Microsoft.OperationalInsights workspaces
Bicep resource definition
The workspaces resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Remarks
For guidance on deploying monitoring solutions, see Create monitoring resources by using Bicep.
Resource format
To create a Microsoft.OperationalInsights/workspaces resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.OperationalInsights/workspaces@2023-09-01' = {
name: 'string'
location: 'string'
tags: {
tagName1: 'tagValue1'
tagName2: 'tagValue2'
}
etag: 'string'
identity: {
type: 'string'
userAssignedIdentities: {
{customized property}: {}
}
}
properties: {
defaultDataCollectionRuleResourceId: 'string'
features: {
clusterResourceId: 'string'
disableLocalAuth: bool
enableDataExport: bool
enableLogAccessUsingOnlyResourcePermissions: bool
immediatePurgeDataOn30Days: bool
{customized property}: any()
}
forceCmkForQuery: bool
publicNetworkAccessForIngestion: 'string'
publicNetworkAccessForQuery: 'string'
retentionInDays: int
sku: {
capacityReservationLevel: int
name: 'string'
}
workspaceCapping: {
dailyQuotaGb: int
}
}
}
Property values
workspaces
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) Character limit: 4-63 Valid characters: Alphanumerics and hyphens. Start and end with alphanumeric. |
| location | The geo-location where the resource lives | string (required) |
| tags | Resource tags. | Dictionary of tag names and values. See Tags in templates |
| etag | The etag of the workspace. | string |
| identity | The identity of the resource. | Identity |
| properties | Workspace properties. | WorkspaceProperties |
Identity
| Name | Description | Value |
|---|---|---|
| type | Type of managed service identity. | 'None' 'SystemAssigned' 'UserAssigned' (required) |
| userAssignedIdentities | The list of user identities associated with the resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. | IdentityUserAssignedIdentities |
IdentityUserAssignedIdentities
| Name | Description | Value |
|---|---|---|
| {customized property} | UserIdentityProperties |
UserIdentityProperties
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
WorkspaceProperties
| Name | Description | Value |
|---|---|---|
| defaultDataCollectionRuleResourceId | The resource ID of the default Data Collection Rule to use for this workspace. Expected format is - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Insights/dataCollectionRules/{dcrName}. | string |
| features | Workspace features. | WorkspaceFeatures |
| forceCmkForQuery | Indicates whether customer managed storage is mandatory for query management. | bool |
| publicNetworkAccessForIngestion | The network access type for accessing Log Analytics ingestion. | 'Disabled' 'Enabled' |
| publicNetworkAccessForQuery | The network access type for accessing Log Analytics query. | 'Disabled' 'Enabled' |
| retentionInDays | The workspace data retention in days. Allowed values are per pricing plan. See pricing tiers documentation for details. | int |
| sku | The SKU of the workspace. | WorkspaceSku |
| workspaceCapping | The daily volume cap for ingestion. | WorkspaceCapping |
WorkspaceFeatures
| Name | Description | Value |
|---|---|---|
| clusterResourceId | Dedicated LA cluster resourceId that is linked to the workspaces. | string |
| disableLocalAuth | Disable Non-AAD based Auth. | bool |
| enableDataExport | Flag that indicate if data should be exported. | bool |
| enableLogAccessUsingOnlyResourcePermissions | Flag that indicate which permission to use - resource or workspace or both. | bool |
| immediatePurgeDataOn30Days | Flag that describes if we want to remove the data after 30 days. | bool |
| {customized property} | For Bicep, you can use the any() function. |
WorkspaceSku
| Name | Description | Value |
|---|---|---|
| capacityReservationLevel | The capacity reservation level in GB for this workspace, when CapacityReservation sku is selected. | int |
| name | The name of the SKU. | 'CapacityReservation' 'Free' 'LACluster' 'PerGB2018' 'PerNode' 'Premium' 'Standalone' 'Standard' (required) |
WorkspaceCapping
| Name | Description | Value |
|---|---|---|
| dailyQuotaGb | The workspace daily quota for ingestion. | int |
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
Deploy Darktrace Autoscaling vSensors |
This template allows you to deploy an automatically autoscaling deployment of Darktrace vSensors |
| BrowserBox Azure Edition |
This template deploys BrowserBox on an Azure Ubuntu Server 22.04 LTS, Debian 11, or RHEL 8.7 LVM VM. |
| CI/CD using Jenkins on Azure Virtual Machine Scale Sets |
This is a CI/CD sample using Jenkins and Terraform on Azure Virtual Machine Scale Sets |
| Deploy Solace PubSub+ message broker onto Azure Linux VM(s) |
This template allows you to deploy either a standalone Solace PubSub+ message broker or a three node High Availability cluster of Solace PubSub+ message brokers onto Azure Linux VM(s). |
| AKS Cluster with a NAT Gateway and an Application Gateway |
This sample shows how to a deploy an AKS cluster with NAT Gateway for outbound connections and an Application Gateway for inbound connections. |
| OMS ASR Solution |
Enables the ASR (v2) Solution in OMS |
| Log Analytics based Monitoring solution for Azure Backup |
Azure backup solution using Log Analytics |
| OMS Active Directory Security Audit Solution |
Active Directory Security Audit Solution |
| OMS Automation solution |
Azure Automation solution for OMS |
| OMS - Azure Resource Usage Solution |
Solution brings billing infortmation about Azure Resources into OMS. Cost of resources can be displayed in different currency and locale. |
| OMS - Azure VM Inventory Solution |
Enables Azure VM Inventory Solution in OMS. Solution collects Azure VM inventory along with disks, networking components, NSG rules and extensions into OMS workspace. |
| Azure Network Security Group Analytics |
Azure Network Security Group Analytics with Azure Log Analytics (OMS) |
| Add an existing storage account to OMS |
This template adds a storage account into OMS Log Analytics and select multiple tables for ingestion. |
| OMS Solution - Hyper-V Replica |
A template for creating an OMS solution to monitor Hyper-V replica. |
| OMS Kemp Application Delivery |
Kemp Application Delivery solution for OMS |
| OMS SCOM ACS Solution |
Adds the SCOM ACS custom Solution into an OMS Workspace |
| OMS Service Bus Solution |
Monitors Azure Service Bus instances |
| OMS VMM Analytics |
Provides a single view of the jobs' status across multiple VMM instances that helps you gain insight about the health & performance of these jobs. |
| Create a Private AKS Cluster |
This sample shows how to create a private AKS cluster in a virtual network along with a jumpbox virtual machine. |
| Create a Private AKS Cluster with a Public DNS Zone |
This sample shows how to a deploy a private AKS cluster with a Public DNS Zone. |
| S2D Management Solution |
Enables monitoring of S2D clusters with OMS. |
| Create and monitor API Management instance |
This template creates an instance of Azure API Management service and Log Analytics workspace and sets up monitoring for your API Management service with Log Analytics |
| Creates a Container App and Environment with Registry |
Create a Container App Environment with a basic Container App from an Azure Container Registry. It also deploys a Log Analytics Workspace to store logs. |
| Creates a two Container App with a Container App Environment |
Create a two Container App Environment with a basic Container App. It also deploys a Log Analytics Workspace to store logs. |
| Creates a Container App within a Container App Environment |
Create a Container App Environment with a basic Container App. It also deploys a Log Analytics Workspace to store logs. |
| Creates a Container App with a defined HTTP scaling rule |
Create a Container App Environment with a basic Container App that scales based on HTTP traffic. |
| Creates an external Container App environment with a VNET |
Creates an external Container App environment with a VNET. |
| Creates an internal Container App environment with a VNET |
Creates an internal Container App environment with a VNET. |
| Deploy a simple Azure Spring Apps microservice application |
This template deploys a simple Azure Spring Apps microservice application to run on Azure. |
| Create Azure Automation account |
This template provides an example of how create an Azure Automation account and links it to a new or existing Azure Monitor Log Analytics workspace. |
| Front Door Premium with WAF and Microsoft-managed rule sets |
This template creates a Front Door Premium including a web application firewall with the Microsoft-managed default and bot protection rule sets. |
| Front Door Standard/Premium with WAF and custom rule |
This template creates a Front Door Standard/Premium including a web application firewall with a custom rule. |
| Connect to a Event Hubs namespace via private endpoint |
This sample shows how to use configure a virtual network and private DNS zone to access a Event Hubs namespace via a private endpoint. |
| Deploy Application Insight and create alert in it |
This template allows you to deploy Application Insight and create alert in it |
| Log Analytics workspace with solutions and data sources |
Deploys a Log Analytics workspace with specified solutions and data sources |
| Log Analytics workspace with VM Insights, Container Insights |
Deploys a Log Analytics workspace with VM Insights, Container Insights solutions and diagnostics. |
| Connect to a Key Vault via private endpoint |
This sample shows how to use configure a virtual network and private DNS zone to access Key Vault via private endpoint. |
| Azure Machine Learning end-to-end secure setup |
This set of Bicep templates demonstrates how to set up Azure Machine Learning end-to-end in a secure set up. This reference implementation includes the Workspace, a compute cluster, compute instance and attached private AKS cluster. |
| AKS cluster with the Application Gateway Ingress Controller |
This sample shows how to deploy an AKS cluster with Application Gateway, Application Gateway Ingress Controller, Azure Container Registry, Log Analytics and Key Vault |
| Use Azure Firewall as a DNS Proxy in a Hub & Spoke topology |
This sample show how to deploy a hub-spoke topology in Azure using the Azure Firewall. The hub virtual network acts as a central point of connectivity to many spoke virtual networks that are connected to hub virtual network via virtual network peering. |
| Create Azure Front Door in front of Azure API Management |
This sample demonstrates how to use Azure Front Door as a global load balancer in front of Azure API Management. |
| Enable Microsoft Sentinel |
Enable Microsoft Sentinel, a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. |
| Create Recovery Services Vault and Enable Diagnostics |
This template creates a Recovery Services Vault and enables diagnostics for Azure Backup. This also deploys storage account and oms workspace. |
| Connect to a Service Bus namespace via private endpoint |
This sample shows how to use configure a virtual network and private DNS zone to access a Service Bus namespace via private endpoint. |
| Azure SQL Server with Auditing written to Log Analytics |
This template allows you to deploy an Azure SQL server with Auditing enabled to write audit logs to Log Analytics (OMS workspace) |
| Create SQL MI with configured sending of logs and metrics |
This template allows you to deploy SQL MI and additional resources used for storing logs and metrics (diagnostic workspace, storage account, event hub). |
| Connect to a storage account from a VM via private endpoint |
This sample shows how to use connect a virtual network to access a blob storage account via private endpoint. |
| Connect to an Azure File Share via a Private Endpoint |
This sample shows how to use configure a virtual network and private DNS zone to access an Azure File Share via a private endpoint. |
| Azure Function App with Event Hub and Managed Identity |
his template provisions an Azure Function app on a Linux Consumption plan, along with an Event Hub, Azure Storage, and Application Insights. The function app is able to use managed identity to connect to the Event Hub and Storage account |
| Azure Function app and an HTTP-triggered function |
This example deploys an Azure Function app and an HTTP-triggered function inline in the template. It also deploys a Key Vault and populates a secret with the function app's host key. |
| Deploy an AZ enabled Azure Function Premium plan |
This template allows you to deploy an Azure Function Premium plan with availability zones support, including an availability zones enabled storage account. |
| Deploy an Azure Function Premium plan with vnet integration |
This template allows you to deploy an Azure Function Premium plan with regional virtual network integration enabled to a newly created virtual network. |
| Application Gateway with internal API Management and Web App |
Application Gateway routing Internet traffic to a virtual network (internal mode) API Management instance which services a web API hosted in an Azure Web App. |
| Web App w/ Application Insights sending to Log Analytics |
This template will is to help support the new API versions of microsoft.insights/components. Starting with 2020-02-02-preview WorkspaceID will be required when creating Application Inisghts.This template will deploy the App Service Plan, App Service, Application Insights, Log Analytics Workspace and hook it all together. |
| Azure Web App Monitoring |
Azure Web Apps Monitoring with Azure Log Analytics (OMS) |
ARM template resource definition
The workspaces resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Remarks
For guidance on deploying monitoring solutions, see Create monitoring resources by using Bicep.
Resource format
To create a Microsoft.OperationalInsights/workspaces resource, add the following JSON to your template.
{
"type": "Microsoft.OperationalInsights/workspaces",
"apiVersion": "2023-09-01",
"name": "string",
"location": "string",
"tags": {
"tagName1": "tagValue1",
"tagName2": "tagValue2"
},
"etag": "string",
"identity": {
"type": "string",
"userAssignedIdentities": {
"{customized property}": {}
}
},
"properties": {
"defaultDataCollectionRuleResourceId": "string",
"features": {
"clusterResourceId": "string",
"disableLocalAuth": "bool",
"enableDataExport": "bool",
"enableLogAccessUsingOnlyResourcePermissions": "bool",
"immediatePurgeDataOn30Days": "bool",
"{customized property}": {}
},
"forceCmkForQuery": "bool",
"publicNetworkAccessForIngestion": "string",
"publicNetworkAccessForQuery": "string",
"retentionInDays": "int",
"sku": {
"capacityReservationLevel": "int",
"name": "string"
},
"workspaceCapping": {
"dailyQuotaGb": "int"
}
}
}
Property values
workspaces
| Name | Description | Value |
|---|---|---|
| type | The resource type | 'Microsoft.OperationalInsights/workspaces' |
| apiVersion | The resource api version | '2023-09-01' |
| name | The resource name | string (required) Character limit: 4-63 Valid characters: Alphanumerics and hyphens. Start and end with alphanumeric. |
| location | The geo-location where the resource lives | string (required) |
| tags | Resource tags. | Dictionary of tag names and values. See Tags in templates |
| etag | The etag of the workspace. | string |
| identity | The identity of the resource. | Identity |
| properties | Workspace properties. | WorkspaceProperties |
Identity
| Name | Description | Value |
|---|---|---|
| type | Type of managed service identity. | 'None' 'SystemAssigned' 'UserAssigned' (required) |
| userAssignedIdentities | The list of user identities associated with the resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. | IdentityUserAssignedIdentities |
IdentityUserAssignedIdentities
| Name | Description | Value |
|---|---|---|
| {customized property} | UserIdentityProperties |
UserIdentityProperties
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
WorkspaceProperties
| Name | Description | Value |
|---|---|---|
| defaultDataCollectionRuleResourceId | The resource ID of the default Data Collection Rule to use for this workspace. Expected format is - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Insights/dataCollectionRules/{dcrName}. | string |
| features | Workspace features. | WorkspaceFeatures |
| forceCmkForQuery | Indicates whether customer managed storage is mandatory for query management. | bool |
| publicNetworkAccessForIngestion | The network access type for accessing Log Analytics ingestion. | 'Disabled' 'Enabled' |
| publicNetworkAccessForQuery | The network access type for accessing Log Analytics query. | 'Disabled' 'Enabled' |
| retentionInDays | The workspace data retention in days. Allowed values are per pricing plan. See pricing tiers documentation for details. | int |
| sku | The SKU of the workspace. | WorkspaceSku |
| workspaceCapping | The daily volume cap for ingestion. | WorkspaceCapping |
WorkspaceFeatures
| Name | Description | Value |
|---|---|---|
| clusterResourceId | Dedicated LA cluster resourceId that is linked to the workspaces. | string |
| disableLocalAuth | Disable Non-AAD based Auth. | bool |
| enableDataExport | Flag that indicate if data should be exported. | bool |
| enableLogAccessUsingOnlyResourcePermissions | Flag that indicate which permission to use - resource or workspace or both. | bool |
| immediatePurgeDataOn30Days | Flag that describes if we want to remove the data after 30 days. | bool |
| {customized property} |
WorkspaceSku
| Name | Description | Value |
|---|---|---|
| capacityReservationLevel | The capacity reservation level in GB for this workspace, when CapacityReservation sku is selected. | int |
| name | The name of the SKU. | 'CapacityReservation' 'Free' 'LACluster' 'PerGB2018' 'PerNode' 'Premium' 'Standalone' 'Standard' (required) |
WorkspaceCapping
| Name | Description | Value |
|---|---|---|
| dailyQuotaGb | The workspace daily quota for ingestion. | int |
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
| Deploy Darktrace Autoscaling vSensors |
This template allows you to deploy an automatically autoscaling deployment of Darktrace vSensors |
| BrowserBox Azure Edition |
This template deploys BrowserBox on an Azure Ubuntu Server 22.04 LTS, Debian 11, or RHEL 8.7 LVM VM. |
| CI/CD using Jenkins on Azure Virtual Machine Scale Sets |
This is a CI/CD sample using Jenkins and Terraform on Azure Virtual Machine Scale Sets |
| Deploy Solace PubSub+ message broker onto Azure Linux VM(s) |
This template allows you to deploy either a standalone Solace PubSub+ message broker or a three node High Availability cluster of Solace PubSub+ message brokers onto Azure Linux VM(s). |
| AKS Cluster with a NAT Gateway and an Application Gateway |
This sample shows how to a deploy an AKS cluster with NAT Gateway for outbound connections and an Application Gateway for inbound connections. |
| OMS ASR Solution |
Enables the ASR (v2) Solution in OMS |
| Log Analytics based Monitoring solution for Azure Backup |
Azure backup solution using Log Analytics |
| OMS Active Directory Security Audit Solution |
Active Directory Security Audit Solution |
| OMS Automation solution |
Azure Automation solution for OMS |
| OMS - Azure Resource Usage Solution |
Solution brings billing infortmation about Azure Resources into OMS. Cost of resources can be displayed in different currency and locale. |
| OMS - Azure VM Inventory Solution |
Enables Azure VM Inventory Solution in OMS. Solution collects Azure VM inventory along with disks, networking components, NSG rules and extensions into OMS workspace. |
| Azure Network Security Group Analytics |
Azure Network Security Group Analytics with Azure Log Analytics (OMS) |
| Add an existing storage account to OMS |
This template adds a storage account into OMS Log Analytics and select multiple tables for ingestion. |
| OMS Solution - Hyper-V Replica |
A template for creating an OMS solution to monitor Hyper-V replica. |
| OMS Kemp Application Delivery |
Kemp Application Delivery solution for OMS |
| OMS SCOM ACS Solution |
Adds the SCOM ACS custom Solution into an OMS Workspace |
| OMS Service Bus Solution |
Monitors Azure Service Bus instances |
| OMS VMM Analytics |
Provides a single view of the jobs' status across multiple VMM instances that helps you gain insight about the health & performance of these jobs. |
| Create a Private AKS Cluster |
This sample shows how to create a private AKS cluster in a virtual network along with a jumpbox virtual machine. |
| Create a Private AKS Cluster with a Public DNS Zone |
This sample shows how to a deploy a private AKS cluster with a Public DNS Zone. |
| S2D Management Solution |
Enables monitoring of S2D clusters with OMS. |
| Create and monitor API Management instance |
This template creates an instance of Azure API Management service and Log Analytics workspace and sets up monitoring for your API Management service with Log Analytics |
| Creates a Container App and Environment with Registry |
Create a Container App Environment with a basic Container App from an Azure Container Registry. It also deploys a Log Analytics Workspace to store logs. |
| Creates a two Container App with a Container App Environment |
Create a two Container App Environment with a basic Container App. It also deploys a Log Analytics Workspace to store logs. |
| Creates a Container App within a Container App Environment |
Create a Container App Environment with a basic Container App. It also deploys a Log Analytics Workspace to store logs. |
| Creates a Container App with a defined HTTP scaling rule |
Create a Container App Environment with a basic Container App that scales based on HTTP traffic. |
| Creates an external Container App environment with a VNET |
Creates an external Container App environment with a VNET. |
| Creates an internal Container App environment with a VNET |
Creates an internal Container App environment with a VNET. |
| Deploy a simple Azure Spring Apps microservice application |
This template deploys a simple Azure Spring Apps microservice application to run on Azure. |
| Create Azure Automation account |
This template provides an example of how create an Azure Automation account and links it to a new or existing Azure Monitor Log Analytics workspace. |
| Front Door Premium with WAF and Microsoft-managed rule sets |
This template creates a Front Door Premium including a web application firewall with the Microsoft-managed default and bot protection rule sets. |
| Front Door Standard/Premium with WAF and custom rule |
This template creates a Front Door Standard/Premium including a web application firewall with a custom rule. |
| Connect to a Event Hubs namespace via private endpoint |
This sample shows how to use configure a virtual network and private DNS zone to access a Event Hubs namespace via a private endpoint. |
| Deploy Application Insight and create alert in it |
This template allows you to deploy Application Insight and create alert in it |
| Log Analytics workspace with solutions and data sources |
Deploys a Log Analytics workspace with specified solutions and data sources |
| Log Analytics workspace with VM Insights, Container Insights |
Deploys a Log Analytics workspace with VM Insights, Container Insights solutions and diagnostics. |
| Connect to a Key Vault via private endpoint |
This sample shows how to use configure a virtual network and private DNS zone to access Key Vault via private endpoint. |
| Azure Machine Learning end-to-end secure setup |
This set of Bicep templates demonstrates how to set up Azure Machine Learning end-to-end in a secure set up. This reference implementation includes the Workspace, a compute cluster, compute instance and attached private AKS cluster. |
| AKS cluster with the Application Gateway Ingress Controller |
This sample shows how to deploy an AKS cluster with Application Gateway, Application Gateway Ingress Controller, Azure Container Registry, Log Analytics and Key Vault |
| Use Azure Firewall as a DNS Proxy in a Hub & Spoke topology |
This sample show how to deploy a hub-spoke topology in Azure using the Azure Firewall. The hub virtual network acts as a central point of connectivity to many spoke virtual networks that are connected to hub virtual network via virtual network peering. |
| Create Azure Front Door in front of Azure API Management |
This sample demonstrates how to use Azure Front Door as a global load balancer in front of Azure API Management. |
| Enable Microsoft Sentinel |
Enable Microsoft Sentinel, a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. |
| Create Recovery Services Vault and Enable Diagnostics |
This template creates a Recovery Services Vault and enables diagnostics for Azure Backup. This also deploys storage account and oms workspace. |
| Connect to a Service Bus namespace via private endpoint |
This sample shows how to use configure a virtual network and private DNS zone to access a Service Bus namespace via private endpoint. |
| Azure SQL Server with Auditing written to Log Analytics |
This template allows you to deploy an Azure SQL server with Auditing enabled to write audit logs to Log Analytics (OMS workspace) |
| Create SQL MI with configured sending of logs and metrics |
This template allows you to deploy SQL MI and additional resources used for storing logs and metrics (diagnostic workspace, storage account, event hub). |
| Connect to a storage account from a VM via private endpoint |
This sample shows how to use connect a virtual network to access a blob storage account via private endpoint. |
| Connect to an Azure File Share via a Private Endpoint |
This sample shows how to use configure a virtual network and private DNS zone to access an Azure File Share via a private endpoint. |
| Azure Function App with Event Hub and Managed Identity |
his template provisions an Azure Function app on a Linux Consumption plan, along with an Event Hub, Azure Storage, and Application Insights. The function app is able to use managed identity to connect to the Event Hub and Storage account |
| Azure Function app and an HTTP-triggered function |
This example deploys an Azure Function app and an HTTP-triggered function inline in the template. It also deploys a Key Vault and populates a secret with the function app's host key. |
| Deploy an AZ enabled Azure Function Premium plan |
This template allows you to deploy an Azure Function Premium plan with availability zones support, including an availability zones enabled storage account. |
| Deploy an Azure Function Premium plan with vnet integration |
This template allows you to deploy an Azure Function Premium plan with regional virtual network integration enabled to a newly created virtual network. |
| Application Gateway with internal API Management and Web App |
Application Gateway routing Internet traffic to a virtual network (internal mode) API Management instance which services a web API hosted in an Azure Web App. |
| Web App w/ Application Insights sending to Log Analytics |
This template will is to help support the new API versions of microsoft.insights/components. Starting with 2020-02-02-preview WorkspaceID will be required when creating Application Inisghts.This template will deploy the App Service Plan, App Service, Application Insights, Log Analytics Workspace and hook it all together. |
| Azure Web App Monitoring |
Azure Web Apps Monitoring with Azure Log Analytics (OMS) |
Terraform (AzAPI provider) resource definition
The workspaces resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.OperationalInsights/workspaces resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.OperationalInsights/workspaces@2023-09-01"
name = "string"
location = "string"
parent_id = "string"
tags = {
tagName1 = "tagValue1"
tagName2 = "tagValue2"
}
identity {
type = "string"
identity_ids = []
}
body = jsonencode({
properties = {
defaultDataCollectionRuleResourceId = "string"
features = {
clusterResourceId = "string"
disableLocalAuth = bool
enableDataExport = bool
enableLogAccessUsingOnlyResourcePermissions = bool
immediatePurgeDataOn30Days = bool
}
forceCmkForQuery = bool
publicNetworkAccessForIngestion = "string"
publicNetworkAccessForQuery = "string"
retentionInDays = int
sku = {
capacityReservationLevel = int
name = "string"
}
workspaceCapping = {
dailyQuotaGb = int
}
}
etag = "string"
})
}
Property values
workspaces
| Name | Description | Value |
|---|---|---|
| type | The resource type | "Microsoft.OperationalInsights/workspaces@2023-09-01" |
| name | The resource name | string (required) Character limit: 4-63 Valid characters: Alphanumerics and hyphens. Start and end with alphanumeric. |
| location | The geo-location where the resource lives | string (required) |
| parent_id | To deploy to a resource group, use the ID of that resource group. | string (required) |
| tags | Resource tags. | Dictionary of tag names and values. |
| etag | The etag of the workspace. | string |
| identity | The identity of the resource. | Identity |
| properties | Workspace properties. | WorkspaceProperties |
Identity
| Name | Description | Value |
|---|---|---|
| type | Type of managed service identity. | "SystemAssigned" "UserAssigned" (required) |
| identity_ids | The list of user identities associated with the resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. | Array of user identity IDs. |
IdentityUserAssignedIdentities
| Name | Description | Value |
|---|---|---|
| {customized property} | UserIdentityProperties |
UserIdentityProperties
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
WorkspaceProperties
| Name | Description | Value |
|---|---|---|
| defaultDataCollectionRuleResourceId | The resource ID of the default Data Collection Rule to use for this workspace. Expected format is - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Insights/dataCollectionRules/{dcrName}. | string |
| features | Workspace features. | WorkspaceFeatures |
| forceCmkForQuery | Indicates whether customer managed storage is mandatory for query management. | bool |
| publicNetworkAccessForIngestion | The network access type for accessing Log Analytics ingestion. | "Disabled" "Enabled" |
| publicNetworkAccessForQuery | The network access type for accessing Log Analytics query. | "Disabled" "Enabled" |
| retentionInDays | The workspace data retention in days. Allowed values are per pricing plan. See pricing tiers documentation for details. | int |
| sku | The SKU of the workspace. | WorkspaceSku |
| workspaceCapping | The daily volume cap for ingestion. | WorkspaceCapping |
WorkspaceFeatures
| Name | Description | Value |
|---|---|---|
| clusterResourceId | Dedicated LA cluster resourceId that is linked to the workspaces. | string |
| disableLocalAuth | Disable Non-AAD based Auth. | bool |
| enableDataExport | Flag that indicate if data should be exported. | bool |
| enableLogAccessUsingOnlyResourcePermissions | Flag that indicate which permission to use - resource or workspace or both. | bool |
| immediatePurgeDataOn30Days | Flag that describes if we want to remove the data after 30 days. | bool |
| {customized property} |
WorkspaceSku
| Name | Description | Value |
|---|---|---|
| capacityReservationLevel | The capacity reservation level in GB for this workspace, when CapacityReservation sku is selected. | int |
| name | The name of the SKU. | "CapacityReservation" "Free" "LACluster" "PerGB2018" "PerNode" "Premium" "Standalone" "Standard" (required) |
WorkspaceCapping
| Name | Description | Value |
|---|---|---|
| dailyQuotaGb | The workspace daily quota for ingestion. | int |