diff --git a/constructs/Microsoft.Compute/virtualMachinesMultiple/deploy.bicep b/constructs/Microsoft.Compute/virtualMachinesMultiple/deploy.bicep index 52bcc16478..773b666883 100644 --- a/constructs/Microsoft.Compute/virtualMachinesMultiple/deploy.bicep +++ b/constructs/Microsoft.Compute/virtualMachinesMultiple/deploy.bicep @@ -126,16 +126,15 @@ param nicConfigurations array @description('Optional. The name of the PIP diagnostic setting, if deployed.') param pipDiagnosticSettingsName string = '' -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'DDoSProtectionNotifications' 'DDoSMitigationFlowLogs' 'DDoSMitigationReports' ]) param pipdiagnosticLogCategoriesToEnable array = [ - 'DDoSProtectionNotifications' - 'DDoSMitigationFlowLogs' - 'DDoSMitigationReports' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/docs/wiki/The library - Module design.md b/docs/wiki/The library - Module design.md index 5bc473fce7..b5e458d8ec 100644 --- a/docs/wiki/The library - Module design.md +++ b/docs/wiki/The library - Module design.md @@ -273,7 +273,7 @@ param diagnosticEventHubAuthorizationRuleId string = '' @description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category.') param diagnosticEventHubName string = '' -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ ]) @@ -559,16 +559,16 @@ Module test files follow these general guidelines: In addition, they follow these file-type-specific guidelines: - - Each scenario should be setup in its own sub-folder (e.g. `.test/linux`) - - Sub-folder names should ideally relate to the content they deploy. For example, a sub-folder `min` should be chosen for a scenario in which only the minimum set of parameters are used to deploy the module. - - Each folder should contain at least a file `deploy.test.bicep` and optionally an additional `dependencies.bicep` file. The `deploy.test.bicep` file should deploy any immediate dependencies (e.g. a resource group, if required) and invoke the module's main template while providing all parameters for a given test scenario. The `dependencies.bicep` should optionally be used if any additional dependencies must be deployed into a nested scope (e.g. into a deployed resource group). - - Parameters - - Each file should define a parameter `serviceShort`. This parameter should be unique to this file (i.e, no two test files should share the same) as it is injected into all resource deployments, making them unique too and account for corresponding requirements. As a reference you can create a identifier by combining a substring of the resource type and test scenario (e.g., in case of a Linux Virtual Machine Deployment: `vmlin`) - - If the module deploys a resource group level resource, the template should further have a `resourceGroupName` parameter and subsequent resource deployment. As a reference for the default name you can use `ms..-${serviceShort}-test-rg`. - - Each file should also provide a `location` parameter that may default to the deployments default location - - It is recommended to define all major resource names in the `deploy.test.bicep` file as it makes later maintenance easier. To implement this, make sure to pass all resource names to any referenced module. - - References to dependencies should be implemented using resource references in combination with outputs. In other words: You should not hardcode any references into the module template's deployment. Instead use references such as `resourceGroupResources.outputs.managedIdentityPrincipalId` - - If any diagnostic resources (e.g., a Log Analytics workspace) are required for a test scenario, you can reference the centralized `modules/.shared/dependencyConstructs/diagnostic.dependencies.bicep` template. It will also provide you with all outputs you'd need. +- Each scenario should be setup in its own sub-folder (e.g. `.test/linux`) +- Sub-folder names should ideally relate to the content they deploy. For example, a sub-folder `min` should be chosen for a scenario in which only the minimum set of parameters are used to deploy the module. +- Each folder should contain at least a file `deploy.test.bicep` and optionally an additional `dependencies.bicep` file. The `deploy.test.bicep` file should deploy any immediate dependencies (e.g. a resource group, if required) and invoke the module's main template while providing all parameters for a given test scenario. The `dependencies.bicep` should optionally be used if any additional dependencies must be deployed into a nested scope (e.g. into a deployed resource group). +- Parameters + - Each file should define a parameter `serviceShort`. This parameter should be unique to this file (i.e, no two test files should share the same) as it is injected into all resource deployments, making them unique too and account for corresponding requirements. As a reference you can create a identifier by combining a substring of the resource type and test scenario (e.g., in case of a Linux Virtual Machine Deployment: `vmlin`) + - If the module deploys a resource group level resource, the template should further have a `resourceGroupName` parameter and subsequent resource deployment. As a reference for the default name you can use `ms..-${serviceShort}-test-rg`. + - Each file should also provide a `location` parameter that may default to the deployments default location +- It is recommended to define all major resource names in the `deploy.test.bicep` file as it makes later maintenance easier. To implement this, make sure to pass all resource names to any referenced module. +- References to dependencies should be implemented using resource references in combination with outputs. In other words: You should not hardcode any references into the module template's deployment. Instead use references such as `resourceGroupResources.outputs.managedIdentityPrincipalId` +- If any diagnostic resources (e.g., a Log Analytics workspace) are required for a test scenario, you can reference the centralized `modules/.shared/dependencyConstructs/diagnostic.dependencies.bicep` template. It will also provide you with all outputs you'd need.
Example (for a resource group level resource) diff --git a/modules/Microsoft.AAD/DomainServices/deploy.bicep b/modules/Microsoft.AAD/DomainServices/deploy.bicep index a09a09dd23..f492a7765a 100644 --- a/modules/Microsoft.AAD/DomainServices/deploy.bicep +++ b/modules/Microsoft.AAD/DomainServices/deploy.bicep @@ -145,8 +145,9 @@ param lock string = '' @description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'SystemSecurity' 'AccountManagement' 'LogonLogoff' @@ -157,20 +158,12 @@ param roleAssignments array = [] 'DirectoryServiceAccess' 'AccountLogon' ]) -param logsToEnable array = [ - 'SystemSecurity' - 'AccountManagement' - 'LogonLogoff' - 'ObjectAccess' - 'PolicyChange' - 'PrivilegeUse' - 'DetailTracking' - 'DirectoryServiceAccess' - 'AccountLogon' +param diagnosticLogCategoriesToEnable array = [ + 'allLogs' ] -var diagnosticsLogs = [for log in logsToEnable: { - category: log +var diagnosticsLogs = [for category in diagnosticLogCategoriesToEnable: { + category: category enabled: true retentionPolicy: { enabled: true diff --git a/modules/Microsoft.AAD/DomainServices/readme.md b/modules/Microsoft.AAD/DomainServices/readme.md index 45ec67d0c4..dd917ee5ea 100644 --- a/modules/Microsoft.AAD/DomainServices/readme.md +++ b/modules/Microsoft.AAD/DomainServices/readme.md @@ -42,6 +42,7 @@ This template deploys Azure Active Directory Domain Services (AADDS). | `additionalRecipients` | array | `[]` | | The email recipient value to receive alerts. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[AccountLogon, AccountManagement, allLogs, DetailTracking, DirectoryServiceAccess, LogonLogoff, ObjectAccess, PolicyChange, PrivilegeUse, SystemSecurity]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | @@ -54,7 +55,6 @@ This template deploys Azure Active Directory Domain Services (AADDS). | `ldaps` | string | `'Enabled'` | `[Disabled, Enabled]` | A flag to determine whether or not Secure LDAP is enabled or disabled. | | `location` | string | `[resourceGroup().location]` | | The location to deploy the Azure ADDS Services. | | `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `logsToEnable` | array | `[AccountLogon, AccountManagement, DetailTracking, DirectoryServiceAccess, LogonLogoff, ObjectAccess, PolicyChange, PrivilegeUse, SystemSecurity]` | `[AccountLogon, AccountManagement, DetailTracking, DirectoryServiceAccess, LogonLogoff, ObjectAccess, PolicyChange, PrivilegeUse, SystemSecurity]` | The name of logs that will be streamed. | | `name` | string | `[parameters('domainName')]` | | The name of the AADDS resource. Defaults to the domain name specific to the Azure ADDS service. | | `notifyDcAdmins` | string | `'Enabled'` | `[Disabled, Enabled]` | The value is to notify the DC Admins. | | `notifyGlobalAdmins` | string | `'Enabled'` | `[Disabled, Enabled]` | The value is to notify the Global Admins. | diff --git a/modules/Microsoft.AnalysisServices/servers/deploy.bicep b/modules/Microsoft.AnalysisServices/servers/deploy.bicep index 393d19e13d..a202b610ad 100644 --- a/modules/Microsoft.AnalysisServices/servers/deploy.bicep +++ b/modules/Microsoft.AnalysisServices/servers/deploy.bicep @@ -56,14 +56,14 @@ param tags object = {} @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'Engine' 'Service' ]) param diagnosticLogCategoriesToEnable array = [ - 'Engine' - 'Service' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.AnalysisServices/servers/readme.md b/modules/Microsoft.AnalysisServices/servers/readme.md index 425e5fe6f2..423f6ffba2 100644 --- a/modules/Microsoft.AnalysisServices/servers/readme.md +++ b/modules/Microsoft.AnalysisServices/servers/readme.md @@ -33,7 +33,7 @@ This module deploys an Analysis Services Server. | :-- | :-- | :-- | :-- | :-- | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[Engine, Service]` | `[Engine, Service]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, Engine, Service]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.ApiManagement/service/deploy.bicep b/modules/Microsoft.ApiManagement/service/deploy.bicep index a881d2b025..b016285db8 100644 --- a/modules/Microsoft.ApiManagement/service/deploy.bicep +++ b/modules/Microsoft.ApiManagement/service/deploy.bicep @@ -109,12 +109,13 @@ param diagnosticWorkspaceId string = '' @description('Optional. A list of availability zones denoting where the resource needs to come from.') param zones array = [] -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'GatewayLogs' ]) param diagnosticLogCategoriesToEnable array = [ - 'GatewayLogs' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.ApiManagement/service/readme.md b/modules/Microsoft.ApiManagement/service/readme.md index b2bb3ece95..ae4a06715a 100644 --- a/modules/Microsoft.ApiManagement/service/readme.md +++ b/modules/Microsoft.ApiManagement/service/readme.md @@ -58,7 +58,7 @@ This module deploys an API management service. | `customProperties` | object | `{object}` | | Custom properties of the API Management service. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[GatewayLogs]` | `[GatewayLogs]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, GatewayLogs]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.AppConfiguration/configurationStores/deploy.bicep b/modules/Microsoft.AppConfiguration/configurationStores/deploy.bicep index 950013a1e2..f8e5d78c23 100644 --- a/modules/Microsoft.AppConfiguration/configurationStores/deploy.bicep +++ b/modules/Microsoft.AppConfiguration/configurationStores/deploy.bicep @@ -80,14 +80,14 @@ param tags object = {} @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'HttpRequest' 'Audit' ]) param diagnosticLogCategoriesToEnable array = [ - 'HttpRequest' - 'Audit' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.AppConfiguration/configurationStores/readme.md b/modules/Microsoft.AppConfiguration/configurationStores/readme.md index 92ae12c1d4..93bd19f20f 100644 --- a/modules/Microsoft.AppConfiguration/configurationStores/readme.md +++ b/modules/Microsoft.AppConfiguration/configurationStores/readme.md @@ -37,7 +37,7 @@ This module deploys an App Configuration Store. | `createMode` | string | `'Default'` | `[Default, Recover]` | Indicates whether the configuration store need to be recovered. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[Audit, HttpRequest]` | `[Audit, HttpRequest]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, Audit, HttpRequest]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.Automation/automationAccounts/deploy.bicep b/modules/Microsoft.Automation/automationAccounts/deploy.bicep index e0ecd96a58..4dc3674df1 100644 --- a/modules/Microsoft.Automation/automationAccounts/deploy.bicep +++ b/modules/Microsoft.Automation/automationAccounts/deploy.bicep @@ -101,16 +101,15 @@ param tags object = {} @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'JobLogs' 'JobStreams' 'DscNodeStatus' ]) param diagnosticLogCategoriesToEnable array = [ - 'JobLogs' - 'JobStreams' - 'DscNodeStatus' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.Automation/automationAccounts/readme.md b/modules/Microsoft.Automation/automationAccounts/readme.md index 92e81ecc1c..7566fa2269 100644 --- a/modules/Microsoft.Automation/automationAccounts/readme.md +++ b/modules/Microsoft.Automation/automationAccounts/readme.md @@ -52,7 +52,7 @@ This module deploys an Azure Automation Account. | `cMKKeyVersion` | string | `''` | | The version of the customer managed key to reference for encryption. If not provided, the latest key version is used. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[DscNodeStatus, JobLogs, JobStreams]` | `[DscNodeStatus, JobLogs, JobStreams]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, DscNodeStatus, JobLogs, JobStreams]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.Batch/batchAccounts/deploy.bicep b/modules/Microsoft.Batch/batchAccounts/deploy.bicep index 1fe112450b..22ca1510d9 100644 --- a/modules/Microsoft.Batch/batchAccounts/deploy.bicep +++ b/modules/Microsoft.Batch/batchAccounts/deploy.bicep @@ -102,12 +102,13 @@ param cMKKeyVersion string = '' @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'ServiceLog' ]) param diagnosticLogCategoriesToEnable array = [ - 'ServiceLog' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.Batch/batchAccounts/readme.md b/modules/Microsoft.Batch/batchAccounts/readme.md index aed3605a35..6bb48c7fb9 100644 --- a/modules/Microsoft.Batch/batchAccounts/readme.md +++ b/modules/Microsoft.Batch/batchAccounts/readme.md @@ -44,7 +44,7 @@ | `cMKKeyVersion` | string | `''` | | The version of the customer managed key to reference for encryption. If not provided, the latest key version is used. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[ServiceLog]` | `[ServiceLog]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, ServiceLog]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.Cache/redis/deploy.bicep b/modules/Microsoft.Cache/redis/deploy.bicep index 7b36ea430d..1487170031 100644 --- a/modules/Microsoft.Cache/redis/deploy.bicep +++ b/modules/Microsoft.Cache/redis/deploy.bicep @@ -117,12 +117,13 @@ param diagnosticEventHubAuthorizationRuleId string = '' @description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticEventHubName string = '' -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'ConnectedClientList' ]) param diagnosticLogCategoriesToEnable array = [ - 'ConnectedClientList' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.Cache/redis/readme.md b/modules/Microsoft.Cache/redis/readme.md index 76b3530aa9..341a37d366 100644 --- a/modules/Microsoft.Cache/redis/readme.md +++ b/modules/Microsoft.Cache/redis/readme.md @@ -36,7 +36,7 @@ This module deploys a Redis Cache service. | `capacity` | int | `1` | `[0, 1, 2, 3, 4, 5, 6]` | The size of the Redis cache to deploy. Valid values: for C (Basic/Standard) family (0, 1, 2, 3, 4, 5, 6), for P (Premium) family (1, 2, 3, 4). | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | -| `diagnosticLogCategoriesToEnable` | array | `[ConnectedClientList]` | `[ConnectedClientList]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, ConnectedClientList]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.CognitiveServices/accounts/deploy.bicep b/modules/Microsoft.CognitiveServices/accounts/deploy.bicep index d73c99145d..8d19004df9 100644 --- a/modules/Microsoft.CognitiveServices/accounts/deploy.bicep +++ b/modules/Microsoft.CognitiveServices/accounts/deploy.bicep @@ -146,14 +146,14 @@ param userOwnedStorage array = [] @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'Audit' 'RequestResponse' ]) param diagnosticLogCategoriesToEnable array = [ - 'Audit' - 'RequestResponse' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.CognitiveServices/accounts/readme.md b/modules/Microsoft.CognitiveServices/accounts/readme.md index 5989c79ec3..cf0b0cfe54 100644 --- a/modules/Microsoft.CognitiveServices/accounts/readme.md +++ b/modules/Microsoft.CognitiveServices/accounts/readme.md @@ -50,7 +50,7 @@ This module deploys different kinds of cognitive services resources | `cMKKeyVersion` | string | `''` | | The version of the customer managed key to reference for encryption. If not provided, latest is used. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[Audit, RequestResponse]` | `[Audit, RequestResponse]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, Audit, RequestResponse]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.Compute/virtualMachines/deploy.bicep b/modules/Microsoft.Compute/virtualMachines/deploy.bicep index 90e86fb3fc..444797bcd8 100644 --- a/modules/Microsoft.Compute/virtualMachines/deploy.bicep +++ b/modules/Microsoft.Compute/virtualMachines/deploy.bicep @@ -119,16 +119,15 @@ param nicConfigurations array @description('Optional. The name of the PIP diagnostic setting, if deployed.') param pipDiagnosticSettingsName string = '${name}-diagnosticSettings' -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'DDoSProtectionNotifications' 'DDoSMitigationFlowLogs' 'DDoSMitigationReports' ]) param pipdiagnosticLogCategoriesToEnable array = [ - 'DDoSProtectionNotifications' - 'DDoSMitigationFlowLogs' - 'DDoSMitigationReports' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.Compute/virtualMachines/readme.md b/modules/Microsoft.Compute/virtualMachines/readme.md index 8be20528ab..60fe90117c 100644 --- a/modules/Microsoft.Compute/virtualMachines/readme.md +++ b/modules/Microsoft.Compute/virtualMachines/readme.md @@ -86,7 +86,7 @@ This module deploys one Virtual Machine with one or multiple NICs and optionally | `name` | string | `[take(toLower(uniqueString(resourceGroup().name)), 10)]` | | The name of the virtual machine to be created. You should use a unique prefix to reduce name collisions in Active Directory. If no value is provided, a 10 character long unique string will be generated based on the Resource Group's name. | | `nicdiagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `nicDiagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the NIC diagnostic setting, if deployed. | -| `pipdiagnosticLogCategoriesToEnable` | array | `[DDoSMitigationFlowLogs, DDoSMitigationReports, DDoSProtectionNotifications]` | `[DDoSMitigationFlowLogs, DDoSMitigationReports, DDoSProtectionNotifications]` | The name of logs that will be streamed. | +| `pipdiagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, DDoSMitigationFlowLogs, DDoSMitigationReports, DDoSProtectionNotifications]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `pipdiagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `pipDiagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the PIP diagnostic setting, if deployed. | | `plan` | object | `{object}` | | Specifies information about the marketplace image used to create the virtual machine. This element is only used for marketplace images. Before you can use a marketplace image from an API, you must enable the image for programmatic use. | diff --git a/modules/Microsoft.ContainerRegistry/registries/deploy.bicep b/modules/Microsoft.ContainerRegistry/registries/deploy.bicep index be56754643..a853c257ac 100644 --- a/modules/Microsoft.ContainerRegistry/registries/deploy.bicep +++ b/modules/Microsoft.ContainerRegistry/registries/deploy.bicep @@ -132,14 +132,14 @@ param tags object = {} @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'ContainerRegistryRepositoryEvents' 'ContainerRegistryLoginEvents' ]) param diagnosticLogCategoriesToEnable array = [ - 'ContainerRegistryRepositoryEvents' - 'ContainerRegistryLoginEvents' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.ContainerRegistry/registries/readme.md b/modules/Microsoft.ContainerRegistry/registries/readme.md index 8b6bebaecb..9d1a8b8a63 100644 --- a/modules/Microsoft.ContainerRegistry/registries/readme.md +++ b/modules/Microsoft.ContainerRegistry/registries/readme.md @@ -51,7 +51,7 @@ Azure Container Registry is a managed, private Docker registry service based on | `dataEndpointEnabled` | bool | `False` | | Enable a single data endpoint per region for serving data. Not relevant in case of disabled public access. Note, requires the 'acrSku' to be 'Premium'. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[ContainerRegistryLoginEvents, ContainerRegistryRepositoryEvents]` | `[ContainerRegistryLoginEvents, ContainerRegistryRepositoryEvents]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, ContainerRegistryLoginEvents, ContainerRegistryRepositoryEvents]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.ContainerService/managedClusters/deploy.bicep b/modules/Microsoft.ContainerService/managedClusters/deploy.bicep index b2492bbb40..0cdba47a8a 100644 --- a/modules/Microsoft.ContainerService/managedClusters/deploy.bicep +++ b/modules/Microsoft.ContainerService/managedClusters/deploy.bicep @@ -295,8 +295,9 @@ param tags object = {} @description('Optional. The resource ID of the disc encryption set to apply to the cluster. For security reasons, this value should be provided.') param diskEncryptionSetID string = '' -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'kube-apiserver' 'kube-audit' 'kube-controller-manager' @@ -306,13 +307,7 @@ param diskEncryptionSetID string = '' 'guard' ]) param diagnosticLogCategoriesToEnable array = [ - 'kube-apiserver' - 'kube-audit' - 'kube-controller-manager' - 'kube-scheduler' - 'cluster-autoscaler' - 'kube-audit-admin' - 'guard' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.ContainerService/managedClusters/readme.md b/modules/Microsoft.ContainerService/managedClusters/readme.md index e8bba8c7d4..478c736504 100644 --- a/modules/Microsoft.ContainerService/managedClusters/readme.md +++ b/modules/Microsoft.ContainerService/managedClusters/readme.md @@ -84,7 +84,7 @@ This module deploys Azure Kubernetes Cluster (AKS). | `azurePolicyVersion` | string | `'v2'` | | Specifies the azure policy version to use. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[cluster-autoscaler, guard, kube-apiserver, kube-audit, kube-audit-admin, kube-controller-manager, kube-scheduler]` | `[cluster-autoscaler, guard, kube-apiserver, kube-audit, kube-audit-admin, kube-controller-manager, kube-scheduler]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, cluster-autoscaler, guard, kube-apiserver, kube-audit, kube-audit-admin, kube-controller-manager, kube-scheduler]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.DBforPostgreSQL/flexibleServers/deploy.bicep b/modules/Microsoft.DBforPostgreSQL/flexibleServers/deploy.bicep index 7c278d48b6..d810a1dc2a 100644 --- a/modules/Microsoft.DBforPostgreSQL/flexibleServers/deploy.bicep +++ b/modules/Microsoft.DBforPostgreSQL/flexibleServers/deploy.bicep @@ -142,12 +142,13 @@ param diagnosticEventHubAuthorizationRuleId string = '' @description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category.') param diagnosticEventHubName string = '' -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'PostgreSQLLogs' ]) param diagnosticLogCategoriesToEnable array = [ - 'PostgreSQLLogs' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.DBforPostgreSQL/flexibleServers/readme.md b/modules/Microsoft.DBforPostgreSQL/flexibleServers/readme.md index e39cd78951..9ddda49113 100644 --- a/modules/Microsoft.DBforPostgreSQL/flexibleServers/readme.md +++ b/modules/Microsoft.DBforPostgreSQL/flexibleServers/readme.md @@ -46,7 +46,7 @@ This module deploys DBforPostgreSQL FlexibleServers. | `delegatedSubnetResourceId` | string | `''` | | Delegated subnet arm resource ID. Used when the desired connectivity mode is "Private Access" - virtual network integration. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[PostgreSQLLogs]` | `[PostgreSQLLogs]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, PostgreSQLLogs]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.DataFactory/factories/deploy.bicep b/modules/Microsoft.DataFactory/factories/deploy.bicep index b5a66b0af8..724cb5977f 100644 --- a/modules/Microsoft.DataFactory/factories/deploy.bicep +++ b/modules/Microsoft.DataFactory/factories/deploy.bicep @@ -88,8 +88,9 @@ param cMKKeyVersion string = '' @description('Conditional. User assigned identity to use when fetching the customer managed key. Required if \'cMKKeyName\' is not empty.') param cMKUserAssignedIdentityResourceId string = '' -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'ActivityRuns' 'PipelineRuns' 'TriggerRuns' @@ -101,15 +102,7 @@ param cMKUserAssignedIdentityResourceId string = '' 'SSISIntegrationRuntimeLogs' ]) param diagnosticLogCategoriesToEnable array = [ - 'ActivityRuns' - 'PipelineRuns' - 'TriggerRuns' - 'SSISPackageEventMessages' - 'SSISPackageExecutableStatistics' - 'SSISPackageEventMessageContext' - 'SSISPackageExecutionComponentPhases' - 'SSISPackageExecutionDataStatistics' - 'SSISIntegrationRuntimeLogs' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.DataFactory/factories/readme.md b/modules/Microsoft.DataFactory/factories/readme.md index e2a740ac09..d28c94379f 100644 --- a/modules/Microsoft.DataFactory/factories/readme.md +++ b/modules/Microsoft.DataFactory/factories/readme.md @@ -45,7 +45,7 @@ | `cMKKeyVersion` | string | `''` | | The version of the customer managed key to reference for encryption. If not provided, the latest key version is used. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[ActivityRuns, PipelineRuns, SSISIntegrationRuntimeLogs, SSISPackageEventMessageContext, SSISPackageEventMessages, SSISPackageExecutableStatistics, SSISPackageExecutionComponentPhases, SSISPackageExecutionDataStatistics, TriggerRuns]` | `[ActivityRuns, PipelineRuns, SSISIntegrationRuntimeLogs, SSISPackageEventMessageContext, SSISPackageEventMessages, SSISPackageExecutableStatistics, SSISPackageExecutionComponentPhases, SSISPackageExecutionDataStatistics, TriggerRuns]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[ActivityRuns, allLogs, PipelineRuns, SSISIntegrationRuntimeLogs, SSISPackageEventMessageContext, SSISPackageEventMessages, SSISPackageExecutableStatistics, SSISPackageExecutionComponentPhases, SSISPackageExecutionDataStatistics, TriggerRuns]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.Databricks/workspaces/deploy.bicep b/modules/Microsoft.Databricks/workspaces/deploy.bicep index 6185136128..f2e43dd40f 100644 --- a/modules/Microsoft.Databricks/workspaces/deploy.bicep +++ b/modules/Microsoft.Databricks/workspaces/deploy.bicep @@ -52,8 +52,9 @@ param tags object = {} @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'dbfs' 'clusters' 'accounts' @@ -66,16 +67,7 @@ param enableDefaultTelemetry bool = true 'instancePools' ]) param diagnosticLogCategoriesToEnable array = [ - 'dbfs' - 'clusters' - 'accounts' - 'jobs' - 'notebook' - 'ssh' - 'workspace' - 'secrets' - 'sqlPermissions' - 'instancePools' + 'allLogs' ] @description('Optional. The name of the diagnostic setting, if deployed.') diff --git a/modules/Microsoft.Databricks/workspaces/readme.md b/modules/Microsoft.Databricks/workspaces/readme.md index 480d9845ff..9e33368efe 100644 --- a/modules/Microsoft.Databricks/workspaces/readme.md +++ b/modules/Microsoft.Databricks/workspaces/readme.md @@ -31,7 +31,7 @@ | :-- | :-- | :-- | :-- | :-- | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[accounts, clusters, dbfs, instancePools, jobs, notebook, secrets, sqlPermissions, ssh, workspace]` | `[accounts, clusters, dbfs, instancePools, jobs, notebook, secrets, sqlPermissions, ssh, workspace]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[accounts, allLogs, clusters, dbfs, instancePools, jobs, notebook, secrets, sqlPermissions, ssh, workspace]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | diff --git a/modules/Microsoft.DesktopVirtualization/applicationgroups/deploy.bicep b/modules/Microsoft.DesktopVirtualization/applicationgroups/deploy.bicep index 2f1d5e587f..adbf0301f7 100644 --- a/modules/Microsoft.DesktopVirtualization/applicationgroups/deploy.bicep +++ b/modules/Microsoft.DesktopVirtualization/applicationgroups/deploy.bicep @@ -55,16 +55,15 @@ param tags object = {} @sys.description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@sys.description('Optional. The name of logs that will be streamed.') +@sys.description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'Checkpoint' 'Error' 'Management' ]) param diagnosticLogCategoriesToEnable array = [ - 'Checkpoint' - 'Error' - 'Management' + 'allLogs' ] @sys.description('Optional. List of applications to be created in the Application Group.') diff --git a/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md b/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md index e8d38af24f..4541711805 100644 --- a/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md +++ b/modules/Microsoft.DesktopVirtualization/applicationgroups/readme.md @@ -38,7 +38,7 @@ This module deploys an Azure virtual desktop application group. | `description` | string | `''` | | The description of the Application Group to be created. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[Checkpoint, Error, Management]` | `[Checkpoint, Error, Management]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, Checkpoint, Error, Management]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | diff --git a/modules/Microsoft.DesktopVirtualization/hostpools/deploy.bicep b/modules/Microsoft.DesktopVirtualization/hostpools/deploy.bicep index 2126907d0f..d6ff02b885 100644 --- a/modules/Microsoft.DesktopVirtualization/hostpools/deploy.bicep +++ b/modules/Microsoft.DesktopVirtualization/hostpools/deploy.bicep @@ -97,8 +97,9 @@ param startVMOnConnect bool = false @description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'Checkpoint' 'Error' 'Management' @@ -107,12 +108,7 @@ param roleAssignments array = [] 'AgentHealthStatus' ]) param diagnosticLogCategoriesToEnable array = [ - 'Checkpoint' - 'Error' - 'Management' - 'Connection' - 'HostRegistration' - 'AgentHealthStatus' + 'allLogs' ] @description('Optional. The name of the diagnostic setting, if deployed.') diff --git a/modules/Microsoft.DesktopVirtualization/hostpools/readme.md b/modules/Microsoft.DesktopVirtualization/hostpools/readme.md index 88daf2da69..e39711a77c 100644 --- a/modules/Microsoft.DesktopVirtualization/hostpools/readme.md +++ b/modules/Microsoft.DesktopVirtualization/hostpools/readme.md @@ -34,7 +34,7 @@ This module deploys an Azure virtual desktop host pool. | `customRdpProperty` | string | `'audiocapturemode:i:1;audiomode:i:0;drivestoredirect:s:;redirectclipboard:i:1;redirectcomports:i:1;redirectprinters:i:1;redirectsmartcards:i:1;screen mode id:i:2;'` | | Host Pool RDP properties. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[AgentHealthStatus, Checkpoint, Connection, Error, HostRegistration, Management]` | `[AgentHealthStatus, Checkpoint, Connection, Error, HostRegistration, Management]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[AgentHealthStatus, allLogs, Checkpoint, Connection, Error, HostRegistration, Management]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | diff --git a/modules/Microsoft.DesktopVirtualization/scalingplans/deploy.bicep b/modules/Microsoft.DesktopVirtualization/scalingplans/deploy.bicep index 950e2527ff..478631322f 100644 --- a/modules/Microsoft.DesktopVirtualization/scalingplans/deploy.bicep +++ b/modules/Microsoft.DesktopVirtualization/scalingplans/deploy.bicep @@ -94,16 +94,17 @@ param roleAssignments array = [] @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'Autoscale' ]) -param logsToEnable array = [ - 'Autoscale' +param diagnosticLogCategoriesToEnable array = [ + 'allLogs' ] -var diagnosticsLogs = [for log in logsToEnable: { - category: log +var diagnosticsLogs = [for category in diagnosticLogCategoriesToEnable: { + category: category enabled: true retentionPolicy: { enabled: true diff --git a/modules/Microsoft.DesktopVirtualization/scalingplans/readme.md b/modules/Microsoft.DesktopVirtualization/scalingplans/readme.md index 4605084567..4f046329ce 100644 --- a/modules/Microsoft.DesktopVirtualization/scalingplans/readme.md +++ b/modules/Microsoft.DesktopVirtualization/scalingplans/readme.md @@ -32,6 +32,7 @@ This module deploys an AVD Scaling Plan. | :-- | :-- | :-- | :-- | :-- | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, Autoscale]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | @@ -41,7 +42,6 @@ This module deploys an AVD Scaling Plan. | `hostPoolReferences` | array | `[]` | | An array of references to hostpools. | | `hostPoolType` | string | `'Pooled'` | `[Pooled]` | The type of hostpool where this scaling plan should be applied. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `logsToEnable` | array | `[Autoscale]` | `[Autoscale]` | The name of logs that will be streamed. | | `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `scalingplanDescription` | string | `[parameters('name')]` | | Description of the scaling plan. | | `schedules` | array | `[System.Management.Automation.OrderedHashtable]` | | The schedules related to this scaling plan. If no value is provided a default schedule will be provided. | diff --git a/modules/Microsoft.DesktopVirtualization/workspaces/deploy.bicep b/modules/Microsoft.DesktopVirtualization/workspaces/deploy.bicep index c843a258e2..d60c9ac698 100644 --- a/modules/Microsoft.DesktopVirtualization/workspaces/deploy.bicep +++ b/modules/Microsoft.DesktopVirtualization/workspaces/deploy.bicep @@ -47,18 +47,16 @@ param enableDefaultTelemetry bool = true @description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'Checkpoint' 'Error' 'Management' 'Feed' ]) param diagnosticLogCategoriesToEnable array = [ - 'Checkpoint' - 'Error' - 'Management' - 'Feed' + 'allLogs' ] @description('Optional. The name of the diagnostic setting, if deployed.') diff --git a/modules/Microsoft.DesktopVirtualization/workspaces/readme.md b/modules/Microsoft.DesktopVirtualization/workspaces/readme.md index 8f36cfc841..649924807c 100644 --- a/modules/Microsoft.DesktopVirtualization/workspaces/readme.md +++ b/modules/Microsoft.DesktopVirtualization/workspaces/readme.md @@ -34,7 +34,7 @@ This module deploys an Azure virtual desktop workspace. | `appGroupResourceIds` | array | `[]` | | Resource IDs for the existing Application groups this workspace will group together. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[Checkpoint, Error, Feed, Management]` | `[Checkpoint, Error, Feed, Management]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, Checkpoint, Error, Feed, Management]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | diff --git a/modules/Microsoft.DocumentDB/databaseAccounts/deploy.bicep b/modules/Microsoft.DocumentDB/databaseAccounts/deploy.bicep index ce602d875d..17d08c416a 100644 --- a/modules/Microsoft.DocumentDB/databaseAccounts/deploy.bicep +++ b/modules/Microsoft.DocumentDB/databaseAccounts/deploy.bicep @@ -94,8 +94,9 @@ param diagnosticEventHubAuthorizationRuleId string = '' @description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category.') param diagnosticEventHubName string = '' -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'DataPlaneRequests' 'MongoRequests' 'QueryRuntimeStatistics' @@ -107,15 +108,7 @@ param diagnosticEventHubName string = '' 'TableApiRequests' ]) param diagnosticLogCategoriesToEnable array = [ - 'DataPlaneRequests' - 'MongoRequests' - 'QueryRuntimeStatistics' - 'PartitionKeyStatistics' - 'PartitionKeyRUConsumption' - 'ControlPlaneRequests' - 'CassandraRequests' - 'GremlinRequests' - 'TableApiRequests' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.DocumentDB/databaseAccounts/readme.md b/modules/Microsoft.DocumentDB/databaseAccounts/readme.md index 07187d33e5..1348fad70b 100644 --- a/modules/Microsoft.DocumentDB/databaseAccounts/readme.md +++ b/modules/Microsoft.DocumentDB/databaseAccounts/readme.md @@ -49,7 +49,7 @@ This module deploys a DocumentDB database account and its child resources. | `defaultConsistencyLevel` | string | `'Session'` | `[BoundedStaleness, ConsistentPrefix, Eventual, Session, Strong]` | The default consistency level of the Cosmos DB account. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[CassandraRequests, ControlPlaneRequests, DataPlaneRequests, GremlinRequests, MongoRequests, PartitionKeyRUConsumption, PartitionKeyStatistics, QueryRuntimeStatistics, TableApiRequests]` | `[CassandraRequests, ControlPlaneRequests, DataPlaneRequests, GremlinRequests, MongoRequests, PartitionKeyRUConsumption, PartitionKeyStatistics, QueryRuntimeStatistics, TableApiRequests]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, CassandraRequests, ControlPlaneRequests, DataPlaneRequests, GremlinRequests, MongoRequests, PartitionKeyRUConsumption, PartitionKeyStatistics, QueryRuntimeStatistics, TableApiRequests]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[Requests]` | `[Requests]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.EventGrid/systemTopics/deploy.bicep b/modules/Microsoft.EventGrid/systemTopics/deploy.bicep index 58e2437080..0dec180e67 100644 --- a/modules/Microsoft.EventGrid/systemTopics/deploy.bicep +++ b/modules/Microsoft.EventGrid/systemTopics/deploy.bicep @@ -57,12 +57,13 @@ var identity = identityType != 'None' ? { userAssignedIdentities: !empty(userAssignedIdentities) ? userAssignedIdentities : null } : null -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'DeliveryFailures' ]) param diagnosticLogCategoriesToEnable array = [ - 'DeliveryFailures' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.EventGrid/systemTopics/readme.md b/modules/Microsoft.EventGrid/systemTopics/readme.md index 06aae35eb6..5be134a402 100644 --- a/modules/Microsoft.EventGrid/systemTopics/readme.md +++ b/modules/Microsoft.EventGrid/systemTopics/readme.md @@ -35,7 +35,7 @@ This module deploys an Event Grid System Topic. | :-- | :-- | :-- | :-- | :-- | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[DeliveryFailures]` | `[DeliveryFailures]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, DeliveryFailures]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.EventGrid/topics/deploy.bicep b/modules/Microsoft.EventGrid/topics/deploy.bicep index 154d13eced..0e3c7db24c 100644 --- a/modules/Microsoft.EventGrid/topics/deploy.bicep +++ b/modules/Microsoft.EventGrid/topics/deploy.bicep @@ -52,14 +52,14 @@ param tags object = {} @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'DeliveryFailures' 'PublishFailures' ]) param diagnosticLogCategoriesToEnable array = [ - 'DeliveryFailures' - 'PublishFailures' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.EventGrid/topics/readme.md b/modules/Microsoft.EventGrid/topics/readme.md index 53e13f73b4..6f527140d9 100644 --- a/modules/Microsoft.EventGrid/topics/readme.md +++ b/modules/Microsoft.EventGrid/topics/readme.md @@ -35,7 +35,7 @@ This module deploys an event grid topic. | :-- | :-- | :-- | :-- | :-- | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[DeliveryFailures, PublishFailures]` | `[DeliveryFailures, PublishFailures]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, DeliveryFailures, PublishFailures]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.EventHub/namespaces/deploy.bicep b/modules/Microsoft.EventHub/namespaces/deploy.bicep index b20067d609..b51774528a 100644 --- a/modules/Microsoft.EventHub/namespaces/deploy.bicep +++ b/modules/Microsoft.EventHub/namespaces/deploy.bicep @@ -92,8 +92,9 @@ param eventHubs array = [] @description('Optional. The disaster recovery config for this namespace.') param disasterRecoveryConfig object = {} -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'ArchiveLogs' 'OperationalLogs' 'AutoScaleLogs' @@ -105,15 +106,7 @@ param disasterRecoveryConfig object = {} 'ApplicationMetricsLogs' ]) param diagnosticLogCategoriesToEnable array = [ - 'ArchiveLogs' - 'OperationalLogs' - 'AutoScaleLogs' - 'KafkaCoordinatorLogs' - 'KafkaUserErrorLogs' - 'EventHubVNetConnectionEvent' - 'CustomerManagedKeyUserLogs' - 'RuntimeAuditLogs' - 'ApplicationMetricsLogs' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.EventHub/namespaces/readme.md b/modules/Microsoft.EventHub/namespaces/readme.md index ec16cf38fb..8fddb8c47e 100644 --- a/modules/Microsoft.EventHub/namespaces/readme.md +++ b/modules/Microsoft.EventHub/namespaces/readme.md @@ -42,7 +42,7 @@ This module deploys an event hub namespace. | `authorizationRules` | _[authorizationRules](authorizationRules/readme.md)_ array | `[System.Management.Automation.OrderedHashtable]` | | Authorization Rules for the Event Hub namespace. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[ApplicationMetricsLogs, ArchiveLogs, AutoScaleLogs, CustomerManagedKeyUserLogs, EventHubVNetConnectionEvent, KafkaCoordinatorLogs, KafkaUserErrorLogs, OperationalLogs, RuntimeAuditLogs]` | `[ApplicationMetricsLogs, ArchiveLogs, AutoScaleLogs, CustomerManagedKeyUserLogs, EventHubVNetConnectionEvent, KafkaCoordinatorLogs, KafkaUserErrorLogs, OperationalLogs, RuntimeAuditLogs]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, ApplicationMetricsLogs, ArchiveLogs, AutoScaleLogs, CustomerManagedKeyUserLogs, EventHubVNetConnectionEvent, KafkaCoordinatorLogs, KafkaUserErrorLogs, OperationalLogs, RuntimeAuditLogs]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.Insights/diagnosticSettings/deploy.bicep b/modules/Microsoft.Insights/diagnosticSettings/deploy.bicep index 298cc90804..7458ea7ada 100644 --- a/modules/Microsoft.Insights/diagnosticSettings/deploy.bicep +++ b/modules/Microsoft.Insights/diagnosticSettings/deploy.bicep @@ -22,8 +22,9 @@ param diagnosticEventHubAuthorizationRuleId string = '' @description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category.') param diagnosticEventHubName string = '' -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'Administrative' 'Security' 'ServiceHealth' @@ -34,14 +35,7 @@ param diagnosticEventHubName string = '' 'ResourceHealth' ]) param diagnosticLogCategoriesToEnable array = [ - 'Administrative' - 'Security' - 'ServiceHealth' - 'Alert' - 'Recommendation' - 'Policy' - 'Autoscale' - 'ResourceHealth' + 'allLogs' ] @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') diff --git a/modules/Microsoft.Insights/diagnosticSettings/readme.md b/modules/Microsoft.Insights/diagnosticSettings/readme.md index b63c38c4e8..c1bd2f81ac 100644 --- a/modules/Microsoft.Insights/diagnosticSettings/readme.md +++ b/modules/Microsoft.Insights/diagnosticSettings/readme.md @@ -24,7 +24,7 @@ This module deploys a subscription wide export of the activity log. | :-- | :-- | :-- | :-- | :-- | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[Administrative, Alert, Autoscale, Policy, Recommendation, ResourceHealth, Security, ServiceHealth]` | `[Administrative, Alert, Autoscale, Policy, Recommendation, ResourceHealth, Security, ServiceHealth]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[Administrative, Alert, allLogs, Autoscale, Policy, Recommendation, ResourceHealth, Security, ServiceHealth]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | diff --git a/modules/Microsoft.KeyVault/vaults/deploy.bicep b/modules/Microsoft.KeyVault/vaults/deploy.bicep index ffc6d4d515..1095ca7329 100644 --- a/modules/Microsoft.KeyVault/vaults/deploy.bicep +++ b/modules/Microsoft.KeyVault/vaults/deploy.bicep @@ -97,14 +97,14 @@ param tags object = {} @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'AuditEvent' 'AzurePolicyEvaluationDetails' ]) param diagnosticLogCategoriesToEnable array = [ - 'AuditEvent' - 'AzurePolicyEvaluationDetails' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.KeyVault/vaults/readme.md b/modules/Microsoft.KeyVault/vaults/readme.md index 6fd4fdb82c..55e816e838 100644 --- a/modules/Microsoft.KeyVault/vaults/readme.md +++ b/modules/Microsoft.KeyVault/vaults/readme.md @@ -40,7 +40,7 @@ This module deploys a key vault and its child resources. | `createMode` | string | `'default'` | | The vault's create mode to indicate whether the vault need to be recovered or not. - recover or default. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | -| `diagnosticLogCategoriesToEnable` | array | `[AuditEvent, AzurePolicyEvaluationDetails]` | `[AuditEvent, AzurePolicyEvaluationDetails]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, AuditEvent, AzurePolicyEvaluationDetails]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.Logic/workflows/deploy.bicep b/modules/Microsoft.Logic/workflows/deploy.bicep index 3d71a78500..f31863e4af 100644 --- a/modules/Microsoft.Logic/workflows/deploy.bicep +++ b/modules/Microsoft.Logic/workflows/deploy.bicep @@ -97,12 +97,13 @@ param workflowStaticResults object = {} @description('Optional. The definitions for one or more triggers that instantiate your workflow. You can define more than one trigger, but only with the Workflow Definition Language, not visually through the Logic Apps Designer.') param workflowTriggers object = {} -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'WorkflowRuntime' ]) param diagnosticLogCategoriesToEnable array = [ - 'WorkflowRuntime' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.Logic/workflows/readme.md b/modules/Microsoft.Logic/workflows/readme.md index 14985e8635..738c07cfc1 100644 --- a/modules/Microsoft.Logic/workflows/readme.md +++ b/modules/Microsoft.Logic/workflows/readme.md @@ -37,7 +37,7 @@ This module deploys a Logic App resource. | `definitionParameters` | object | `{object}` | | Parameters for the definition template. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[WorkflowRuntime]` | `[WorkflowRuntime]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, WorkflowRuntime]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.MachineLearningServices/workspaces/deploy.bicep b/modules/Microsoft.MachineLearningServices/workspaces/deploy.bicep index 9481de7a34..7cb1d0b0fc 100644 --- a/modules/Microsoft.MachineLearningServices/workspaces/deploy.bicep +++ b/modules/Microsoft.MachineLearningServices/workspaces/deploy.bicep @@ -82,8 +82,9 @@ param diagnosticEventHubAuthorizationRuleId string = '' @sys.description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category.') param diagnosticEventHubName string = '' -@sys.description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'AmlComputeClusterEvent' 'AmlComputeClusterNodeEvent' 'AmlComputeJobEvent' @@ -91,11 +92,7 @@ param diagnosticEventHubName string = '' 'AmlRunStatusChangedEvent' ]) param diagnosticLogCategoriesToEnable array = [ - 'AmlComputeClusterEvent' - 'AmlComputeClusterNodeEvent' - 'AmlComputeJobEvent' - 'AmlComputeCpuGpuUtilization' - 'AmlRunStatusChangedEvent' + 'allLogs' ] @sys.description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.Network/applicationGateways/deploy.bicep b/modules/Microsoft.Network/applicationGateways/deploy.bicep index 92b5e3bf4b..37d43acbfe 100644 --- a/modules/Microsoft.Network/applicationGateways/deploy.bicep +++ b/modules/Microsoft.Network/applicationGateways/deploy.bicep @@ -186,16 +186,15 @@ param diagnosticEventHubAuthorizationRuleId string = '' @description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticEventHubName string = '' -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'ApplicationGatewayAccessLog' 'ApplicationGatewayPerformanceLog' 'ApplicationGatewayFirewallLog' ]) param diagnosticLogCategoriesToEnable array = [ - 'ApplicationGatewayAccessLog' - 'ApplicationGatewayPerformanceLog' - 'ApplicationGatewayFirewallLog' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.Network/applicationGateways/readme.md b/modules/Microsoft.Network/applicationGateways/readme.md index 7b66c3deac..9be92e8bbc 100644 --- a/modules/Microsoft.Network/applicationGateways/readme.md +++ b/modules/Microsoft.Network/applicationGateways/readme.md @@ -40,7 +40,7 @@ This module deploys Network ApplicationGateways. | `customErrorConfigurations` | array | `[]` | | Custom error configurations of the application gateway resource. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | -| `diagnosticLogCategoriesToEnable` | array | `[ApplicationGatewayAccessLog, ApplicationGatewayFirewallLog, ApplicationGatewayPerformanceLog]` | `[ApplicationGatewayAccessLog, ApplicationGatewayFirewallLog, ApplicationGatewayPerformanceLog]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, ApplicationGatewayAccessLog, ApplicationGatewayFirewallLog, ApplicationGatewayPerformanceLog]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.Network/azureFirewalls/deploy.bicep b/modules/Microsoft.Network/azureFirewalls/deploy.bicep index 97a056e6b1..6891e7f317 100644 --- a/modules/Microsoft.Network/azureFirewalls/deploy.bicep +++ b/modules/Microsoft.Network/azureFirewalls/deploy.bicep @@ -94,16 +94,15 @@ param tags object = {} @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of firewall logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'AzureFirewallApplicationRule' 'AzureFirewallNetworkRule' 'AzureFirewallDnsProxy' ]) param diagnosticLogCategoriesToEnable array = [ - 'AzureFirewallApplicationRule' - 'AzureFirewallNetworkRule' - 'AzureFirewallDnsProxy' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.Network/azureFirewalls/readme.md b/modules/Microsoft.Network/azureFirewalls/readme.md index d7e381994e..c049210a69 100644 --- a/modules/Microsoft.Network/azureFirewalls/readme.md +++ b/modules/Microsoft.Network/azureFirewalls/readme.md @@ -41,7 +41,7 @@ This module deploys a firewall. | `azureSkuTier` | string | `'Standard'` | `[Premium, Standard]` | Tier of an Azure Firewall. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[AzureFirewallApplicationRule, AzureFirewallDnsProxy, AzureFirewallNetworkRule]` | `[AzureFirewallApplicationRule, AzureFirewallDnsProxy, AzureFirewallNetworkRule]` | The name of firewall logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, AzureFirewallApplicationRule, AzureFirewallDnsProxy, AzureFirewallNetworkRule]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.Network/bastionHosts/deploy.bicep b/modules/Microsoft.Network/bastionHosts/deploy.bicep index dcddf0c0d8..b12bdc0e72 100644 --- a/modules/Microsoft.Network/bastionHosts/deploy.bicep +++ b/modules/Microsoft.Network/bastionHosts/deploy.bicep @@ -72,12 +72,13 @@ param tags object = {} @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. Optional. The name of bastion logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'BastionAuditLogs' ]) param diagnosticLogCategoriesToEnable array = [ - 'BastionAuditLogs' + 'allLogs' ] @description('Optional. The name of the diagnostic setting, if deployed.') diff --git a/modules/Microsoft.Network/bastionHosts/readme.md b/modules/Microsoft.Network/bastionHosts/readme.md index dd9cbcfa9a..22bced603c 100644 --- a/modules/Microsoft.Network/bastionHosts/readme.md +++ b/modules/Microsoft.Network/bastionHosts/readme.md @@ -36,7 +36,7 @@ This module deploys a bastion host. | `azureBastionSubnetPublicIpId` | string | `''` | | The public ip resource ID to associate to the azureBastionSubnet. If empty, then the public ip that is created as part of this module will be applied to the azureBastionSubnet. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[BastionAuditLogs]` | `[BastionAuditLogs]` | Optional. The name of bastion logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, BastionAuditLogs]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | diff --git a/modules/Microsoft.Network/expressRouteCircuits/deploy.bicep b/modules/Microsoft.Network/expressRouteCircuits/deploy.bicep index 0d5022f98b..319088f20a 100644 --- a/modules/Microsoft.Network/expressRouteCircuits/deploy.bicep +++ b/modules/Microsoft.Network/expressRouteCircuits/deploy.bicep @@ -87,12 +87,13 @@ param tags object = {} @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'PeeringRouteLog' ]) param diagnosticLogCategoriesToEnable array = [ - 'PeeringRouteLog' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.Network/expressRouteCircuits/readme.md b/modules/Microsoft.Network/expressRouteCircuits/readme.md index 8f049cdb3f..ec4e84e039 100644 --- a/modules/Microsoft.Network/expressRouteCircuits/readme.md +++ b/modules/Microsoft.Network/expressRouteCircuits/readme.md @@ -36,7 +36,7 @@ This template deploys an express route circuit. | :-- | :-- | :-- | :-- | :-- | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[PeeringRouteLog]` | `[PeeringRouteLog]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, PeeringRouteLog]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.Network/frontDoors/deploy.bicep b/modules/Microsoft.Network/frontDoors/deploy.bicep index 3c0bf10541..600943f255 100644 --- a/modules/Microsoft.Network/frontDoors/deploy.bicep +++ b/modules/Microsoft.Network/frontDoors/deploy.bicep @@ -68,8 +68,9 @@ param diagnosticEventHubAuthorizationRuleId string = '' @description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticEventHubName string = '' -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'FrontdoorAccessLog' 'FrontdoorWebApplicationFirewallLog' ]) diff --git a/modules/Microsoft.Network/frontDoors/readme.md b/modules/Microsoft.Network/frontDoors/readme.md index 83a66268b4..2e8860a57f 100644 --- a/modules/Microsoft.Network/frontDoors/readme.md +++ b/modules/Microsoft.Network/frontDoors/readme.md @@ -48,7 +48,7 @@ This module deploys Front Doors. | `friendlyName` | string | `''` | | Friendly name of the frontdoor resource. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `logsToEnable` | array | `[FrontdoorAccessLog, FrontdoorWebApplicationFirewallLog]` | `[FrontdoorAccessLog, FrontdoorWebApplicationFirewallLog]` | The name of logs that will be streamed. | +| `logsToEnable` | array | `[FrontdoorAccessLog, FrontdoorWebApplicationFirewallLog]` | `[allLogs, FrontdoorAccessLog, FrontdoorWebApplicationFirewallLog]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `metricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `sendRecvTimeoutSeconds` | int | `240` | | Certificate name check time of the frontdoor resource. | diff --git a/modules/Microsoft.Network/natGateways/deploy.bicep b/modules/Microsoft.Network/natGateways/deploy.bicep index a6333175e8..4cec79eb51 100644 --- a/modules/Microsoft.Network/natGateways/deploy.bicep +++ b/modules/Microsoft.Network/natGateways/deploy.bicep @@ -62,16 +62,15 @@ param tags object = {} @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'DDoSProtectionNotifications' 'DDoSMitigationFlowLogs' 'DDoSMitigationReports' ]) param diagnosticLogCategoriesToEnable array = [ - 'DDoSProtectionNotifications' - 'DDoSMitigationFlowLogs' - 'DDoSMitigationReports' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.Network/natGateways/readme.md b/modules/Microsoft.Network/natGateways/readme.md index d492ae2627..299e61ae10 100644 --- a/modules/Microsoft.Network/natGateways/readme.md +++ b/modules/Microsoft.Network/natGateways/readme.md @@ -34,7 +34,7 @@ This module deploys a NAT gateway. | :-- | :-- | :-- | :-- | :-- | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[DDoSMitigationFlowLogs, DDoSMitigationReports, DDoSProtectionNotifications]` | `[DDoSMitigationFlowLogs, DDoSMitigationReports, DDoSProtectionNotifications]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, DDoSMitigationFlowLogs, DDoSMitigationReports, DDoSProtectionNotifications]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.Network/networkSecurityGroups/deploy.bicep b/modules/Microsoft.Network/networkSecurityGroups/deploy.bicep index b3927c16e7..0a385da066 100644 --- a/modules/Microsoft.Network/networkSecurityGroups/deploy.bicep +++ b/modules/Microsoft.Network/networkSecurityGroups/deploy.bicep @@ -41,14 +41,14 @@ param tags object = {} @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'NetworkSecurityGroupEvent' 'NetworkSecurityGroupRuleCounter' ]) param diagnosticLogCategoriesToEnable array = [ - 'NetworkSecurityGroupEvent' - 'NetworkSecurityGroupRuleCounter' + 'allLogs' ] @description('Optional. The name of the diagnostic setting, if deployed.') diff --git a/modules/Microsoft.Network/networkSecurityGroups/readme.md b/modules/Microsoft.Network/networkSecurityGroups/readme.md index 3539c255ac..06084c8fc5 100644 --- a/modules/Microsoft.Network/networkSecurityGroups/readme.md +++ b/modules/Microsoft.Network/networkSecurityGroups/readme.md @@ -34,7 +34,7 @@ This template deploys a network security group (NSG) with optional security rule | :-- | :-- | :-- | :-- | :-- | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[NetworkSecurityGroupEvent, NetworkSecurityGroupRuleCounter]` | `[NetworkSecurityGroupEvent, NetworkSecurityGroupRuleCounter]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, NetworkSecurityGroupEvent, NetworkSecurityGroupRuleCounter]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | diff --git a/modules/Microsoft.Network/publicIPAddresses/deploy.bicep b/modules/Microsoft.Network/publicIPAddresses/deploy.bicep index 977d7e5d94..8af7a34ba3 100644 --- a/modules/Microsoft.Network/publicIPAddresses/deploy.bicep +++ b/modules/Microsoft.Network/publicIPAddresses/deploy.bicep @@ -72,16 +72,15 @@ param enableDefaultTelemetry bool = true @description('Optional. Tags of the resource.') param tags object = {} -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'DDoSProtectionNotifications' 'DDoSMitigationFlowLogs' 'DDoSMitigationReports' ]) param diagnosticLogCategoriesToEnable array = [ - 'DDoSProtectionNotifications' - 'DDoSMitigationFlowLogs' - 'DDoSMitigationReports' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.Network/publicIPAddresses/readme.md b/modules/Microsoft.Network/publicIPAddresses/readme.md index c73c05164e..1a6a27082c 100644 --- a/modules/Microsoft.Network/publicIPAddresses/readme.md +++ b/modules/Microsoft.Network/publicIPAddresses/readme.md @@ -31,7 +31,7 @@ | :-- | :-- | :-- | :-- | :-- | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[DDoSMitigationFlowLogs, DDoSMitigationReports, DDoSProtectionNotifications]` | `[DDoSMitigationFlowLogs, DDoSMitigationReports, DDoSProtectionNotifications]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, DDoSMitigationFlowLogs, DDoSMitigationReports, DDoSProtectionNotifications]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.Network/trafficmanagerprofiles/deploy.bicep b/modules/Microsoft.Network/trafficmanagerprofiles/deploy.bicep index eac5946065..4ceb9571ae 100644 --- a/modules/Microsoft.Network/trafficmanagerprofiles/deploy.bicep +++ b/modules/Microsoft.Network/trafficmanagerprofiles/deploy.bicep @@ -80,12 +80,13 @@ param tags object = {} @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'ProbeHealthStatusEvents' ]) param diagnosticLogCategoriesToEnable array = [ - 'ProbeHealthStatusEvents' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.Network/trafficmanagerprofiles/readme.md b/modules/Microsoft.Network/trafficmanagerprofiles/readme.md index e9daa1d47c..c62a3ba5a7 100644 --- a/modules/Microsoft.Network/trafficmanagerprofiles/readme.md +++ b/modules/Microsoft.Network/trafficmanagerprofiles/readme.md @@ -34,7 +34,7 @@ This module deploys a traffic manager profile. | :-- | :-- | :-- | :-- | :-- | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[ProbeHealthStatusEvents]` | `[ProbeHealthStatusEvents]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, ProbeHealthStatusEvents]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.Network/virtualNetworkGateways/deploy.bicep b/modules/Microsoft.Network/virtualNetworkGateways/deploy.bicep index 320949d7fa..d3326c096b 100644 --- a/modules/Microsoft.Network/virtualNetworkGateways/deploy.bicep +++ b/modules/Microsoft.Network/virtualNetworkGateways/deploy.bicep @@ -106,20 +106,20 @@ param tags object = {} @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'DDoSProtectionNotifications' 'DDoSMitigationFlowLogs' 'DDoSMitigationReports' ]) param publicIpdiagnosticLogCategoriesToEnable array = [ - 'DDoSProtectionNotifications' - 'DDoSMitigationFlowLogs' - 'DDoSMitigationReports' + 'allLogs' ] -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'GatewayDiagnosticLog' 'TunnelDiagnosticLog' 'RouteDiagnosticLog' @@ -127,11 +127,7 @@ param publicIpdiagnosticLogCategoriesToEnable array = [ 'P2SDiagnosticLog' ]) param virtualNetworkGatewaydiagnosticLogCategoriesToEnable array = [ - 'GatewayDiagnosticLog' - 'TunnelDiagnosticLog' - 'RouteDiagnosticLog' - 'IKEDiagnosticLog' - 'P2SDiagnosticLog' + 'allLogs' ] @description('Optional. Configuration for AAD Authentication for P2S Tunnel Type, Cannot be configured if clientRootCertData is provided.') diff --git a/modules/Microsoft.Network/virtualNetworkGateways/readme.md b/modules/Microsoft.Network/virtualNetworkGateways/readme.md index 925bc69532..76862cc50d 100644 --- a/modules/Microsoft.Network/virtualNetworkGateways/readme.md +++ b/modules/Microsoft.Network/virtualNetworkGateways/readme.md @@ -52,13 +52,13 @@ This module deploys a virtual network gateway. | `gatewayPipName` | string | `[format('{0}-pip1', parameters('name'))]` | | Specifies the name of the Public IP used by the Virtual Network Gateway. If it's not provided, a '-pip' suffix will be appended to the gateway's name. | | `location` | string | `[resourceGroup().location]` | | Location for all resources. | | `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `publicIpdiagnosticLogCategoriesToEnable` | array | `[DDoSMitigationFlowLogs, DDoSMitigationReports, DDoSProtectionNotifications]` | `[DDoSMitigationFlowLogs, DDoSMitigationReports, DDoSProtectionNotifications]` | The name of logs that will be streamed. | +| `publicIpdiagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, DDoSMitigationFlowLogs, DDoSMitigationReports, DDoSProtectionNotifications]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `publicIpDiagnosticSettingsName` | string | `'diagnosticSettings'` | | The name of the diagnostic setting, if deployed. | | `publicIPPrefixResourceId` | string | `''` | | Resource ID of the Public IP Prefix object. This is only needed if you want your Public IPs created in a PIP Prefix. | | `publicIpZones` | array | `[]` | | Specifies the zones of the Public IP address. Basic IP SKU does not support Availability Zones. | | `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | | `tags` | object | `{object}` | | Tags of the resource. | -| `virtualNetworkGatewaydiagnosticLogCategoriesToEnable` | array | `[GatewayDiagnosticLog, IKEDiagnosticLog, P2SDiagnosticLog, RouteDiagnosticLog, TunnelDiagnosticLog]` | `[GatewayDiagnosticLog, IKEDiagnosticLog, P2SDiagnosticLog, RouteDiagnosticLog, TunnelDiagnosticLog]` | The name of logs that will be streamed. | +| `virtualNetworkGatewaydiagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, GatewayDiagnosticLog, IKEDiagnosticLog, P2SDiagnosticLog, RouteDiagnosticLog, TunnelDiagnosticLog]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `virtualNetworkGatewayDiagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | | `vpnClientAadConfiguration` | object | `{object}` | | Configuration for AAD Authentication for P2S Tunnel Type, Cannot be configured if clientRootCertData is provided. | | `vpnClientAddressPoolPrefix` | string | `''` | | The IP address range from which VPN clients will receive an IP address when connected. Range specified must not overlap with on-premise network. | diff --git a/modules/Microsoft.Network/virtualNetworks/deploy.bicep b/modules/Microsoft.Network/virtualNetworks/deploy.bicep index ad6bb6463c..5158818f7c 100644 --- a/modules/Microsoft.Network/virtualNetworks/deploy.bicep +++ b/modules/Microsoft.Network/virtualNetworks/deploy.bicep @@ -53,12 +53,14 @@ param tags object = {} @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' + 'VMProtectionAlerts' ]) param diagnosticLogCategoriesToEnable array = [ - 'VMProtectionAlerts' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') @@ -72,7 +74,7 @@ param diagnosticMetricsToEnable array = [ @description('Optional. The name of the diagnostic setting, if deployed.') param diagnosticSettingsName string = '${name}-diagnosticSettings' -var diagnosticsLogs = [for category in diagnosticLogCategoriesToEnable: { +var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs'): { category: category enabled: true retentionPolicy: { @@ -81,6 +83,17 @@ var diagnosticsLogs = [for category in diagnosticLogCategoriesToEnable: { } }] +var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ + { + categoryGroup: 'allLogs' + enabled: true + retentionPolicy: { + enabled: true + days: diagnosticLogsRetentionInDays + } + } +] : diagnosticsLogsSpecified + var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null @@ -265,3 +278,6 @@ output subnetResourceIds array = [for subnet in subnets: az.resourceId('Microsof @description('The location the resource was deployed into.') output location string = virtualNetwork.location + +@description('The Diagnostic Settings of the virtual network.') +output diagnosticsLogs array = diagnosticsLogs diff --git a/modules/Microsoft.Network/virtualNetworks/readme.md b/modules/Microsoft.Network/virtualNetworks/readme.md index 247da6fedd..25b1a91205 100644 --- a/modules/Microsoft.Network/virtualNetworks/readme.md +++ b/modules/Microsoft.Network/virtualNetworks/readme.md @@ -38,7 +38,7 @@ This template deploys a virtual network (vNet). | `ddosProtectionPlanId` | string | `''` | | Resource ID of the DDoS protection plan to assign the VNET to. If it's left blank, DDoS protection will not be configured. If it's provided, the VNET created by this template will be attached to the referenced DDoS protection plan. The DDoS protection plan can exist in the same or in a different subscription. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[VMProtectionAlerts]` | `[VMProtectionAlerts]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, VMProtectionAlerts]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | @@ -342,6 +342,7 @@ The network security group and route table resources must reside in the same res | Output Name | Type | Description | | :-- | :-- | :-- | +| `diagnosticsLogs` | array | The Diagnostic Settings of the virtual network. | | `location` | string | The location the resource was deployed into. | | `name` | string | The name of the virtual network. | | `resourceGroupName` | string | The resource group the virtual network was deployed into. | diff --git a/modules/Microsoft.OperationalInsights/workspaces/deploy.bicep b/modules/Microsoft.OperationalInsights/workspaces/deploy.bicep index abf017d8fe..5d8d723089 100644 --- a/modules/Microsoft.OperationalInsights/workspaces/deploy.bicep +++ b/modules/Microsoft.OperationalInsights/workspaces/deploy.bicep @@ -94,12 +94,13 @@ param tags object = {} @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'Audit' ]) param diagnosticLogCategoriesToEnable array = [ - 'Audit' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.OperationalInsights/workspaces/readme.md b/modules/Microsoft.OperationalInsights/workspaces/readme.md index ef597dba46..27c5b8251d 100644 --- a/modules/Microsoft.OperationalInsights/workspaces/readme.md +++ b/modules/Microsoft.OperationalInsights/workspaces/readme.md @@ -48,7 +48,7 @@ This template deploys a log analytics workspace. | `dataSources` | _[dataSources](dataSources/readme.md)_ array | `[]` | | LAW data sources to configure. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[Audit]` | `[Audit]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, Audit]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.RecoveryServices/vaults/deploy.bicep b/modules/Microsoft.RecoveryServices/vaults/deploy.bicep index 7ed185432c..f327c49d3d 100644 --- a/modules/Microsoft.RecoveryServices/vaults/deploy.bicep +++ b/modules/Microsoft.RecoveryServices/vaults/deploy.bicep @@ -68,8 +68,9 @@ param userAssignedIdentities object = {} @description('Optional. Tags of the Recovery Service Vault resource.') param tags object = {} -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'AzureBackupReport' 'CoreAzureBackup' 'AddonAzureBackupJobs' @@ -86,20 +87,7 @@ param tags object = {} 'AzureSiteRecoveryProtectedDiskDataChurn' ]) param diagnosticLogCategoriesToEnable array = [ - 'AzureBackupReport' - 'CoreAzureBackup' - 'AddonAzureBackupJobs' - 'AddonAzureBackupAlerts' - 'AddonAzureBackupPolicy' - 'AddonAzureBackupStorage' - 'AddonAzureBackupProtectedInstance' - 'AzureSiteRecoveryJobs' - 'AzureSiteRecoveryEvents' - 'AzureSiteRecoveryReplicatedItems' - 'AzureSiteRecoveryReplicationStats' - 'AzureSiteRecoveryRecoveryPoints' - 'AzureSiteRecoveryReplicationDataUploadRate' - 'AzureSiteRecoveryProtectedDiskDataChurn' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.RecoveryServices/vaults/readme.md b/modules/Microsoft.RecoveryServices/vaults/readme.md index a30696ba79..b170aa1c43 100644 --- a/modules/Microsoft.RecoveryServices/vaults/readme.md +++ b/modules/Microsoft.RecoveryServices/vaults/readme.md @@ -48,7 +48,7 @@ This module deploys a recovery service vault. | `backupStorageConfig` | _[backupStorageConfig](backupStorageConfig/readme.md)_ object | `{object}` | | The storage configuration for the Azure Recovery Service Vault. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[AddonAzureBackupAlerts, AddonAzureBackupJobs, AddonAzureBackupPolicy, AddonAzureBackupProtectedInstance, AddonAzureBackupStorage, AzureBackupReport, AzureSiteRecoveryEvents, AzureSiteRecoveryJobs, AzureSiteRecoveryProtectedDiskDataChurn, AzureSiteRecoveryRecoveryPoints, AzureSiteRecoveryReplicatedItems, AzureSiteRecoveryReplicationDataUploadRate, AzureSiteRecoveryReplicationStats, CoreAzureBackup]` | `[AddonAzureBackupAlerts, AddonAzureBackupJobs, AddonAzureBackupPolicy, AddonAzureBackupProtectedInstance, AddonAzureBackupStorage, AzureBackupReport, AzureSiteRecoveryEvents, AzureSiteRecoveryJobs, AzureSiteRecoveryProtectedDiskDataChurn, AzureSiteRecoveryRecoveryPoints, AzureSiteRecoveryReplicatedItems, AzureSiteRecoveryReplicationDataUploadRate, AzureSiteRecoveryReplicationStats, CoreAzureBackup]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[AddonAzureBackupAlerts, AddonAzureBackupJobs, AddonAzureBackupPolicy, AddonAzureBackupProtectedInstance, AddonAzureBackupStorage, allLogs, AzureBackupReport, AzureSiteRecoveryEvents, AzureSiteRecoveryJobs, AzureSiteRecoveryProtectedDiskDataChurn, AzureSiteRecoveryRecoveryPoints, AzureSiteRecoveryReplicatedItems, AzureSiteRecoveryReplicationDataUploadRate, AzureSiteRecoveryReplicationStats, CoreAzureBackup]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[Health]` | `[Health]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.ServiceBus/namespaces/deploy.bicep b/modules/Microsoft.ServiceBus/namespaces/deploy.bicep index 18d9602528..934f943128 100644 --- a/modules/Microsoft.ServiceBus/namespaces/deploy.bicep +++ b/modules/Microsoft.ServiceBus/namespaces/deploy.bicep @@ -101,12 +101,13 @@ param cMKUserAssignedIdentityResourceId string = '' @description('Optional. Enable infrastructure encryption (double encryption). Note, this setting requires the configuration of Customer-Managed-Keys (CMK) via the corresponding module parameters.') param requireInfrastructureEncryption bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'OperationalLogs' ]) param diagnosticLogCategoriesToEnable array = [ - 'OperationalLogs' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.ServiceBus/namespaces/readme.md b/modules/Microsoft.ServiceBus/namespaces/readme.md index 9fa4821b21..068e870c80 100644 --- a/modules/Microsoft.ServiceBus/namespaces/readme.md +++ b/modules/Microsoft.ServiceBus/namespaces/readme.md @@ -53,7 +53,7 @@ This module deploys a service bus namespace resource. | `cMKUserAssignedIdentityResourceId` | string | `''` | | User assigned identity to use when fetching the customer managed key. If not provided, a system-assigned identity can be used - but must be given access to the referenced key vault first. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[OperationalLogs]` | `[OperationalLogs]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, OperationalLogs]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.Sql/managedInstances/databases/deploy.bicep b/modules/Microsoft.Sql/managedInstances/databases/deploy.bicep index c6f1d76d8c..50c492c85f 100644 --- a/modules/Microsoft.Sql/managedInstances/databases/deploy.bicep +++ b/modules/Microsoft.Sql/managedInstances/databases/deploy.bicep @@ -81,18 +81,16 @@ param tags object = {} @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'SQLInsights' 'QueryStoreRuntimeStatistics' 'QueryStoreWaitStatistics' 'Errors' ]) param diagnosticLogCategoriesToEnable array = [ - 'SQLInsights' - 'QueryStoreRuntimeStatistics' - 'QueryStoreWaitStatistics' - 'Errors' + 'allLogs' ] @description('Optional. The name of the diagnostic setting, if deployed.') diff --git a/modules/Microsoft.Sql/managedInstances/databases/readme.md b/modules/Microsoft.Sql/managedInstances/databases/readme.md index 6d91d8a9a4..1448a2c7dd 100644 --- a/modules/Microsoft.Sql/managedInstances/databases/readme.md +++ b/modules/Microsoft.Sql/managedInstances/databases/readme.md @@ -54,7 +54,7 @@ The SQL Managed Instance Database is deployed on a SQL Managed Instance. | `createMode` | string | `'Default'` | `[Default, PointInTimeRestore, Recovery, RestoreExternalBackup, RestoreLongTermRetentionBackup]` | Managed database create mode. PointInTimeRestore: Create a database by restoring a point in time backup of an existing database. SourceDatabaseName, SourceManagedInstanceName and PointInTime must be specified. RestoreExternalBackup: Create a database by restoring from external backup files. Collation, StorageContainerUri and StorageContainerSasToken must be specified. Recovery: Creates a database by restoring a geo-replicated backup. RecoverableDatabaseId must be specified as the recoverable database resource ID to restore. RestoreLongTermRetentionBackup: Create a database by restoring from a long term retention backup (longTermRetentionBackupResourceId required). | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[Errors, QueryStoreRuntimeStatistics, QueryStoreWaitStatistics, SQLInsights]` | `[Errors, QueryStoreRuntimeStatistics, QueryStoreWaitStatistics, SQLInsights]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, Errors, QueryStoreRuntimeStatistics, QueryStoreWaitStatistics, SQLInsights]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | diff --git a/modules/Microsoft.Sql/managedInstances/deploy.bicep b/modules/Microsoft.Sql/managedInstances/deploy.bicep index c4135c9b62..aef9bdc018 100644 --- a/modules/Microsoft.Sql/managedInstances/deploy.bicep +++ b/modules/Microsoft.Sql/managedInstances/deploy.bicep @@ -161,14 +161,14 @@ param minimalTlsVersion string = '1.2' ]) param requestedBackupStorageRedundancy string = 'Geo' -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'ResourceUsageStats' 'SQLSecurityAuditEvents' ]) param diagnosticLogCategoriesToEnable array = [ - 'ResourceUsageStats' - 'SQLSecurityAuditEvents' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.Sql/managedInstances/readme.md b/modules/Microsoft.Sql/managedInstances/readme.md index 79d66e1630..a8b02fed4f 100644 --- a/modules/Microsoft.Sql/managedInstances/readme.md +++ b/modules/Microsoft.Sql/managedInstances/readme.md @@ -65,7 +65,7 @@ SQL MI allows for Azure AD Authentication via an [Azure AD Admin](https://docs.m | `databases` | _[databases](databases/readme.md)_ array | `[]` | | Databases to create in this server. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[ResourceUsageStats, SQLSecurityAuditEvents]` | `[ResourceUsageStats, SQLSecurityAuditEvents]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, ResourceUsageStats, SQLSecurityAuditEvents]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.Sql/servers/databases/deploy.bicep b/modules/Microsoft.Sql/servers/databases/deploy.bicep index 65760dcc3f..c0fecbb80d 100644 --- a/modules/Microsoft.Sql/servers/databases/deploy.bicep +++ b/modules/Microsoft.Sql/servers/databases/deploy.bicep @@ -79,8 +79,9 @@ param diagnosticEventHubAuthorizationRuleId string = '' @description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category.') param diagnosticEventHubName string = '' -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'SQLInsights' 'AutomaticTuning' 'QueryStoreRuntimeStatistics' @@ -94,17 +95,7 @@ param diagnosticEventHubName string = '' 'SQLSecurityAuditEvents' ]) param diagnosticLogCategoriesToEnable array = [ - 'SQLInsights' - 'AutomaticTuning' - 'QueryStoreRuntimeStatistics' - 'QueryStoreWaitStatistics' - 'Errors' - 'DatabaseWaitStatistics' - 'Timeouts' - 'Blocks' - 'Deadlocks' - 'DevOpsOperationsAudit' - 'SQLSecurityAuditEvents' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.Sql/servers/databases/readme.md b/modules/Microsoft.Sql/servers/databases/readme.md index a6e237b042..13ac5e7f91 100644 --- a/modules/Microsoft.Sql/servers/databases/readme.md +++ b/modules/Microsoft.Sql/servers/databases/readme.md @@ -38,7 +38,7 @@ This module deploys an Azure SQL Server Database. | `collation` | string | `'SQL_Latin1_General_CP1_CI_AS'` | | The collation of the database. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[AutomaticTuning, Blocks, DatabaseWaitStatistics, Deadlocks, DevOpsOperationsAudit, Errors, QueryStoreRuntimeStatistics, QueryStoreWaitStatistics, SQLInsights, SQLSecurityAuditEvents, Timeouts]` | `[AutomaticTuning, Blocks, DatabaseWaitStatistics, Deadlocks, DevOpsOperationsAudit, Errors, QueryStoreRuntimeStatistics, QueryStoreWaitStatistics, SQLInsights, SQLSecurityAuditEvents, Timeouts]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, AutomaticTuning, Blocks, DatabaseWaitStatistics, Deadlocks, DevOpsOperationsAudit, Errors, QueryStoreRuntimeStatistics, QueryStoreWaitStatistics, SQLInsights, SQLSecurityAuditEvents, Timeouts]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[Basic, InstanceAndAppAdvanced, WorkloadManagement]` | `[Basic, InstanceAndAppAdvanced, WorkloadManagement]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.Storage/storageAccounts/blobServices/deploy.bicep b/modules/Microsoft.Storage/storageAccounts/blobServices/deploy.bicep index b79a3339bd..6cf81e1312 100644 --- a/modules/Microsoft.Storage/storageAccounts/blobServices/deploy.bicep +++ b/modules/Microsoft.Storage/storageAccounts/blobServices/deploy.bicep @@ -37,16 +37,15 @@ param diagnosticEventHubName string = '' @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'StorageRead' 'StorageWrite' 'StorageDelete' ]) param diagnosticLogCategoriesToEnable array = [ - 'StorageRead' - 'StorageWrite' - 'StorageDelete' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.Storage/storageAccounts/blobServices/readme.md b/modules/Microsoft.Storage/storageAccounts/blobServices/readme.md index 709db301c6..a651291d1d 100644 --- a/modules/Microsoft.Storage/storageAccounts/blobServices/readme.md +++ b/modules/Microsoft.Storage/storageAccounts/blobServices/readme.md @@ -37,7 +37,7 @@ This module can be used to deploy a blob service into a storage account. | `deleteRetentionPolicyDays` | int | `7` | | Indicates the number of days that the deleted blob should be retained. The minimum specified value can be 1 and the maximum value can be 365. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[StorageDelete, StorageRead, StorageWrite]` | `[StorageDelete, StorageRead, StorageWrite]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, StorageDelete, StorageRead, StorageWrite]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[Transaction]` | `[Transaction]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.Storage/storageAccounts/fileServices/deploy.bicep b/modules/Microsoft.Storage/storageAccounts/fileServices/deploy.bicep index 053c907e46..719b5e12d5 100644 --- a/modules/Microsoft.Storage/storageAccounts/fileServices/deploy.bicep +++ b/modules/Microsoft.Storage/storageAccounts/fileServices/deploy.bicep @@ -37,16 +37,15 @@ param shares array = [] @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'StorageRead' 'StorageWrite' 'StorageDelete' ]) param diagnosticLogCategoriesToEnable array = [ - 'StorageRead' - 'StorageWrite' - 'StorageDelete' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.Storage/storageAccounts/fileServices/readme.md b/modules/Microsoft.Storage/storageAccounts/fileServices/readme.md index 42604c587a..37b4e3e0d6 100644 --- a/modules/Microsoft.Storage/storageAccounts/fileServices/readme.md +++ b/modules/Microsoft.Storage/storageAccounts/fileServices/readme.md @@ -32,7 +32,7 @@ This module can be used to deploy a file share service into a storage account. | :-- | :-- | :-- | :-- | :-- | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[StorageDelete, StorageRead, StorageWrite]` | `[StorageDelete, StorageRead, StorageWrite]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, StorageDelete, StorageRead, StorageWrite]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[Transaction]` | `[Transaction]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.Storage/storageAccounts/queueServices/deploy.bicep b/modules/Microsoft.Storage/storageAccounts/queueServices/deploy.bicep index d23a4e56f5..1f45d01639 100644 --- a/modules/Microsoft.Storage/storageAccounts/queueServices/deploy.bicep +++ b/modules/Microsoft.Storage/storageAccounts/queueServices/deploy.bicep @@ -28,16 +28,15 @@ param diagnosticEventHubName string = '' @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'StorageRead' 'StorageWrite' 'StorageDelete' ]) param diagnosticLogCategoriesToEnable array = [ - 'StorageRead' - 'StorageWrite' - 'StorageDelete' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.Storage/storageAccounts/queueServices/readme.md b/modules/Microsoft.Storage/storageAccounts/queueServices/readme.md index 9db0891b9a..aeebdac0d5 100644 --- a/modules/Microsoft.Storage/storageAccounts/queueServices/readme.md +++ b/modules/Microsoft.Storage/storageAccounts/queueServices/readme.md @@ -32,7 +32,7 @@ This module can be used to deploy a file share service into a storage account. | :-- | :-- | :-- | :-- | :-- | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[StorageDelete, StorageRead, StorageWrite]` | `[StorageDelete, StorageRead, StorageWrite]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, StorageDelete, StorageRead, StorageWrite]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[Transaction]` | `[Transaction]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.Storage/storageAccounts/tableServices/deploy.bicep b/modules/Microsoft.Storage/storageAccounts/tableServices/deploy.bicep index bb0290cbc5..d4cb8ab4e0 100644 --- a/modules/Microsoft.Storage/storageAccounts/tableServices/deploy.bicep +++ b/modules/Microsoft.Storage/storageAccounts/tableServices/deploy.bicep @@ -28,16 +28,15 @@ param diagnosticEventHubName string = '' @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'StorageRead' 'StorageWrite' 'StorageDelete' ]) param diagnosticLogCategoriesToEnable array = [ - 'StorageRead' - 'StorageWrite' - 'StorageDelete' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') diff --git a/modules/Microsoft.Storage/storageAccounts/tableServices/readme.md b/modules/Microsoft.Storage/storageAccounts/tableServices/readme.md index 661d698c36..2ab4056d1e 100644 --- a/modules/Microsoft.Storage/storageAccounts/tableServices/readme.md +++ b/modules/Microsoft.Storage/storageAccounts/tableServices/readme.md @@ -31,7 +31,7 @@ This module deploys a storage account table service | :-- | :-- | :-- | :-- | :-- | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[StorageDelete, StorageRead, StorageWrite]` | `[StorageDelete, StorageRead, StorageWrite]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, StorageDelete, StorageRead, StorageWrite]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[Transaction]` | `[Transaction]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | diff --git a/modules/Microsoft.Synapse/workspaces/deploy.bicep b/modules/Microsoft.Synapse/workspaces/deploy.bicep index 7deb290a22..67564888f1 100644 --- a/modules/Microsoft.Synapse/workspaces/deploy.bicep +++ b/modules/Microsoft.Synapse/workspaces/deploy.bicep @@ -112,8 +112,9 @@ param diagnosticEventHubAuthorizationRuleId string = '' @description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category.') param diagnosticEventHubName string = '' -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'SynapseRbacOperations' 'GatewayApiRequests' 'BuiltinSqlReqsEnded' @@ -122,12 +123,7 @@ param diagnosticEventHubName string = '' 'IntegrationTriggerRuns' ]) param diagnosticLogCategoriesToEnable array = [ - 'SynapseRbacOperations' - 'GatewayApiRequests' - 'BuiltinSqlReqsEnded' - 'IntegrationPipelineRuns' - 'IntegrationActivityRuns' - 'IntegrationTriggerRuns' + 'allLogs' ] @description('Optional. The name of the diagnostic setting, if deployed.') diff --git a/modules/Microsoft.Synapse/workspaces/readme.md b/modules/Microsoft.Synapse/workspaces/readme.md index 78b76ec7da..f0cbf2ec7b 100644 --- a/modules/Microsoft.Synapse/workspaces/readme.md +++ b/modules/Microsoft.Synapse/workspaces/readme.md @@ -52,7 +52,7 @@ This module deploys a Synapse Workspace. | `defaultDataLakeStorageCreateManagedPrivateEndpoint` | bool | `False` | | Create managed private endpoint to the default storage account or not. If Yes is selected, a managed private endpoint connection request is sent to the workspace's primary Data Lake Storage Gen2 account for Spark pools to access data. This must be approved by an owner of the storage account. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[BuiltinSqlReqsEnded, GatewayApiRequests, IntegrationActivityRuns, IntegrationPipelineRuns, IntegrationTriggerRuns, SynapseRbacOperations]` | `[BuiltinSqlReqsEnded, GatewayApiRequests, IntegrationActivityRuns, IntegrationPipelineRuns, IntegrationTriggerRuns, SynapseRbacOperations]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, BuiltinSqlReqsEnded, GatewayApiRequests, IntegrationActivityRuns, IntegrationPipelineRuns, IntegrationTriggerRuns, SynapseRbacOperations]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | diff --git a/modules/Microsoft.Web/hostingEnvironments/deploy.bicep b/modules/Microsoft.Web/hostingEnvironments/deploy.bicep index 5a27da3b21..ee8fd3e740 100644 --- a/modules/Microsoft.Web/hostingEnvironments/deploy.bicep +++ b/modules/Microsoft.Web/hostingEnvironments/deploy.bicep @@ -95,12 +95,13 @@ param enableDefaultTelemetry bool = true @description('Optional. The Dedicated Host Count. Is not supported by ASEv2. If `zoneRedundant` is false, and you want physical hardware isolation enabled, set to 2. Otherwise 0.') param dedicatedHostCount int = -1 -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'AppServiceEnvironmentPlatformLogs' ]) param diagnosticLogCategoriesToEnable array = [ - 'AppServiceEnvironmentPlatformLogs' + 'allLogs' ] @description('Optional. The name of the diagnostic setting, if deployed.') diff --git a/modules/Microsoft.Web/hostingEnvironments/readme.md b/modules/Microsoft.Web/hostingEnvironments/readme.md index 362ef2eba1..954e1560b3 100644 --- a/modules/Microsoft.Web/hostingEnvironments/readme.md +++ b/modules/Microsoft.Web/hostingEnvironments/readme.md @@ -36,7 +36,7 @@ This module deploys an app service environment. | `dedicatedHostCount` | int | `-1` | | The Dedicated Host Count. Is not supported by ASEv2. If `zoneRedundant` is false, and you want physical hardware isolation enabled, set to 2. Otherwise 0. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[AppServiceEnvironmentPlatformLogs]` | `[AppServiceEnvironmentPlatformLogs]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `[allLogs, AppServiceEnvironmentPlatformLogs]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | diff --git a/modules/Microsoft.Web/sites/deploy.bicep b/modules/Microsoft.Web/sites/deploy.bicep index d3eb91c50b..a04e9e8ea7 100644 --- a/modules/Microsoft.Web/sites/deploy.bicep +++ b/modules/Microsoft.Web/sites/deploy.bicep @@ -107,8 +107,9 @@ param diagnosticEventHubAuthorizationRuleId string = '' @description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category.') param diagnosticEventHubName string = '' -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ + 'allLogs' 'AppServiceHTTPLogs' 'AppServiceConsoleLogs' 'AppServiceAppLogs' diff --git a/modules/Microsoft.Web/sites/readme.md b/modules/Microsoft.Web/sites/readme.md index fa55456e0d..3bf3591346 100644 --- a/modules/Microsoft.Web/sites/readme.md +++ b/modules/Microsoft.Web/sites/readme.md @@ -43,7 +43,7 @@ This module deploys a web or function app. | `clientAffinityEnabled` | bool | `True` | | If client affinity is enabled. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[if(equals(parameters('kind'), 'functionapp'), createArray('FunctionAppLogs'), createArray('AppServiceHTTPLogs', 'AppServiceConsoleLogs', 'AppServiceAppLogs', 'AppServiceAuditLogs', 'AppServiceIPSecAuditLogs', 'AppServicePlatformLogs'))]` | `[AppServiceAppLogs, AppServiceAuditLogs, AppServiceConsoleLogs, AppServiceHTTPLogs, AppServiceIPSecAuditLogs, AppServicePlatformLogs, FunctionAppLogs]` | The name of logs that will be streamed. | +| `diagnosticLogCategoriesToEnable` | array | `[if(equals(parameters('kind'), 'functionapp'), createArray('FunctionAppLogs'), createArray('AppServiceHTTPLogs', 'AppServiceConsoleLogs', 'AppServiceAppLogs', 'AppServiceAuditLogs', 'AppServiceIPSecAuditLogs', 'AppServicePlatformLogs'))]` | `[allLogs, AppServiceAppLogs, AppServiceAuditLogs, AppServiceConsoleLogs, AppServiceHTTPLogs, AppServiceIPSecAuditLogs, AppServicePlatformLogs, FunctionAppLogs]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. | | `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. |