From f2c2356d707639e6d97d7af51da7bcfcbb9fd755 Mon Sep 17 00:00:00 2001 From: SeSeicht Date: Wed, 7 Dec 2022 19:06:09 +0100 Subject: [PATCH 1/3] enableDiagnosticLogCategoryAll --- .../.test/common/deploy.test.bicep | 22 +++++++++---------- .../.test/min/deploy.test.bicep | 2 +- .../virtualNetworks/deploy.bicep | 18 ++++++++++++++- 3 files changed, 29 insertions(+), 13 deletions(-) diff --git a/modules/Microsoft.Network/virtualNetworks/.test/common/deploy.test.bicep b/modules/Microsoft.Network/virtualNetworks/.test/common/deploy.test.bicep index 233a3ff05e..da6922faf7 100644 --- a/modules/Microsoft.Network/virtualNetworks/.test/common/deploy.test.bicep +++ b/modules/Microsoft.Network/virtualNetworks/.test/common/deploy.test.bicep @@ -31,9 +31,9 @@ module resourceGroupResources 'dependencies.bicep' = { scope: resourceGroup name: '${uniqueString(deployment().name, location)}-paramNested' params: { - managedIdentityName: 'dep-<>-msi-${serviceShort}' - routeTableName: 'dep-<>-rt-${serviceShort}' - networkSecurityGroupName: 'dep-<>-nsg-${serviceShort}' + managedIdentityName: 'dep-ses-msi-${serviceShort}' + routeTableName: 'dep-ses-rt-${serviceShort}' + networkSecurityGroupName: 'dep-ses-nsg-${serviceShort}' } } @@ -43,10 +43,10 @@ module diagnosticDependencies '../../../../.shared/dependencyConstructs/diagnost scope: resourceGroup name: '${uniqueString(deployment().name, location)}-diagnosticDependencies' params: { - storageAccountName: 'dep<>diasa${serviceShort}01' - logAnalyticsWorkspaceName: 'dep-<>-law-${serviceShort}' - eventHubNamespaceEventHubName: 'dep-<>-evh-${serviceShort}' - eventHubNamespaceName: 'dep-<>-evhns-${serviceShort}' + storageAccountName: 'depsesdiasa${serviceShort}01' + logAnalyticsWorkspaceName: 'dep-ses-law-${serviceShort}' + eventHubNamespaceEventHubName: 'dep-ses-evh-${serviceShort}' + eventHubNamespaceName: 'dep-ses-evhns-${serviceShort}' location: location } } @@ -60,7 +60,7 @@ module testDeployment '../../deploy.bicep' = { name: '${uniqueString(deployment().name)}-test-${serviceShort}' params: { enableDefaultTelemetry: enableDefaultTelemetry - name: '<>${serviceShort}001' + name: 'ses${serviceShort}001' addressPrefixes: [ '10.0.0.0/16' ] @@ -90,7 +90,7 @@ module testDeployment '../../deploy.bicep' = { } { addressPrefix: '10.0.0.0/24' - name: '<>-az-subnet-x-001' + name: 'ses-az-subnet-x-001' networkSecurityGroupId: resourceGroupResources.outputs.networkSecurityGroupResourceId roleAssignments: [ { @@ -121,11 +121,11 @@ module testDeployment '../../deploy.bicep' = { } } ] - name: '<>-az-subnet-x-002' + name: 'ses-az-subnet-x-002' } { addressPrefix: '10.0.6.0/24' - name: '<>-az-subnet-x-003' + name: 'ses-az-subnet-x-003' privateEndpointNetworkPolicies: 'Disabled' privateLinkServiceNetworkPolicies: 'Enabled' } diff --git a/modules/Microsoft.Network/virtualNetworks/.test/min/deploy.test.bicep b/modules/Microsoft.Network/virtualNetworks/.test/min/deploy.test.bicep index 3242dcac70..1655511ca2 100644 --- a/modules/Microsoft.Network/virtualNetworks/.test/min/deploy.test.bicep +++ b/modules/Microsoft.Network/virtualNetworks/.test/min/deploy.test.bicep @@ -36,7 +36,7 @@ module testDeployment '../../deploy.bicep' = { name: '${uniqueString(deployment().name)}-test-${serviceShort}' params: { enableDefaultTelemetry: enableDefaultTelemetry - name: '<>${serviceShort}001' + name: 'ses${serviceShort}001' addressPrefixes: [ '10.0.0.0/16' ] diff --git a/modules/Microsoft.Network/virtualNetworks/deploy.bicep b/modules/Microsoft.Network/virtualNetworks/deploy.bicep index ad6bb6463c..c38a94e8b8 100644 --- a/modules/Microsoft.Network/virtualNetworks/deploy.bicep +++ b/modules/Microsoft.Network/virtualNetworks/deploy.bicep @@ -53,6 +53,9 @@ param tags object = {} @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true +@description('Optional. Enable the -all- Log Category. Will not use diagnosticLogCategoriesToEnable if set to true.') +param enableDiagnosticLogCategoryAll bool = true + @description('Optional. The name of logs that will be streamed.') @allowed([ 'VMProtectionAlerts' @@ -72,7 +75,7 @@ param diagnosticMetricsToEnable array = [ @description('Optional. The name of the diagnostic setting, if deployed.') param diagnosticSettingsName string = '${name}-diagnosticSettings' -var diagnosticsLogs = [for category in diagnosticLogCategoriesToEnable: { +var diagnosticsLogsSpecified = [for category in diagnosticLogCategoriesToEnable: { category: category enabled: true retentionPolicy: { @@ -81,6 +84,17 @@ var diagnosticsLogs = [for category in diagnosticLogCategoriesToEnable: { } }] +var diagnosticsLogsAll = [for category in diagnosticLogCategoriesToEnable: { + category: null + categoryGroup: 'allLogs' + enabled: true + retentionPolicy: { + enabled: true + days: diagnosticLogsRetentionInDays + } +}] +var diagnosticsLogs = (enableDiagnosticLogCategoryAll) ? diagnosticsLogsAll : diagnosticsLogsSpecified + var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null @@ -265,3 +279,5 @@ output subnetResourceIds array = [for subnet in subnets: az.resourceId('Microsof @description('The location the resource was deployed into.') output location string = virtualNetwork.location + +output diagnosticsLogs array = diagnosticsLogs From 1fe77283c8de6ea211ad88bae3ac5bedf19f2086 Mon Sep 17 00:00:00 2001 From: SeSeicht Date: Fri, 9 Dec 2022 11:09:14 +0100 Subject: [PATCH 2/3] remove helper bool --- .../Microsoft.Network/virtualNetworks/deploy.bicep | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/modules/Microsoft.Network/virtualNetworks/deploy.bicep b/modules/Microsoft.Network/virtualNetworks/deploy.bicep index c38a94e8b8..c6dac4c1b2 100644 --- a/modules/Microsoft.Network/virtualNetworks/deploy.bicep +++ b/modules/Microsoft.Network/virtualNetworks/deploy.bicep @@ -53,15 +53,14 @@ param tags object = {} @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. Enable the -all- Log Category. Will not use diagnosticLogCategoriesToEnable if set to true.') -param enableDiagnosticLogCategoryAll bool = true - @description('Optional. The name of logs that will be streamed.') @allowed([ 'VMProtectionAlerts' + 'allLogs' ]) param diagnosticLogCategoriesToEnable array = [ 'VMProtectionAlerts' + //'allLogs' ] @description('Optional. The name of metrics that will be streamed.') @@ -75,7 +74,7 @@ param diagnosticMetricsToEnable array = [ @description('Optional. The name of the diagnostic setting, if deployed.') param diagnosticSettingsName string = '${name}-diagnosticSettings' -var diagnosticsLogsSpecified = [for category in diagnosticLogCategoriesToEnable: { +var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, cat => cat != 'allLogs'): { category: category enabled: true retentionPolicy: { @@ -84,7 +83,7 @@ var diagnosticsLogsSpecified = [for category in diagnosticLogCategoriesToEnable: } }] -var diagnosticsLogsAll = [for category in diagnosticLogCategoriesToEnable: { +var diagnosticsLogsAll = [for i in range(0, 1): { category: null categoryGroup: 'allLogs' enabled: true @@ -93,7 +92,7 @@ var diagnosticsLogsAll = [for category in diagnosticLogCategoriesToEnable: { days: diagnosticLogsRetentionInDays } }] -var diagnosticsLogs = (enableDiagnosticLogCategoryAll) ? diagnosticsLogsAll : diagnosticsLogsSpecified +var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? diagnosticsLogsAll : diagnosticsLogsSpecified var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric From 588d1cf963b3c43b392c6c9610fdbeee8ab6ed3c Mon Sep 17 00:00:00 2001 From: SeSeicht Date: Fri, 9 Dec 2022 11:45:52 +0100 Subject: [PATCH 3/3] format --- .../virtualNetworks/deploy.bicep | 25 +++++++++---------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/modules/Microsoft.Network/virtualNetworks/deploy.bicep b/modules/Microsoft.Network/virtualNetworks/deploy.bicep index c6dac4c1b2..cb033a85ed 100644 --- a/modules/Microsoft.Network/virtualNetworks/deploy.bicep +++ b/modules/Microsoft.Network/virtualNetworks/deploy.bicep @@ -53,14 +53,13 @@ param tags object = {} @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. The name of logs that will be streamed.') +@description('Optional. The name of logs that will be streamed. "allLogs" includes all possible logs for the resource.') @allowed([ - 'VMProtectionAlerts' 'allLogs' + 'VMProtectionAlerts' ]) param diagnosticLogCategoriesToEnable array = [ - 'VMProtectionAlerts' - //'allLogs' + 'allLogs' ] @description('Optional. The name of metrics that will be streamed.') @@ -74,7 +73,7 @@ param diagnosticMetricsToEnable array = [ @description('Optional. The name of the diagnostic setting, if deployed.') param diagnosticSettingsName string = '${name}-diagnosticSettings' -var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, cat => cat != 'allLogs'): { +var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs'): { category: category enabled: true retentionPolicy: { @@ -83,16 +82,16 @@ var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesTo } }] -var diagnosticsLogsAll = [for i in range(0, 1): { - category: null - categoryGroup: 'allLogs' - enabled: true - retentionPolicy: { +var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ + { + categoryGroup: 'allLogs' enabled: true - days: diagnosticLogsRetentionInDays + retentionPolicy: { + enabled: true + days: diagnosticLogsRetentionInDays + } } -}] -var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? diagnosticsLogsAll : diagnosticsLogsSpecified +] : diagnosticsLogsSpecified var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric