

@description('Specifies the prefix for the data connectors.')
param connectorsPref string

// Variables
var sentinelName = 'Sentinel-xxxxx' // Sentinel-myCompanyName
var workspaceName = 'Workspace${nameClient}Sentinel'
var tag9 = 'Workspace pour les logs Sentinel' // sorry the description is in french
var configSentinel = loadJsonContent('../Configs/sentinel_config.json') 

// Sentinel creation
resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = {
  name: workspaceName
  location: location
  properties: {
    sku: {
      name: configSentinel.skuName
    }
    retentionInDays: configSentinel.retentionInDays
  }
}

// Sentinel solution creation
resource sentinel 'Microsoft.OperationsManagement/solutions@2015-11-01-preview' = {
  name: 'SecurityInsights(${workspaceName})'
  location: location
  tags: {
    WorkshopSentinel: tag9
  }
  properties: {
    workspaceResourceId: workspace.id
  }
  plan:{
    name: 'SecurityInsights(${workspaceName})'
    product: 'OMSGallery/SecurityInsights'
    promotionCode: ''
    publisher: 'Microsoft'
  }
}

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    2 people found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest