diff --git a/src/az-aml-byo-vnet/README.md b/src/az-aml-byo-vnet/README.md new file mode 100644 index 0000000..fa56473 --- /dev/null +++ b/src/az-aml-byo-vnet/README.md @@ -0,0 +1,118 @@ +# Protect MLOps Solutions using Azure Network Security Capabilities + +# Types of VNET + +- Azure Managed VNET +- Customer VNET + +# Typical Functional Components in MLOps Solution +- Data storage: Azure Blob Storage +- Model training, validation and registration: Azure Machine Learning +- Model deployment: Azure Machine Learning endpoints and Azure Kubernetes Service +- Model monitor: Azure Monitor for Application Insights +- MLOps pipelines: Azure DevOps and Azure Pipelines + +# Azure Services used to help protect MLOps Solution +- Azure Key Vault for managing secrets/keys used in the solution +- Azure Policy for meeting regulatory and compliance requirements +- Microsoft Entra for Authentication and Authorization +- Virtual Network for network security + +# Benefits of Managed VNET +- Easy to configure +- Automatically secures your workspace and managed compute resources +- Outbound traffic required by the Azure ML service us automatically enabled +- Can be implemented in two patterns: allow internet outbound mode or allow only approved outbound mode (recommended) + +# Securing VNET along with data exfiltration prevention and data protection +- Use Azure virtual network for network isolation +- Put all the resources in the same region +- Have Hub VNET that contains the firewall. Use FQDNs in firewall in addition to service tags to prevent data exfiltation. +- Firewall in Hub VNET will control the internet outbound from your virtual networks. +- A spoke VNET to contain the following resources + - Training subnet that contains compute instance and compute clusters used for training the models + - Configure service endpoint with service endpoint policy to prevent data exfiltration + - Configure the resources in the training subnet with no public ip. + - Scoring subnet containing AKS cluster + - Private end point subnet that will contain the private endpoints used to connect to the workspace and its workspace components. Private endpoint will use private ip from the VNET pool of private ip addresses. + - Compute resources should be able to reach the firewall in hub VNET. + - Managed online endpoint that will use private endpoint of the workspace to process the incoming requests. + - Private endpoint to allow managed online endpoint deployments to access private storage. + - **Allow inbound from Azure ML service tag using NSG ans UDR to skip firewall when using compute instance or cluster with public ip. + - Enable "Allow trusted Microsoft services to bypass this firewall" for Azure Key Vault. + - Enable "Grant access to trusted Azure services" for Azure Storage account. + - Enable "Allow trusted services" for Azure container registry. + + ## Limitations + Workspace and default storage account must be in the same VNET + AKV and ACR for the workspace to be in the same VNET, or in a peered VNET + Azure Compute instance and compute clusters must be in the same VNET, region anf subscription as the workspace and its associated resources + + # List of Required Rules + These rules are automatically created with the managed VNET regardless of public network access mode for those resources + - Types of outbound: read only and read/write + - read only outbound cannot be explited by the malicious actors but read/write outbound can be. + - **Azure Storage and Azure Frontdoor are read/write outbound.** Hence to minimise the data exfiltration risk use a service endpoint policy with and Azure ML alias to allow outbound to only Azure ML managed storage accounts. There is no need to open outbound to storage on the firewall. + - Azure Service Tags required to allow outbound from compute instance and cluster to access Azure ML managed storage accounts to get scripts etc. + - Outbound service tag: AzureActiveDirectory Protocol:TCP Port:80, 443 + - Outbound service tag: AzureResourceManager Protocol:TCP Port:443 + - Outbound service tag:AzureMachineLearning Protocol:UDP Port:5831 + - Outbound service tag:BatchNodeManagement Protocol:TCP Port:443 + - Outbound service tag: AzureFrontDoor Protocol: Port: + - Outbound service tag: MicrosoftContainerRegistry Protocol: Port: + - Outbound service tag:AzureMonitor Protocol: Port: + - Inbound: AzureMachineLearning + + - Outbound FQDNs required to allow outbound from compute instance and cluster to access Azure ML managed storage accounts to get scripts etc. + - mcr.microsoft.com Protocol:TCP Port:443 + - *.data.mcr.microsoft.com Protocol:TCP Port:443 + - ml.azure.com Protocol:TCP Port:443 + - automlresources-prod.azureedge.net Protocol:TCP Port:443 + + ![Defaultoutboundrules](images/managedvnet_automaticrules.png) + + +## Public vs Private ML workspace +Public workspace can show data in your private storage account, so we recommend using private workspace. +Use Microsoft Entra authentication and authorization with conditional access if you want to access workspace publicly. + + + +## Managed online endpoint security - outbound and inbound +Enable network isolation for the managed online endpoints to secure the following network traffic: +- Inbound scoring requests +- Outbound communication with the workspace, ACR and Azure Blob storage + +## Private IP requirements +- One IP per compute instance, compute cluster node, and private endpoint +- IP's for AKS + +## Challenges due to shortage of Private IPs +Private IP address shortage in your main network. The hub-spoke network connected with your on-prem network might not have large enough private IP address space. In this case, use isolated, not peered VNets for Azure ML resources. + + + +## Built-in-policies (Azure Policy) + + + +## Image build compute for ACR behind VNET + +## Enable ML Studio UI with private link enabled workspace along with data exfiltration prevention + +## Enabling Defender for Cloud + +## Assigning Azure Policies for compliance +Policy | Description| +--- | --- | +Customer-managed key |Audit or enforce whether workspaces must use a customer-managed key. | +Private link | Audit or enforce whether workspaces use a private endpoint to communicate with a virtual network. | +Private endpoint | Configure the Azure Virtual Network subnet where the private endpoint should be created. | +Private DNS zone | Configure the private DNS zone to use for the private link. | +User-assigned managed identity | Audit or enforce whether workspaces use a user-assigned managed identity. | +Disable public network access | Audit or enforce whether workspaces disable access from the public internet. | +Disable local authentication | Audit or enforce whether Azure Machine Learning compute resources should have local authentication methods disabled. | +Modify/disable local authentication | Configure compute resources to disable local authentication methods. | +Compute cluster and instance is behind virtual network | Audit whether compute resources are behind a virtual network.| + + diff --git a/src/az-aml-byo-vnet/deploy/bicep/aml-byo-vnet.png b/src/az-aml-byo-vnet/deploy/bicep/aml-byo-vnet.png new file mode 100644 index 0000000..50e0171 Binary files /dev/null and b/src/az-aml-byo-vnet/deploy/bicep/aml-byo-vnet.png differ diff --git a/src/az-aml-byo-vnet/deploy/bicep/azuredeploy.json b/src/az-aml-byo-vnet/deploy/bicep/azuredeploy.json new file mode 100644 index 0000000..3e9f309 --- /dev/null +++ b/src/az-aml-byo-vnet/deploy/bicep/azuredeploy.json @@ -0,0 +1,2329 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.22.6.54827", + "templateHash": "14837695993710666307" + } + }, + "parameters": { + "prefix": { + "type": "string", + "minLength": 2, + "maxLength": 10, + "metadata": { + "description": "Prefix for all resource names." + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Azure region used for the deployment of all resources." + } + }, + "tags": { + "type": "object", + "defaultValue": {}, + "metadata": { + "description": "Set of tags to apply to all resources." + } + }, + "vnetAddressPrefix": { + "type": "string", + "defaultValue": "192.168.0.0/16", + "metadata": { + "description": "Virtual network address prefix" + } + }, + "trainingSubnetPrefix": { + "type": "string", + "defaultValue": "192.168.0.0/24", + "metadata": { + "description": "Training subnet address prefix" + } + }, + "scoringSubnetPrefix": { + "type": "string", + "defaultValue": "192.168.1.0/24", + "metadata": { + "description": "Scoring subnet address prefix" + } + }, + "azureBastionSubnetPrefix": { + "type": "string", + "defaultValue": "192.168.250.0/27", + "metadata": { + "description": "Bastion subnet address prefix" + } + }, + "deployJumphost": { + "type": "bool", + "defaultValue": true, + "metadata": { + "description": "Deploy a Bastion jumphost to access the network-isolated environment?" + } + }, + "dsvmJumpboxUsername": { + "type": "string", + "metadata": { + "description": "Jumphost virtual machine username" + } + }, + "dsvmJumpboxPassword": { + "type": "securestring", + "minLength": 8, + "metadata": { + "description": "Jumphost virtual machine password" + } + }, + "amlComputePublicIp": { + "type": "bool", + "defaultValue": true, + "metadata": { + "description": "Enable public IP for Azure Machine Learning compute nodes" + } + }, + "amlComputeDefaultVmSize": { + "type": "string", + "defaultValue": "Standard_DS3_v2", + "metadata": { + "description": "VM size for the default compute cluster" + } + } + }, + "variables": { + "name": "[toLower(format('{0}', parameters('prefix')))]", + "uniqueSuffix": "[substring(uniqueString(resourceGroup().id), 0, 4)]" + }, + "resources": [ + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[format('nsg-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "location": { + "value": "[parameters('location')]" + }, + "tags": { + "value": "[parameters('tags')]" + }, + "nsgName": { + "value": "[format('nsg-{0}-{1}', variables('name'), variables('uniqueSuffix'))]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.22.6.54827", + "templateHash": "9300262200889984871" + } + }, + "parameters": { + "location": { + "type": "string", + "metadata": { + "description": "Azure region of the deployment" + } + }, + "tags": { + "type": "object", + "metadata": { + "description": "Tags to add to the resources" + } + }, + "nsgName": { + "type": "string", + "metadata": { + "description": "Name of the network security group" + } + } + }, + "resources": [ + { + "type": "Microsoft.Network/networkSecurityGroups", + "apiVersion": "2022-01-01", + "name": "[parameters('nsgName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "properties": { + "securityRules": [ + { + "name": "BatchNodeManagement", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "29876-29877", + "sourceAddressPrefix": "BatchNodeManagement", + "destinationAddressPrefix": "*", + "access": "Allow", + "priority": 120, + "direction": "Inbound" + } + }, + { + "name": "AzureMachineLearning", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "44224", + "sourceAddressPrefix": "AzureMachineLearning", + "destinationAddressPrefix": "*", + "access": "Allow", + "priority": 130, + "direction": "Inbound" + } + }, + { + "name": "AzureActiveDirectory", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "*", + "sourceAddressPrefix": "*", + "destinationAddressPrefix": "AzureActiveDirectory", + "access": "Allow", + "priority": 140, + "direction": "Outbound" + } + }, + { + "name": "AzureMachineLearningOutbound", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "443", + "sourceAddressPrefix": "*", + "destinationAddressPrefix": "AzureMachineLearning", + "access": "Allow", + "priority": 150, + "direction": "Outbound" + } + }, + { + "name": "AzureResourceManager", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "443", + "sourceAddressPrefix": "*", + "destinationAddressPrefix": "AzureResourceManager", + "access": "Allow", + "priority": 160, + "direction": "Outbound" + } + }, + { + "name": "AzureStorageAccount", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "443", + "sourceAddressPrefix": "*", + "destinationAddressPrefix": "[format('Storage.{0}', parameters('location'))]", + "access": "Allow", + "priority": 170, + "direction": "Outbound" + } + }, + { + "name": "AzureFrontDoor", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "443", + "sourceAddressPrefix": "*", + "destinationAddressPrefix": "AzureFrontDoor.FrontEnd", + "access": "Allow", + "priority": 180, + "direction": "Outbound" + } + }, + { + "name": "AzureContainerRegistry", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "443", + "sourceAddressPrefix": "*", + "destinationAddressPrefix": "[format('AzureContainerRegistry.{0}', parameters('location'))]", + "access": "Allow", + "priority": 190, + "direction": "Outbound" + } + }, + { + "name": "MicrosoftContainerRegistry", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "443", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "MicrosoftContainerRegistry", + "access": "Allow", + "priority": 200, + "direction": "Outbound" + } + } + ] + } + } + ], + "outputs": { + "networkSecurityGroup": { + "type": "string", + "value": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('nsgName'))]" + } + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "location": { + "value": "[parameters('location')]" + }, + "virtualNetworkName": { + "value": "[format('vnet-{0}-{1}', variables('name'), variables('uniqueSuffix'))]" + }, + "networkSecurityGroupId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('nsg-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.networkSecurityGroup.value]" + }, + "vnetAddressPrefix": { + "value": "[parameters('vnetAddressPrefix')]" + }, + "trainingSubnetPrefix": { + "value": "[parameters('trainingSubnetPrefix')]" + }, + "scoringSubnetPrefix": { + "value": "[parameters('scoringSubnetPrefix')]" + }, + "tags": { + "value": "[parameters('tags')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.22.6.54827", + "templateHash": "10356818880581245185" + } + }, + "parameters": { + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Azure region of the deployment" + } + }, + "tags": { + "type": "object", + "defaultValue": {}, + "metadata": { + "description": "Tags to add to the resources" + } + }, + "virtualNetworkName": { + "type": "string", + "metadata": { + "description": "Name of the virtual network resource" + } + }, + "networkSecurityGroupId": { + "type": "string", + "metadata": { + "description": "Group ID of the network security group" + } + }, + "vnetAddressPrefix": { + "type": "string", + "defaultValue": "192.168.0.0/16", + "metadata": { + "description": "Virtual network address prefix" + } + }, + "trainingSubnetPrefix": { + "type": "string", + "defaultValue": "192.168.0.0/24", + "metadata": { + "description": "Training subnet address prefix" + } + }, + "scoringSubnetPrefix": { + "type": "string", + "defaultValue": "192.168.1.0/24", + "metadata": { + "description": "Scoring subnet address prefix" + } + } + }, + "resources": [ + { + "type": "Microsoft.Network/virtualNetworks", + "apiVersion": "2022-01-01", + "name": "[parameters('virtualNetworkName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "properties": { + "addressSpace": { + "addressPrefixes": [ + "[parameters('vnetAddressPrefix')]" + ] + }, + "subnets": [ + { + "name": "snet-training", + "properties": { + "addressPrefix": "[parameters('trainingSubnetPrefix')]", + "privateEndpointNetworkPolicies": "Disabled", + "privateLinkServiceNetworkPolicies": "Disabled", + "networkSecurityGroup": { + "id": "[parameters('networkSecurityGroupId')]" + } + } + }, + { + "name": "snet-scoring", + "properties": { + "addressPrefix": "[parameters('scoringSubnetPrefix')]", + "privateEndpointNetworkPolicies": "Disabled", + "privateLinkServiceNetworkPolicies": "Disabled", + "serviceEndpoints": [ + { + "service": "Microsoft.KeyVault" + }, + { + "service": "Microsoft.ContainerRegistry" + }, + { + "service": "Microsoft.Storage" + } + ], + "networkSecurityGroup": { + "id": "[parameters('networkSecurityGroupId')]" + } + } + } + ] + } + } + ], + "outputs": { + "id": { + "type": "string", + "value": "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworkName'))]" + }, + "name": { + "type": "string", + "value": "[parameters('virtualNetworkName')]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', format('nsg-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix')))]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[format('kv-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "location": { + "value": "[parameters('location')]" + }, + "keyvaultName": { + "value": "[format('kv-{0}-{1}', variables('name'), variables('uniqueSuffix'))]" + }, + "keyvaultPleName": { + "value": "[format('ple-{0}-{1}-kv', variables('name'), variables('uniqueSuffix'))]" + }, + "subnetId": { + "value": "[format('{0}/subnets/snet-training', reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.id.value)]" + }, + "virtualNetworkId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.id.value]" + }, + "tags": { + "value": "[parameters('tags')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.22.6.54827", + "templateHash": "6617626327846188001" + } + }, + "parameters": { + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "The Azure Region to deploy the resources into" + } + }, + "tags": { + "type": "object", + "defaultValue": {}, + "metadata": { + "description": "Tags to apply to the Key Vault Instance" + } + }, + "keyvaultName": { + "type": "string", + "metadata": { + "description": "The name of the Key Vault" + } + }, + "keyvaultPleName": { + "type": "string", + "metadata": { + "description": "The name of the Key Vault private link endpoint" + } + }, + "subnetId": { + "type": "string", + "metadata": { + "description": "The Subnet ID where the Key Vault Private Link is to be created" + } + }, + "virtualNetworkId": { + "type": "string", + "metadata": { + "description": "The VNet ID where the Key Vault Private Link is to be created" + } + } + }, + "variables": { + "privateDnsZoneName": "[format('privatelink{0}', environment().suffixes.keyvaultDns)]" + }, + "resources": [ + { + "type": "Microsoft.KeyVault/vaults", + "apiVersion": "2021-10-01", + "name": "[parameters('keyvaultName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "properties": { + "createMode": "default", + "enabledForDeployment": false, + "enabledForDiskEncryption": false, + "enabledForTemplateDeployment": false, + "enableSoftDelete": true, + "enableRbacAuthorization": true, + "enablePurgeProtection": true, + "networkAcls": { + "bypass": "AzureServices", + "defaultAction": "Deny" + }, + "sku": { + "family": "A", + "name": "standard" + }, + "softDeleteRetentionInDays": 7, + "tenantId": "[subscription().tenantId]" + } + }, + { + "type": "Microsoft.Network/privateEndpoints", + "apiVersion": "2022-01-01", + "name": "[parameters('keyvaultPleName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "properties": { + "privateLinkServiceConnections": [ + { + "name": "[parameters('keyvaultPleName')]", + "properties": { + "groupIds": [ + "vault" + ], + "privateLinkServiceId": "[resourceId('Microsoft.KeyVault/vaults', parameters('keyvaultName'))]" + } + } + ], + "subnet": { + "id": "[parameters('subnetId')]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.KeyVault/vaults', parameters('keyvaultName'))]" + ] + }, + { + "type": "Microsoft.Network/privateDnsZones", + "apiVersion": "2020-06-01", + "name": "[variables('privateDnsZoneName')]", + "location": "global" + }, + { + "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", + "apiVersion": "2022-01-01", + "name": "[format('{0}/vault-PrivateDnsZoneGroup', parameters('keyvaultPleName'))]", + "properties": { + "privateDnsZoneConfigs": [ + { + "name": "[variables('privateDnsZoneName')]", + "properties": { + "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZoneName'))]" + } + } + ] + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZoneName'))]", + "[resourceId('Microsoft.Network/privateEndpoints', parameters('keyvaultPleName'))]" + ] + }, + { + "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks", + "apiVersion": "2020-06-01", + "name": "[format('{0}/{1}', variables('privateDnsZoneName'), uniqueString(resourceId('Microsoft.KeyVault/vaults', parameters('keyvaultName'))))]", + "location": "global", + "properties": { + "registrationEnabled": false, + "virtualNetwork": { + "id": "[parameters('virtualNetworkId')]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.KeyVault/vaults', parameters('keyvaultName'))]", + "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZoneName'))]" + ] + } + ], + "outputs": { + "keyvaultId": { + "type": "string", + "value": "[resourceId('Microsoft.KeyVault/vaults', parameters('keyvaultName'))]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix')))]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[format('st{0}{1}-deployment', variables('name'), variables('uniqueSuffix'))]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "location": { + "value": "[parameters('location')]" + }, + "storageName": { + "value": "[format('st{0}{1}', variables('name'), variables('uniqueSuffix'))]" + }, + "storagePleBlobName": { + "value": "[format('ple-{0}-{1}-st-blob', variables('name'), variables('uniqueSuffix'))]" + }, + "storagePleFileName": { + "value": "[format('ple-{0}-{1}-st-file', variables('name'), variables('uniqueSuffix'))]" + }, + "storageSkuName": { + "value": "Standard_LRS" + }, + "subnetId": { + "value": "[format('{0}/subnets/snet-training', reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.id.value)]" + }, + "virtualNetworkId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.id.value]" + }, + "tags": { + "value": "[parameters('tags')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.22.6.54827", + "templateHash": "14002377599654824735" + } + }, + "parameters": { + "location": { + "type": "string", + "metadata": { + "description": "Azure region of the deployment" + } + }, + "tags": { + "type": "object", + "metadata": { + "description": "Tags to add to the resources" + } + }, + "storageName": { + "type": "string", + "metadata": { + "description": "Name of the storage account" + } + }, + "storagePleBlobName": { + "type": "string", + "metadata": { + "description": "Name of the storage blob private link endpoint" + } + }, + "storagePleFileName": { + "type": "string", + "metadata": { + "description": "Name of the storage file private link endpoint" + } + }, + "subnetId": { + "type": "string", + "metadata": { + "description": "Resource ID of the subnet" + } + }, + "virtualNetworkId": { + "type": "string", + "metadata": { + "description": "Resource ID of the virtual network" + } + }, + "storageSkuName": { + "type": "string", + "defaultValue": "Standard_LRS", + "allowedValues": [ + "Standard_LRS", + "Standard_ZRS", + "Standard_GRS", + "Standard_GZRS", + "Standard_RAGRS", + "Standard_RAGZRS", + "Premium_LRS", + "Premium_ZRS" + ], + "metadata": { + "description": "Storage SKU" + } + } + }, + "variables": { + "storageNameCleaned": "[replace(parameters('storageName'), '-', '')]", + "blobPrivateDnsZoneName": "[format('privatelink.blob.{0}', environment().suffixes.storage)]", + "filePrivateDnsZoneName": "[format('privatelink.file.{0}', environment().suffixes.storage)]" + }, + "resources": [ + { + "type": "Microsoft.Storage/storageAccounts", + "apiVersion": "2021-09-01", + "name": "[variables('storageNameCleaned')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "sku": { + "name": "[parameters('storageSkuName')]" + }, + "kind": "StorageV2", + "properties": { + "accessTier": "Hot", + "allowBlobPublicAccess": false, + "allowCrossTenantReplication": false, + "allowSharedKeyAccess": true, + "encryption": { + "keySource": "Microsoft.Storage", + "requireInfrastructureEncryption": false, + "services": { + "blob": { + "enabled": true, + "keyType": "Account" + }, + "file": { + "enabled": true, + "keyType": "Account" + }, + "queue": { + "enabled": true, + "keyType": "Service" + }, + "table": { + "enabled": true, + "keyType": "Service" + } + } + }, + "isHnsEnabled": false, + "isNfsV3Enabled": false, + "keyPolicy": { + "keyExpirationPeriodInDays": 7 + }, + "largeFileSharesState": "Disabled", + "minimumTlsVersion": "TLS1_2", + "networkAcls": { + "bypass": "AzureServices", + "defaultAction": "Deny" + }, + "supportsHttpsTrafficOnly": true + } + }, + { + "type": "Microsoft.Network/privateEndpoints", + "apiVersion": "2022-01-01", + "name": "[parameters('storagePleBlobName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "properties": { + "privateLinkServiceConnections": [ + { + "name": "[parameters('storagePleBlobName')]", + "properties": { + "groupIds": [ + "blob" + ], + "privateLinkServiceId": "[resourceId('Microsoft.Storage/storageAccounts', variables('storageNameCleaned'))]", + "privateLinkServiceConnectionState": { + "status": "Approved", + "description": "Auto-Approved", + "actionsRequired": "None" + } + } + } + ], + "subnet": { + "id": "[parameters('subnetId')]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Storage/storageAccounts', variables('storageNameCleaned'))]" + ] + }, + { + "type": "Microsoft.Network/privateEndpoints", + "apiVersion": "2022-01-01", + "name": "[parameters('storagePleFileName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "properties": { + "privateLinkServiceConnections": [ + { + "name": "[parameters('storagePleFileName')]", + "properties": { + "groupIds": [ + "file" + ], + "privateLinkServiceId": "[resourceId('Microsoft.Storage/storageAccounts', variables('storageNameCleaned'))]", + "privateLinkServiceConnectionState": { + "status": "Approved", + "description": "Auto-Approved", + "actionsRequired": "None" + } + } + } + ], + "subnet": { + "id": "[parameters('subnetId')]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Storage/storageAccounts', variables('storageNameCleaned'))]" + ] + }, + { + "type": "Microsoft.Network/privateDnsZones", + "apiVersion": "2020-06-01", + "name": "[variables('blobPrivateDnsZoneName')]", + "location": "global" + }, + { + "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", + "apiVersion": "2022-01-01", + "name": "[format('{0}/blob-PrivateDnsZoneGroup', parameters('storagePleBlobName'))]", + "properties": { + "privateDnsZoneConfigs": [ + { + "name": "[variables('blobPrivateDnsZoneName')]", + "properties": { + "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('blobPrivateDnsZoneName'))]" + } + } + ] + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', variables('blobPrivateDnsZoneName'))]", + "[resourceId('Microsoft.Network/privateEndpoints', parameters('storagePleBlobName'))]" + ] + }, + { + "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks", + "apiVersion": "2020-06-01", + "name": "[format('{0}/{1}', variables('blobPrivateDnsZoneName'), uniqueString(resourceId('Microsoft.Storage/storageAccounts', variables('storageNameCleaned'))))]", + "location": "global", + "properties": { + "registrationEnabled": false, + "virtualNetwork": { + "id": "[parameters('virtualNetworkId')]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', variables('blobPrivateDnsZoneName'))]", + "[resourceId('Microsoft.Storage/storageAccounts', variables('storageNameCleaned'))]" + ] + }, + { + "type": "Microsoft.Network/privateDnsZones", + "apiVersion": "2020-06-01", + "name": "[variables('filePrivateDnsZoneName')]", + "location": "global" + }, + { + "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", + "apiVersion": "2022-01-01", + "name": "[format('{0}/flie-PrivateDnsZoneGroup', parameters('storagePleFileName'))]", + "properties": { + "privateDnsZoneConfigs": [ + { + "name": "[variables('filePrivateDnsZoneName')]", + "properties": { + "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('filePrivateDnsZoneName'))]" + } + } + ] + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', variables('filePrivateDnsZoneName'))]", + "[resourceId('Microsoft.Network/privateEndpoints', parameters('storagePleFileName'))]" + ] + }, + { + "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks", + "apiVersion": "2020-06-01", + "name": "[format('{0}/{1}', variables('filePrivateDnsZoneName'), uniqueString(resourceId('Microsoft.Storage/storageAccounts', variables('storageNameCleaned'))))]", + "location": "global", + "properties": { + "registrationEnabled": false, + "virtualNetwork": { + "id": "[parameters('virtualNetworkId')]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', variables('filePrivateDnsZoneName'))]", + "[resourceId('Microsoft.Storage/storageAccounts', variables('storageNameCleaned'))]" + ] + } + ], + "outputs": { + "storageId": { + "type": "string", + "value": "[resourceId('Microsoft.Storage/storageAccounts', variables('storageNameCleaned'))]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix')))]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[format('cr{0}{1}-deployment', variables('name'), variables('uniqueSuffix'))]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "location": { + "value": "[parameters('location')]" + }, + "containerRegistryName": { + "value": "[format('cr{0}{1}', variables('name'), variables('uniqueSuffix'))]" + }, + "containerRegistryPleName": { + "value": "[format('ple-{0}-{1}-cr', variables('name'), variables('uniqueSuffix'))]" + }, + "subnetId": { + "value": "[format('{0}/subnets/snet-training', reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.id.value)]" + }, + "virtualNetworkId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.id.value]" + }, + "tags": { + "value": "[parameters('tags')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.22.6.54827", + "templateHash": "6417945191611015305" + } + }, + "parameters": { + "location": { + "type": "string", + "metadata": { + "description": "Azure region of the deployment" + } + }, + "tags": { + "type": "object", + "metadata": { + "description": "Tags to add to the resources" + } + }, + "containerRegistryName": { + "type": "string", + "metadata": { + "description": "Container registry name" + } + }, + "containerRegistryPleName": { + "type": "string", + "metadata": { + "description": "Container registry private link endpoint name" + } + }, + "subnetId": { + "type": "string", + "metadata": { + "description": "Resource ID of the subnet" + } + }, + "virtualNetworkId": { + "type": "string", + "metadata": { + "description": "Resource ID of the virtual network" + } + } + }, + "variables": { + "containerRegistryNameCleaned": "[replace(parameters('containerRegistryName'), '-', '')]", + "privateDnsZoneName": "[format('privatelink{0}', environment().suffixes.acrLoginServer)]", + "groupName": "registry" + }, + "resources": [ + { + "type": "Microsoft.ContainerRegistry/registries", + "apiVersion": "2021-09-01", + "name": "[variables('containerRegistryNameCleaned')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "sku": { + "name": "Premium" + }, + "properties": { + "adminUserEnabled": true, + "dataEndpointEnabled": false, + "networkRuleBypassOptions": "AzureServices", + "networkRuleSet": { + "defaultAction": "Deny" + }, + "policies": { + "quarantinePolicy": { + "status": "disabled" + }, + "retentionPolicy": { + "status": "enabled", + "days": 7 + }, + "trustPolicy": { + "status": "disabled", + "type": "Notary" + } + }, + "publicNetworkAccess": "Disabled", + "zoneRedundancy": "Disabled" + } + }, + { + "type": "Microsoft.Network/privateEndpoints", + "apiVersion": "2022-01-01", + "name": "[parameters('containerRegistryPleName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "properties": { + "privateLinkServiceConnections": [ + { + "name": "[parameters('containerRegistryPleName')]", + "properties": { + "groupIds": [ + "[variables('groupName')]" + ], + "privateLinkServiceId": "[resourceId('Microsoft.ContainerRegistry/registries', variables('containerRegistryNameCleaned'))]" + } + } + ], + "subnet": { + "id": "[parameters('subnetId')]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.ContainerRegistry/registries', variables('containerRegistryNameCleaned'))]" + ] + }, + { + "type": "Microsoft.Network/privateDnsZones", + "apiVersion": "2020-06-01", + "name": "[variables('privateDnsZoneName')]", + "location": "global" + }, + { + "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", + "apiVersion": "2022-01-01", + "name": "[format('{0}/{1}-PrivateDnsZoneGroup', parameters('containerRegistryPleName'), variables('groupName'))]", + "properties": { + "privateDnsZoneConfigs": [ + { + "name": "[variables('privateDnsZoneName')]", + "properties": { + "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZoneName'))]" + } + } + ] + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZoneName'))]", + "[resourceId('Microsoft.Network/privateEndpoints', parameters('containerRegistryPleName'))]" + ] + }, + { + "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks", + "apiVersion": "2020-06-01", + "name": "[format('{0}/{1}', variables('privateDnsZoneName'), uniqueString(resourceId('Microsoft.ContainerRegistry/registries', variables('containerRegistryNameCleaned'))))]", + "location": "global", + "properties": { + "registrationEnabled": false, + "virtualNetwork": { + "id": "[parameters('virtualNetworkId')]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZoneName'))]", + "[resourceId('Microsoft.ContainerRegistry/registries', variables('containerRegistryNameCleaned'))]" + ] + } + ], + "outputs": { + "containerRegistryId": { + "type": "string", + "value": "[resourceId('Microsoft.ContainerRegistry/registries', variables('containerRegistryNameCleaned'))]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix')))]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[format('appi-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "location": { + "value": "[parameters('location')]" + }, + "applicationInsightsName": { + "value": "[format('appi-{0}-{1}', variables('name'), variables('uniqueSuffix'))]" + }, + "logAnalyticsWorkspaceName": { + "value": "[format('ws-{0}-{1}', variables('name'), variables('uniqueSuffix'))]" + }, + "tags": { + "value": "[parameters('tags')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.22.6.54827", + "templateHash": "8569829583305523334" + } + }, + "parameters": { + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Azure region of the deployment" + } + }, + "tags": { + "type": "object", + "defaultValue": {}, + "metadata": { + "description": "Tags to add to the resources" + } + }, + "applicationInsightsName": { + "type": "string", + "metadata": { + "description": "Application Insights resource name" + } + }, + "logAnalyticsWorkspaceName": { + "type": "string", + "metadata": { + "description": "Log Analytics resource name" + } + } + }, + "resources": [ + { + "type": "Microsoft.OperationalInsights/workspaces", + "apiVersion": "2021-06-01", + "name": "[parameters('logAnalyticsWorkspaceName')]", + "location": "[parameters('location')]", + "properties": { + "sku": { + "name": "PerGB2018" + }, + "retentionInDays": 30, + "publicNetworkAccessForIngestion": "Enabled", + "publicNetworkAccessForQuery": "Disabled" + } + }, + { + "type": "Microsoft.Insights/components", + "apiVersion": "2020-02-02", + "name": "[parameters('applicationInsightsName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "kind": "web", + "properties": { + "Application_Type": "web", + "WorkspaceResourceId": "[resourceId('Microsoft.OperationalInsights/workspaces', parameters('logAnalyticsWorkspaceName'))]", + "Flow_Type": "Bluefield" + }, + "dependsOn": [ + "[resourceId('Microsoft.OperationalInsights/workspaces', parameters('logAnalyticsWorkspaceName'))]" + ] + } + ], + "outputs": { + "applicationInsightsId": { + "type": "string", + "value": "[resourceId('Microsoft.Insights/components', parameters('applicationInsightsName'))]" + } + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[format('mlw-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "machineLearningName": { + "value": "[format('mlw-{0}-{1}', variables('name'), variables('uniqueSuffix'))]" + }, + "machineLearningFriendlyName": { + "value": "Private link endpoint sample workspace" + }, + "machineLearningDescription": { + "value": "This is an example workspace having a private link endpoint." + }, + "location": { + "value": "[parameters('location')]" + }, + "prefix": { + "value": "[variables('name')]" + }, + "tags": { + "value": "[parameters('tags')]" + }, + "applicationInsightsId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('appi-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.applicationInsightsId.value]" + }, + "containerRegistryId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('cr{0}{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.containerRegistryId.value]" + }, + "keyVaultId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('kv-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.keyvaultId.value]" + }, + "storageAccountId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('st{0}{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.storageId.value]" + }, + "subnetId": { + "value": "[format('{0}/subnets/snet-training', reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.id.value)]" + }, + "computeSubnetId": { + "value": "[format('{0}/subnets/snet-training', reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.id.value)]" + }, + "aksSubnetId": { + "value": "[format('{0}/subnets/snet-scoring', reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.id.value)]" + }, + "virtualNetworkId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.id.value]" + }, + "machineLearningPleName": { + "value": "[format('ple-{0}-{1}-mlw', variables('name'), variables('uniqueSuffix'))]" + }, + "amlComputePublicIp": { + "value": "[parameters('amlComputePublicIp')]" + }, + "mlAksName": { + "value": "[format('aks-{0}-{1}', variables('name'), variables('uniqueSuffix'))]" + }, + "vmSizeParam": { + "value": "[parameters('amlComputeDefaultVmSize')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.22.6.54827", + "templateHash": "3824042320203608415" + } + }, + "parameters": { + "prefix": { + "type": "string", + "metadata": { + "description": "Prefix for resource names" + } + }, + "location": { + "type": "string", + "metadata": { + "description": "Azure region of the deployment" + } + }, + "tags": { + "type": "object", + "metadata": { + "description": "Tags to add to the resources" + } + }, + "machineLearningName": { + "type": "string", + "metadata": { + "description": "Machine learning workspace name" + } + }, + "machineLearningFriendlyName": { + "type": "string", + "defaultValue": "[parameters('machineLearningName')]", + "metadata": { + "description": "Machine learning workspace display name" + } + }, + "machineLearningDescription": { + "type": "string", + "metadata": { + "description": "Machine learning workspace description" + } + }, + "mlAksName": { + "type": "string", + "metadata": { + "description": "Name of the Azure Kubernetes services resource to create and attached to the machine learning workspace" + } + }, + "applicationInsightsId": { + "type": "string", + "metadata": { + "description": "Resource ID of the application insights resource" + } + }, + "containerRegistryId": { + "type": "string", + "metadata": { + "description": "Resource ID of the container registry resource" + } + }, + "keyVaultId": { + "type": "string", + "metadata": { + "description": "Resource ID of the key vault resource" + } + }, + "storageAccountId": { + "type": "string", + "metadata": { + "description": "Resource ID of the storage account resource" + } + }, + "subnetId": { + "type": "string", + "metadata": { + "description": "Resource ID of the subnet resource" + } + }, + "computeSubnetId": { + "type": "string", + "metadata": { + "description": "Resource ID of the compute subnet" + } + }, + "aksSubnetId": { + "type": "string", + "metadata": { + "description": "Resource ID of the Azure Kubernetes services resource" + } + }, + "virtualNetworkId": { + "type": "string", + "metadata": { + "description": "Resource ID of the virtual network" + } + }, + "machineLearningPleName": { + "type": "string", + "metadata": { + "description": "Machine learning workspace private link endpoint name" + } + }, + "amlComputePublicIp": { + "type": "bool", + "defaultValue": true, + "metadata": { + "description": "Enable public IP for Azure Machine Learning compute nodes" + } + }, + "vmSizeParam": { + "type": "string", + "metadata": { + "description": "VM size for the default compute cluster" + } + } + }, + "resources": [ + { + "type": "Microsoft.MachineLearningServices/workspaces", + "apiVersion": "2022-05-01", + "name": "[parameters('machineLearningName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "identity": { + "type": "SystemAssigned" + }, + "properties": { + "friendlyName": "[parameters('machineLearningFriendlyName')]", + "description": "[parameters('machineLearningDescription')]", + "applicationInsights": "[parameters('applicationInsightsId')]", + "containerRegistry": "[parameters('containerRegistryId')]", + "keyVault": "[parameters('keyVaultId')]", + "storageAccount": "[parameters('storageAccountId')]", + "imageBuildCompute": "cluster001", + "publicNetworkAccess": "Disabled" + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "machineLearningNetworking", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "location": { + "value": "[parameters('location')]" + }, + "tags": { + "value": "[parameters('tags')]" + }, + "virtualNetworkId": { + "value": "[parameters('virtualNetworkId')]" + }, + "workspaceArmId": { + "value": "[resourceId('Microsoft.MachineLearningServices/workspaces', parameters('machineLearningName'))]" + }, + "subnetId": { + "value": "[parameters('subnetId')]" + }, + "machineLearningPleName": { + "value": "[parameters('machineLearningPleName')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.22.6.54827", + "templateHash": "5379221828291825785" + } + }, + "parameters": { + "location": { + "type": "string", + "metadata": { + "description": "Azure region of the deployment" + } + }, + "machineLearningPleName": { + "type": "string", + "metadata": { + "description": "Machine learning workspace private link endpoint name" + } + }, + "virtualNetworkId": { + "type": "string", + "metadata": { + "description": "Resource ID of the virtual network resource" + } + }, + "subnetId": { + "type": "string", + "metadata": { + "description": "Resource ID of the subnet resource" + } + }, + "workspaceArmId": { + "type": "string", + "metadata": { + "description": "Resource ID of the machine learning workspace" + } + }, + "tags": { + "type": "object", + "metadata": { + "description": "Tags to add to the resources" + } + } + }, + "variables": { + "privateDnsZoneName": { + "azureusgovernment": "privatelink.api.ml.azure.us", + "azurechinacloud": "privatelink.api.ml.azure.cn", + "azurecloud": "privatelink.api.azureml.ms" + }, + "privateAznbDnsZoneName": { + "azureusgovernment": "privatelink.notebooks.usgovcloudapi.net", + "azurechinacloud": "privatelink.notebooks.chinacloudapi.cn", + "azurecloud": "privatelink.notebooks.azure.net" + } + }, + "resources": [ + { + "type": "Microsoft.Network/privateEndpoints", + "apiVersion": "2022-01-01", + "name": "[parameters('machineLearningPleName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "properties": { + "privateLinkServiceConnections": [ + { + "name": "[parameters('machineLearningPleName')]", + "properties": { + "groupIds": [ + "amlworkspace" + ], + "privateLinkServiceId": "[parameters('workspaceArmId')]" + } + } + ], + "subnet": { + "id": "[parameters('subnetId')]" + } + } + }, + { + "type": "Microsoft.Network/privateDnsZones", + "apiVersion": "2020-06-01", + "name": "[variables('privateDnsZoneName')[toLower(environment().name)]]", + "location": "global" + }, + { + "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks", + "apiVersion": "2020-06-01", + "name": "[format('{0}/{1}', variables('privateDnsZoneName')[toLower(environment().name)], uniqueString(parameters('workspaceArmId')))]", + "location": "global", + "properties": { + "registrationEnabled": false, + "virtualNetwork": { + "id": "[parameters('virtualNetworkId')]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZoneName')[toLower(environment().name)])]" + ] + }, + { + "type": "Microsoft.Network/privateDnsZones", + "apiVersion": "2020-06-01", + "name": "[variables('privateAznbDnsZoneName')[toLower(environment().name)]]", + "location": "global" + }, + { + "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks", + "apiVersion": "2020-06-01", + "name": "[format('{0}/{1}', variables('privateAznbDnsZoneName')[toLower(environment().name)], uniqueString(parameters('workspaceArmId')))]", + "location": "global", + "properties": { + "registrationEnabled": false, + "virtualNetwork": { + "id": "[parameters('virtualNetworkId')]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', variables('privateAznbDnsZoneName')[toLower(environment().name)])]" + ] + }, + { + "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", + "apiVersion": "2022-01-01", + "name": "[format('{0}/amlworkspace-PrivateDnsZoneGroup', parameters('machineLearningPleName'))]", + "properties": { + "privateDnsZoneConfigs": [ + { + "name": "[variables('privateDnsZoneName')[environment().name]]", + "properties": { + "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZoneName')[toLower(environment().name)])]" + } + }, + { + "name": "[variables('privateAznbDnsZoneName')[environment().name]]", + "properties": { + "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('privateAznbDnsZoneName')[toLower(environment().name)])]" + } + } + ] + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZoneName')[toLower(environment().name)])]", + "[resourceId('Microsoft.Network/privateEndpoints', parameters('machineLearningPleName'))]", + "[resourceId('Microsoft.Network/privateDnsZones', variables('privateAznbDnsZoneName')[toLower(environment().name)])]" + ] + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.MachineLearningServices/workspaces', parameters('machineLearningName'))]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "machineLearningComputes", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "machineLearning": { + "value": "[parameters('machineLearningName')]" + }, + "location": { + "value": "[parameters('location')]" + }, + "computeSubnetId": { + "value": "[parameters('computeSubnetId')]" + }, + "aksName": { + "value": "[parameters('mlAksName')]" + }, + "aksSubnetId": { + "value": "[parameters('aksSubnetId')]" + }, + "prefix": { + "value": "[parameters('prefix')]" + }, + "tags": { + "value": "[parameters('tags')]" + }, + "amlComputePublicIp": { + "value": "[parameters('amlComputePublicIp')]" + }, + "vmSizeParam": { + "value": "[parameters('vmSizeParam')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.22.6.54827", + "templateHash": "13977547577004845106" + } + }, + "parameters": { + "prefix": { + "type": "string", + "metadata": { + "description": "Prefix for resource names" + } + }, + "machineLearning": { + "type": "string", + "metadata": { + "description": "Azure Machine Learning workspace to create the compute resources in" + } + }, + "location": { + "type": "string", + "metadata": { + "description": "Azure region of the deployment" + } + }, + "tags": { + "type": "object", + "metadata": { + "description": "Tags to add to the resources" + } + }, + "computeSubnetId": { + "type": "string", + "metadata": { + "description": "Resource ID of the compute subnet" + } + }, + "aksName": { + "type": "string", + "metadata": { + "description": "Name of the Azure Kubernetes services resource" + } + }, + "aksSubnetId": { + "type": "string", + "metadata": { + "description": "Resource ID of the Azure Kubernetes services resource" + } + }, + "amlComputePublicIp": { + "type": "bool", + "metadata": { + "description": "Resource ID of the Azure Kubernetes services resource" + } + }, + "vmSizeParam": { + "type": "string", + "metadata": { + "description": "VM size for the default compute cluster" + } + } + }, + "resources": [ + { + "type": "Microsoft.MachineLearningServices/workspaces/computes", + "apiVersion": "2022-05-01", + "name": "[format('{0}/cluster001', parameters('machineLearning'))]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "identity": { + "type": "SystemAssigned" + }, + "properties": { + "computeType": "AmlCompute", + "computeLocation": "[parameters('location')]", + "description": "Machine Learning cluster 001", + "disableLocalAuth": true, + "properties": { + "vmPriority": "Dedicated", + "vmSize": "[parameters('vmSizeParam')]", + "enableNodePublicIp": "[parameters('amlComputePublicIp')]", + "isolatedNetwork": false, + "osType": "Linux", + "remoteLoginPortPublicAccess": "Disabled", + "scaleSettings": { + "minNodeCount": 0, + "maxNodeCount": 5, + "nodeIdleTimeBeforeScaleDown": "PT120S" + }, + "subnet": { + "id": "[parameters('computeSubnetId')]" + } + } + } + }, + { + "type": "Microsoft.MachineLearningServices/workspaces/computes", + "apiVersion": "2022-05-01", + "name": "[format('{0}/{1}-ci001', parameters('machineLearning'), parameters('prefix'))]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "identity": { + "type": "SystemAssigned" + }, + "properties": { + "computeType": "ComputeInstance", + "computeLocation": "[parameters('location')]", + "description": "Machine Learning compute instance 001", + "disableLocalAuth": true, + "properties": { + "applicationSharingPolicy": "Personal", + "computeInstanceAuthorizationType": "personal", + "sshSettings": { + "sshPublicAccess": "Disabled" + }, + "subnet": { + "id": "[parameters('computeSubnetId')]" + }, + "vmSize": "[parameters('vmSizeParam')]" + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[parameters('aksName')]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "location": { + "value": "[parameters('location')]" + }, + "tags": { + "value": "[parameters('tags')]" + }, + "aksClusterName": { + "value": "[parameters('aksName')]" + }, + "computeName": { + "value": "[parameters('aksName')]" + }, + "aksSubnetId": { + "value": "[parameters('aksSubnetId')]" + }, + "workspaceName": { + "value": "[parameters('machineLearning')]" + }, + "vmSizeParam": { + "value": "[parameters('vmSizeParam')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.22.6.54827", + "templateHash": "6366365386259200500" + } + }, + "parameters": { + "aksClusterName": { + "type": "string", + "metadata": { + "description": "Name of the Azure Kubernetes Service cluster" + } + }, + "location": { + "type": "string", + "metadata": { + "description": "Azure region of the deployment" + } + }, + "tags": { + "type": "object", + "metadata": { + "description": "Tags to add to the resources" + } + }, + "aksSubnetId": { + "type": "string", + "metadata": { + "description": "Resource ID for the Azure Kubernetes Service subnet" + } + }, + "workspaceName": { + "type": "string", + "metadata": { + "description": "Name of the Azure Machine Learning workspace" + } + }, + "computeName": { + "type": "string", + "metadata": { + "description": "Name of the Azure Machine Learning attached compute" + } + }, + "vmSizeParam": { + "type": "string", + "metadata": { + "description": "Size of the virtual machine" + } + } + }, + "resources": [ + { + "type": "Microsoft.ContainerService/managedClusters", + "apiVersion": "2022-04-01", + "name": "[parameters('aksClusterName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "identity": { + "type": "SystemAssigned" + }, + "properties": { + "kubernetesVersion": "1.27.1", + "dnsPrefix": "[format('{0}-dns', parameters('aksClusterName'))]", + "agentPoolProfiles": [ + { + "name": "[toLower('agentpool')]", + "count": 3, + "vmSize": "[parameters('vmSizeParam')]", + "osDiskSizeGB": 128, + "vnetSubnetID": "[parameters('aksSubnetId')]", + "maxPods": 110, + "osType": "Linux", + "mode": "System", + "type": "VirtualMachineScaleSets" + } + ], + "enableRBAC": true, + "networkProfile": { + "networkPlugin": "kubenet", + "serviceCidr": "10.0.0.0/16", + "dnsServiceIP": "10.0.0.10", + "dockerBridgeCidr": "172.17.0.1/16", + "loadBalancerSku": "standard" + }, + "apiServerAccessProfile": { + "enablePrivateCluster": true + } + } + }, + { + "type": "Microsoft.MachineLearningServices/workspaces/computes", + "apiVersion": "2022-05-01", + "name": "[format('{0}/{1}', parameters('workspaceName'), parameters('computeName'))]", + "location": "[parameters('location')]", + "properties": { + "computeType": "AKS", + "resourceId": "[resourceId('Microsoft.ContainerService/managedClusters', parameters('aksClusterName'))]", + "properties": { + "aksNetworkingConfiguration": { + "subnetId": "[parameters('aksSubnetId')]" + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.ContainerService/managedClusters', parameters('aksClusterName'))]" + ] + } + ], + "outputs": { + "aksResourceId": { + "type": "string", + "value": "[resourceId('Microsoft.ContainerService/managedClusters', parameters('aksClusterName'))]" + } + } + } + } + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.MachineLearningServices/workspaces', parameters('machineLearningName'))]", + "[resourceId('Microsoft.Resources/deployments', 'machineLearningNetworking')]" + ] + } + ], + "outputs": { + "machineLearningId": { + "type": "string", + "value": "[resourceId('Microsoft.MachineLearningServices/workspaces', parameters('machineLearningName'))]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', format('appi-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix')))]", + "[resourceId('Microsoft.Resources/deployments', format('cr{0}{1}-deployment', variables('name'), variables('uniqueSuffix')))]", + "[resourceId('Microsoft.Resources/deployments', format('kv-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix')))]", + "[resourceId('Microsoft.Resources/deployments', format('st{0}{1}-deployment', variables('name'), variables('uniqueSuffix')))]", + "[resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix')))]" + ] + }, + { + "condition": "[parameters('deployJumphost')]", + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[format('vm-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "location": { + "value": "[parameters('location')]" + }, + "virtualMachineName": { + "value": "[format('vm-{0}-{1}', variables('name'), variables('uniqueSuffix'))]" + }, + "subnetId": { + "value": "[format('{0}/subnets/snet-training', reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.id.value)]" + }, + "adminUsername": { + "value": "[parameters('dsvmJumpboxUsername')]" + }, + "adminPassword": { + "value": "[parameters('dsvmJumpboxPassword')]" + }, + "networkSecurityGroupId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('nsg-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.networkSecurityGroup.value]" + }, + "vmSizeParameter": { + "value": "[parameters('amlComputeDefaultVmSize')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.22.6.54827", + "templateHash": "13566914486894350894" + } + }, + "parameters": { + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Azure