diff --git a/azurerm/modules/azurerm-adb/network.tf b/azurerm/modules/azurerm-adb/network.tf
index f0b761cc..1c79edab 100644
--- a/azurerm/modules/azurerm-adb/network.tf
+++ b/azurerm/modules/azurerm-adb/network.tf
@@ -147,7 +147,7 @@ resource "azurerm_private_endpoint" "databricks" {
}
private_dns_zone_group {
-
+
name = "databricks_ui_api"
private_dns_zone_ids = [data.azurerm_private_dns_zone.adb_pvt_dns[0].id]
}
@@ -156,7 +156,7 @@ resource "azurerm_private_endpoint" "databricks" {
}
resource "azurerm_private_endpoint" "auth" {
- count = var.enable_private_network && var.managed_vnet == false && var.browser_authentication_enabled == true ? 1 : 0
+ count = var.enable_private_network && var.managed_vnet == false && var.browser_authentication_enabled == true ? 1 : 0
name = "${var.resource_namer}-pe-databricks-auth"
location = var.resource_group_location
resource_group_name = var.resource_group_name
diff --git a/azurerm/modules/azurerm-adf/observability.tf b/azurerm/modules/azurerm-adf/observability.tf
new file mode 100644
index 00000000..fd691291
--- /dev/null
+++ b/azurerm/modules/azurerm-adf/observability.tf
@@ -0,0 +1,43 @@
+data "azurerm_monitor_diagnostic_categories" "adf_log_analytics_categories" {
+ count = var.la_workspace_id != "" ? 1 : 0
+ resource_id = azurerm_data_factory.example[0].id
+
+ depends_on = [azurerm_data_factory.example]
+}
+
+resource "azurerm_monitor_diagnostic_setting" "adf_log_analytics" {
+ count = var.la_workspace_id != "" ? 1 : 0
+ name = "ADF to Log Analytics"
+ target_resource_id = azurerm_data_factory.example[0].id
+ log_analytics_workspace_id = var.la_workspace_id
+ log_analytics_destination_type = "Dedicated"
+
+ dynamic "log" {
+ for_each = data.azurerm_monitor_diagnostic_categories.adf_log_analytics_categories[0].logs
+
+ content {
+ category = log.value
+ enabled = true
+
+ retention_policy {
+ enabled = false
+ days = 0
+ }
+ }
+ }
+
+ dynamic "metric" {
+ for_each = data.azurerm_monitor_diagnostic_categories.adf_log_analytics_categories[0].metrics
+
+ content {
+ category = metric.value
+ enabled = true
+
+ retention_policy {
+ enabled = false
+ days = 0
+ }
+ }
+ }
+ depends_on = [data.azurerm_monitor_diagnostic_categories.adf_log_analytics_categories]
+}
\ No newline at end of file
diff --git a/azurerm/modules/azurerm-adf/vars.tf b/azurerm/modules/azurerm-adf/vars.tf
index 005c818a..4b38062f 100644
--- a/azurerm/modules/azurerm-adf/vars.tf
+++ b/azurerm/modules/azurerm-adf/vars.tf
@@ -95,6 +95,12 @@ variable "runtime_virtual_network_enabled" {
description = "Is Integration Runtime compute provisioned within Managed Virtual Network? Changing this forces a new resource to be created."
}
+variable "la_workspace_id" {
+ type = string
+ default = ""
+ description = "Log Analytics Workspace ID"
+}
+
###########################
# Global parameter for ADF SETTINGS
diff --git a/azurerm/modules/azurerm-adls/observability.tf b/azurerm/modules/azurerm-adls/observability.tf
new file mode 100644
index 00000000..d6dc8c21
--- /dev/null
+++ b/azurerm/modules/azurerm-adls/observability.tf
@@ -0,0 +1,51 @@
+data "azurerm_monitor_diagnostic_categories" "adls_log_analytics_categories" {
+ for_each = {
+ for account_name, account_details in var.storage_account_details : account_name => account_details
+ if var.la_workspace_id != ""
+ }
+ resource_id = azurerm_storage_account.storage_account_default["${each.key}"].id
+
+ depends_on = [azurerm_storage_account.storage_account_default]
+}
+
+resource "azurerm_monitor_diagnostic_setting" "adls_log_analytics" {
+ for_each = {
+ for account_name, account_details in var.storage_account_details : account_name => account_details
+ if var.la_workspace_id != ""
+ }
+
+ name = "Storage to Log Analytics"
+ target_resource_id = azurerm_storage_account.storage_account_default["${each.key}"].id
+ log_analytics_workspace_id = var.la_workspace_id
+ log_analytics_destination_type = "Dedicated"
+
+ dynamic "log" {
+ for_each = data.azurerm_monitor_diagnostic_categories.adls_log_analytics_categories[each.key].logs
+
+ content {
+ category = log.value
+ enabled = true
+
+ retention_policy {
+ enabled = false
+ days = 0
+ }
+ }
+ }
+
+ dynamic "metric" {
+ for_each = data.azurerm_monitor_diagnostic_categories.adls_log_analytics_categories[each.key].metrics
+
+ content {
+ category = metric.value
+ enabled = true
+
+ retention_policy {
+ enabled = false
+ days = 0
+ }
+ }
+ }
+
+ depends_on = [data.azurerm_monitor_diagnostic_categories.adls_log_analytics_categories]
+}
\ No newline at end of file
diff --git a/azurerm/modules/azurerm-adls/vars.tf b/azurerm/modules/azurerm-adls/vars.tf
index d816d284..4a73dbc0 100644
--- a/azurerm/modules/azurerm-adls/vars.tf
+++ b/azurerm/modules/azurerm-adls/vars.tf
@@ -170,3 +170,9 @@ variable "dfs_dns_resource_group_name" {
default = "amido-stacks-euw-de-hub-network"
description = "Name of the resource group where pvt dns is present for blob."
}
+
+variable "la_workspace_id" {
+ type = string
+ default = ""
+ description = "Log Analytics Workspace ID"
+}
\ No newline at end of file
diff --git a/azurerm/modules/azurerm-hub-spoke/dns.tf b/azurerm/modules/azurerm-hub-spoke/dns.tf
index e772de89..a0d269cf 100644
--- a/azurerm/modules/azurerm-hub-spoke/dns.tf
+++ b/azurerm/modules/azurerm-hub-spoke/dns.tf
@@ -7,7 +7,7 @@ resource "azurerm_private_dns_zone" "example" {
}
resource "azurerm_private_dns_zone_virtual_network_link" "hub-privatelink-dns" {
- for_each = var.link_dns_network == true ? toset(var.dns_zone_name ) : toset([])
+ for_each = var.link_dns_network == true ? toset(var.dns_zone_name) : toset([])
name = each.key
resource_group_name = local.hub_resource_group_name[0]
registration_enabled = false # Auto registration_enabled set to false as we cannot add multiple Private DNS to 1 Vnet
diff --git a/azurerm/modules/azurerm-kv/example/main.tf b/azurerm/modules/azurerm-kv/example/main.tf
index 47c5ea5f..e317c3ef 100644
--- a/azurerm/modules/azurerm-kv/example/main.tf
+++ b/azurerm/modules/azurerm-kv/example/main.tf
@@ -21,8 +21,8 @@ resource "azurerm_resource_group" "default" {
}
module "kv_default" {
- source = "../../azurerm-kv"
- resource_namer = substr(replace(module.default_label.id, "-", ""), 0, 24)
+ source = "../../azurerm-kv"
+ resource_namer = substr(replace(module.default_label.id, "-", ""), 0, 24)
resource_group_name = azurerm_resource_group.default.name
resource_group_location = azurerm_resource_group.default.location
create_kv_networkacl = false
@@ -33,7 +33,7 @@ module "kv_default" {
pe_subnet_id = data.azurerm_subnet.pe_subnet.id
pe_resource_group_name = data.azurerm_subnet.pe_subnet.resource_group_name
pe_resource_group_location = "UK South"
- # private_dns_zone_name = data.azurerm_private_dns_zone.private_dns.name
- # private_dns_zone_ids = ["${data.azurerm_private_dns_zone.private_dns.id}"]
+ # private_dns_zone_name = data.azurerm_private_dns_zone.private_dns.name
+ # private_dns_zone_ids = ["${data.azurerm_private_dns_zone.private_dns.id}"]
dns_resource_group_name = "hub-rg"
}
diff --git a/azurerm/modules/azurerm-kv/observability.tf b/azurerm/modules/azurerm-kv/observability.tf
new file mode 100644
index 00000000..21434b3d
--- /dev/null
+++ b/azurerm/modules/azurerm-kv/observability.tf
@@ -0,0 +1,44 @@
+data "azurerm_monitor_diagnostic_categories" "kv_log_analytics_categories" {
+ count = var.la_workspace_id != "" ? 1 : 0
+ resource_id = azurerm_key_vault.example[0].id
+
+ depends_on = [azurerm_key_vault.example]
+}
+
+resource "azurerm_monitor_diagnostic_setting" "kv_log_analytics" {
+ count = var.la_workspace_id != "" ? 1 : 0
+ name = "KV to Log Analytics"
+ target_resource_id = azurerm_key_vault.example[0].id
+ log_analytics_workspace_id = var.la_workspace_id
+ log_analytics_destination_type = "Dedicated"
+
+ dynamic "log" {
+ for_each = data.azurerm_monitor_diagnostic_categories.kv_log_analytics_categories[0].logs
+
+ content {
+ category = log.value
+ enabled = true
+
+ retention_policy {
+ enabled = false
+ days = 0
+ }
+ }
+ }
+
+ dynamic "metric" {
+ for_each = data.azurerm_monitor_diagnostic_categories.kv_log_analytics_categories[0].metrics
+
+ content {
+ category = metric.value
+ enabled = true
+
+ retention_policy {
+ enabled = false
+ days = 0
+ }
+ }
+ }
+
+ depends_on = [data.azurerm_monitor_diagnostic_categories.kv_log_analytics_categories]
+}
\ No newline at end of file
diff --git a/azurerm/modules/azurerm-kv/vars.tf b/azurerm/modules/azurerm-kv/vars.tf
index ef7f8d27..32560087 100644
--- a/azurerm/modules/azurerm-kv/vars.tf
+++ b/azurerm/modules/azurerm-kv/vars.tf
@@ -194,3 +194,9 @@ variable "pe_resource_group_location" {
default = ""
description = "Location of the resource group to provision private endpoint in."
}
+
+variable "la_workspace_id" {
+ type = string
+ default = ""
+ description = "Log Analytics Workspace ID"
+}
\ No newline at end of file
diff --git a/azurerm/modules/azurerm-observability/README.md b/azurerm/modules/azurerm-observability/README.md
new file mode 100644
index 00000000..3d8c15bf
--- /dev/null
+++ b/azurerm/modules/azurerm-observability/README.md
@@ -0,0 +1,52 @@
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 0.13 |
+| [azurerm](#requirement\_azurerm) | ~> 3.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [azurerm](#provider\_azurerm) | ~> 3.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_application_insights.default](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_insights) | resource |
+| [azurerm_log_analytics_solution.default](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/log_analytics_solution) | resource |
+| [azurerm_log_analytics_workspace.default](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/log_analytics_workspace) | resource |
+| [azurerm_client_config.spn_client](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) | data source |
+| [azurerm_resource_group.default](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [app\_insights\_name](#input\_app\_insights\_name) | Name of the App Insights Instance to be created. | `string` | `""` | no |
+| [attributes](#input\_attributes) | Additional attributes for tagging | `list` | `[]` | no |
+| [key\_vault\_name](#input\_key\_vault\_name) | Key Vault name - if not specificied will default to computed naming convention | `string` | `""` | no |
+| [la\_name](#input\_la\_name) | Name of the Log Analtics Instance to be created. | `string` | `""` | no |
+| [log\_application\_type](#input\_log\_application\_type) | Log application type | `string` | `"other"` | no |
+| [resource\_group\_location](#input\_resource\_group\_location) | Location of the RG | `string` | `"useast"` | no |
+| [resource\_group\_name](#input\_resource\_group\_name) | Name of the Data Platform Resource Group. | `string` | `""` | no |
+| [resource\_group\_tags](#input\_resource\_group\_tags) | Tags at a RG level | `map(string)` | `{}` | no |
+| [retention\_in\_days](#input\_retention\_in\_days) | n/a | `number` | `30` | no |
+| [stage](#input\_stage) | n/a | `string` | `"dev"` | no |
+| [tags](#input\_tags) | Tags to be assigned to all resources, NB if global tagging is enabled these will get overwritten periodically | `map(string)` | `{}` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [app\_insights\_id](#output\_app\_insights\_id) | n/a |
+| [app\_insights\_key](#output\_app\_insights\_key) | n/a |
+| [app\_insights\_name](#output\_app\_insights\_name) | n/a |
+| [app\_insights\_resource\_group\_name](#output\_app\_insights\_resource\_group\_name) | n/a |
+| [log\_analytics\_workspace\_id](#output\_log\_analytics\_workspace\_id) | n/a |
\ No newline at end of file
diff --git a/azurerm/modules/azurerm-observability/constraints.tf b/azurerm/modules/azurerm-observability/constraints.tf
new file mode 100644
index 00000000..5257ed4f
--- /dev/null
+++ b/azurerm/modules/azurerm-observability/constraints.tf
@@ -0,0 +1,9 @@
+terraform {
+ required_version = ">= 0.13"
+ required_providers {
+ azurerm = {
+ source = "hashicorp/azurerm"
+ version = "~> 3.0"
+ }
+ }
+}
diff --git a/azurerm/modules/azurerm-observability/data.tf b/azurerm/modules/azurerm-observability/data.tf
new file mode 100644
index 00000000..3791d500
--- /dev/null
+++ b/azurerm/modules/azurerm-observability/data.tf
@@ -0,0 +1,6 @@
+data "azurerm_client_config" "spn_client" {
+}
+
+data "azurerm_resource_group" "default" {
+ name = var.resource_group_name
+}
diff --git a/azurerm/modules/azurerm-observability/example/constraints.tf b/azurerm/modules/azurerm-observability/example/constraints.tf
new file mode 100644
index 00000000..5257ed4f
--- /dev/null
+++ b/azurerm/modules/azurerm-observability/example/constraints.tf
@@ -0,0 +1,9 @@
+terraform {
+ required_version = ">= 0.13"
+ required_providers {
+ azurerm = {
+ source = "hashicorp/azurerm"
+ version = "~> 3.0"
+ }
+ }
+}
diff --git a/azurerm/modules/azurerm-observability/example/main.tf b/azurerm/modules/azurerm-observability/example/main.tf
new file mode 100644
index 00000000..c9aa8563
--- /dev/null
+++ b/azurerm/modules/azurerm-observability/example/main.tf
@@ -0,0 +1,31 @@
+
+module "default_label" {
+ source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=0.25.0"
+ namespace = "${var.name_company}-${var.name_project}"
+ stage = var.stage
+ name = "${lookup(var.location_name_map, var.resource_group_location, "uksouth")}-${var.name_component}"
+ attributes = var.attributes
+ delimiter = "-"
+ tags = var.tags
+}
+
+##################################################
+# ResourceGroups
+##################################################
+
+resource "azurerm_resource_group" "default" {
+ name = module.default_label.id
+ location = var.resource_group_location
+ tags = var.tags
+}
+
+
+module "observability" {
+ source = "../../azurerm-observability"
+ resource_group_name = azurerm_resource_group.default.name
+ resource_group_location = azurerm_resource_group.default.location
+ la_name = module.default_label.id
+ app_insights_name = module.default_label.id
+ log_application_type = "other"
+ retention_in_days = var.retention_in_days
+}
\ No newline at end of file
diff --git a/azurerm/modules/azurerm-observability/example/vars.tf b/azurerm/modules/azurerm-observability/example/vars.tf
new file mode 100644
index 00000000..315caa2a
--- /dev/null
+++ b/azurerm/modules/azurerm-observability/example/vars.tf
@@ -0,0 +1,103 @@
+############################################
+# NAMING
+############################################
+
+variable "name_company" {
+ description = "Company Name - should/will be used in conventional resource naming"
+ type = string
+}
+
+variable "name_project" {
+ description = "Project Name - should/will be used in conventional resource naming"
+ type = string
+}
+
+variable "name_component" {
+ description = "Component Name - should/will be used in conventional resource naming. Typically this will be a logical name for this part of the system i.e. `API` || `middleware` or more generic like `Billing`"
+ type = string
+}
+
+variable "name_environment" {
+ type = string
+}
+
+variable "stage" {
+ type = string
+ default = "dev"
+}
+
+variable "attributes" {
+ description = "Additional attributes for tagging"
+ default = []
+}
+
+variable "tags" {
+ description = "Tags to be assigned to all resources, NB if global tagging is enabled these will get overwritten periodically"
+ type = map(string)
+ default = {}
+}
+
+variable "resource_namer" {
+ type = string
+ description = "User defined naming convention applied to all resources created as part of this module"
+}
+
+variable "resource_tags" {
+ description = "Map of tags to be applied to all resources created as part of this module"
+ type = map(string)
+ default = {}
+}
+
+###########################
+# OBSERVABILITY
+##########################
+
+variable "resource_group_name" {
+ type = string
+ default = ""
+ description = "Name of the Data Platform Resource Group."
+}
+
+variable "resource_group_location" {
+ description = "Location of the RG"
+ type = string
+ default = "useast"
+}
+
+variable "resource_group_tags" {
+ description = "Tags at a RG level"
+ type = map(string)
+ default = {}
+}
+
+variable "retention_in_days" {
+ type = number
+ default = 30
+}
+
+variable "log_application_type" {
+ description = "Log application type"
+ type = string
+ default = "other"
+}
+
+variable "key_vault_name" {
+ description = "Key Vault name - if not specificied will default to computed naming convention"
+ type = string
+ default = ""
+}
+
+variable "la_name" {
+ type = string
+ default = ""
+ description = "Name of the Log Analtics Instance to be created."
+}
+
+variable "app_insights_name" {
+ type = string
+ default = ""
+ description = "Name of the App Insights Instance to be created."
+}
+
+
+
diff --git a/azurerm/modules/azurerm-observability/main.tf b/azurerm/modules/azurerm-observability/main.tf
new file mode 100644
index 00000000..4037dd49
--- /dev/null
+++ b/azurerm/modules/azurerm-observability/main.tf
@@ -0,0 +1,44 @@
+#########################################
+# OBSERVABILITY
+#########################################
+
+resource "azurerm_log_analytics_workspace" "default" {
+ name = var.la_name
+ resource_group_name = var.resource_group_name
+ location = var.resource_group_location
+ sku = "PerGB2018"
+ retention_in_days = var.retention_in_days
+ depends_on = [data.azurerm_resource_group.default]
+ lifecycle {
+ ignore_changes = [
+ tags,
+ ]
+ }
+}
+
+resource "azurerm_log_analytics_solution" "default" {
+ solution_name = "ContainerInsights"
+ resource_group_name = var.resource_group_name
+ location = var.resource_group_location
+ workspace_resource_id = azurerm_log_analytics_workspace.default.id
+ workspace_name = azurerm_log_analytics_workspace.default.name
+ depends_on = [data.azurerm_resource_group.default, azurerm_log_analytics_workspace.default]
+ plan {
+ publisher = "Microsoft"
+ product = "OMSGallery/ContainerInsights"
+ }
+}
+
+resource "azurerm_application_insights" "default" {
+ name = var.app_insights_name
+ resource_group_name = var.resource_group_name
+ location = var.resource_group_location
+ application_type = var.log_application_type
+ workspace_id = azurerm_log_analytics_workspace.default.id
+ depends_on = [data.azurerm_resource_group.default, azurerm_log_analytics_workspace.default]
+ lifecycle {
+ ignore_changes = [
+ tags,
+ ]
+ }
+}
diff --git a/azurerm/modules/azurerm-observability/output.tf b/azurerm/modules/azurerm-observability/output.tf
new file mode 100644
index 00000000..68339b6c
--- /dev/null
+++ b/azurerm/modules/azurerm-observability/output.tf
@@ -0,0 +1,23 @@
+#########################################
+# Application Insights
+#########################################
+
+output "app_insights_resource_group_name" {
+ value = azurerm_log_analytics_workspace.default.resource_group_name
+}
+output "app_insights_name" {
+ value = azurerm_log_analytics_workspace.default.name
+}
+
+output "app_insights_id" {
+ value = azurerm_log_analytics_workspace.default.id
+}
+
+output "app_insights_key" {
+ value = azurerm_log_analytics_workspace.default.primary_shared_key
+}
+
+output "log_analytics_workspace_id" {
+ value = azurerm_log_analytics_workspace.default.id
+}
+
diff --git a/azurerm/modules/azurerm-observability/vars.tf b/azurerm/modules/azurerm-observability/vars.tf
new file mode 100644
index 00000000..c722e2b8
--- /dev/null
+++ b/azurerm/modules/azurerm-observability/vars.tf
@@ -0,0 +1,73 @@
+############################################
+# NAMING
+############################################
+
+variable "stage" {
+ type = string
+ default = "dev"
+}
+
+variable "attributes" {
+ description = "Additional attributes for tagging"
+ default = []
+}
+
+variable "tags" {
+ description = "Tags to be assigned to all resources, NB if global tagging is enabled these will get overwritten periodically"
+ type = map(string)
+ default = {}
+}
+
+###########################
+# OBSERVABILITY
+##########################
+
+variable "resource_group_name" {
+ type = string
+ default = ""
+ description = "Name of the Data Platform Resource Group."
+}
+
+variable "resource_group_location" {
+ description = "Location of the RG"
+ type = string
+ default = "useast"
+}
+
+variable "resource_group_tags" {
+ description = "Tags at a RG level"
+ type = map(string)
+ default = {}
+}
+
+variable "retention_in_days" {
+ type = number
+ default = 30
+}
+
+variable "log_application_type" {
+ description = "Log application type"
+ type = string
+ default = "other"
+}
+
+variable "key_vault_name" {
+ description = "Key Vault name - if not specificied will default to computed naming convention"
+ type = string
+ default = ""
+}
+
+variable "la_name" {
+ type = string
+ default = ""
+ description = "Name of the Log Analtics Instance to be created."
+}
+
+variable "app_insights_name" {
+ type = string
+ default = ""
+ description = "Name of the App Insights Instance to be created."
+}
+
+
+