region of the deployment" + } + }, + "subnetId": { + "type": "string", + "metadata": { + "description": "Resource ID of the subnet" + } + }, + "networkSecurityGroupId": { + "type": "string", + "metadata": { + "description": "Network Security Group Resource ID" + } + }, + "virtualMachineName": { + "type": "string", + "metadata": { + "description": "Virtual machine name" + } + }, + "vmSizeParameter": { + "type": "string", + "metadata": { + "description": "Virtual machine size" + } + }, + "adminUsername": { + "type": "string", + "metadata": { + "description": "Virtual machine admin username" + } + }, + "adminPassword": { + "type": "securestring", + "minLength": 8, + "metadata": { + "description": "Virtual machine admin password" + } + } + }, + "variables": { + "aadLoginExtensionName": "AADLoginForWindows" + }, + "resources": [ + { + "type": "Microsoft.Network/networkInterfaces", + "apiVersion": "2022-07-01", + "name": "[format('{0}-nic', parameters('virtualMachineName'))]", + "location": "[parameters('location')]", + "properties": { + "ipConfigurations": [ + { + "name": "ipconfig1", + "properties": { + "subnet": { + "id": "[parameters('subnetId')]" + }, + "privateIPAllocationMethod": "Dynamic" + } + } + ], + "networkSecurityGroup": { + "id": "[parameters('networkSecurityGroupId')]" + } + } + }, + { + "type": "Microsoft.Compute/virtualMachines", + "apiVersion": "2021-03-01", + "name": "[parameters('virtualMachineName')]", + "location": "[parameters('location')]", + "properties": { + "hardwareProfile": { + "vmSize": "[parameters('vmSizeParameter')]" + }, + "storageProfile": { + "osDisk": { + "createOption": "FromImage", + "managedDisk": { + "storageAccountType": "Premium_LRS" + } + }, + "imageReference": { + "publisher": "microsoft-dsvm", + "offer": "dsvm-win-2019", + "sku": "server-2019", + "version": "latest" + } + }, + "networkProfile": { + "networkInterfaces": [ + { + "id": "[resourceId('Microsoft.Network/networkInterfaces', format('{0}-nic', parameters('virtualMachineName')))]" + } + ] + }, + "osProfile": { + "computerName": "[parameters('virtualMachineName')]", + "adminUsername": "[parameters('adminUsername')]", + "adminPassword": "[parameters('adminPassword')]", + "windowsConfiguration": { + "enableAutomaticUpdates": true, + "provisionVMAgent": true, + "patchSettings": { + "enableHotpatching": false, + "patchMode": "AutomaticByOS" + } + } + }, + "diagnosticsProfile": { + "bootDiagnostics": { + "enabled": true + } + } + }, + "identity": { + "type": "SystemAssigned" + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/networkInterfaces', format('{0}-nic', parameters('virtualMachineName')))]" + ] + }, + { + "type": "Microsoft.Compute/virtualMachines/extensions", + "apiVersion": "2021-11-01", + "name": "[format('{0}/{1}', parameters('virtualMachineName'), variables('aadLoginExtensionName'))]", + "location": "[parameters('location')]", + "properties": { + "publisher": "Microsoft.Azure.ActiveDirectory", + "type": "[variables('aadLoginExtensionName')]", + "typeHandlerVersion": "1.0", + "autoUpgradeMinorVersion": true + }, + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines', parameters('virtualMachineName'))]" + ] + } + ], + "outputs": { + "dsvmId": { + "type": "string", + "value": "[resourceId('Microsoft.Compute/virtualMachines', parameters('virtualMachineName'))]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', format('nsg-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix')))]", + "[resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix')))]" + ] + }, + { + "condition": "[parameters('deployJumphost')]", + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[format('bas-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "bastionHostName": { + "value": "[format('bas-{0}-{1}', variables('name'), variables('uniqueSuffix'))]" + }, + "location": { + "value": "[parameters('location')]" + }, + "vnetName": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.name.value]" + }, + "addressPrefix": { + "value": "[parameters('azureBastionSubnetPrefix')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.22.6.54827", + "templateHash": "16136205915114053165" + } + }, + "parameters": { + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "The Azure region where the Bastion should be deployed" + } + }, + "vnetName": { + "type": "string", + "metadata": { + "description": "Virtual network name" + } + }, + "addressPrefix": { + "type": "string", + "defaultValue": "192.168.250.0/27", + "metadata": { + "description": "The address prefix to use for the Bastion subnet" + } + }, + "publicIpName": { + "type": "string", + "defaultValue": "pip-bastion", + "metadata": { + "description": "The name of the Bastion public IP address" + } + }, + "bastionHostName": { + "type": "string", + "defaultValue": "bastion-jumpbox", + "metadata": { + "description": "The name of the Bastion host" + } + } + }, + "variables": { + "subnetName": "AzureBastionSubnet" + }, + "resources": [ + { + "type": "Microsoft.Network/virtualNetworks/subnets", + "apiVersion": "2022-01-01", + "name": "[format('{0}/{1}', parameters('vnetName'), variables('subnetName'))]", + "properties": { + "addressPrefix": "[parameters('addressPrefix')]", + "privateEndpointNetworkPolicies": "Disabled", + "privateLinkServiceNetworkPolicies": "Disabled" + } + }, + { + "type": "Microsoft.Network/publicIPAddresses", + "apiVersion": "2022-01-01", + "name": "[parameters('publicIpName')]", + "location": "[parameters('location')]", + "sku": { + "name": "Standard" + }, + "properties": { + "publicIPAllocationMethod": "Static" + } + }, + { + "type": "Microsoft.Network/bastionHosts", + "apiVersion": "2022-01-01", + "name": "[parameters('bastionHostName')]", + "location": "[parameters('location')]", + "properties": { + "ipConfigurations": [ + { + "name": "IpConf", + "properties": { + "subnet": { + "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', split(format('{0}/{1}', parameters('vnetName'), variables('subnetName')), '/')[0], split(format('{0}/{1}', parameters('vnetName'), variables('subnetName')), '/')[1])]" + }, + "publicIPAddress": { + "id": "[resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIpName'))]" + } + } + } + ] + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/virtualNetworks/subnets', split(format('{0}/{1}', parameters('vnetName'), variables('subnetName')), '/')[0], split(format('{0}/{1}', parameters('vnetName'), variables('subnetName')), '/')[1])]", + "[resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIpName'))]" + ] + } + ], + "outputs": { + "bastionId": { + "type": "string", + "value": "[resourceId('Microsoft.Network/bastionHosts', parameters('bastionHostName'))]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix')))]" + ] + } + ] +} \ No newline at end of file diff --git a/src/az-aml-byo-vnet/deploy/bicep/main.bicep b/src/az-aml-byo-vnet/deploy/bicep/main.bicep new file mode 100644 index 0000000..667ee83 --- /dev/null +++ b/src/az-aml-byo-vnet/deploy/bicep/main.bicep @@ -0,0 +1,184 @@ +// Execute this main file to configure Azure Machine Learning end-to-end in a moderately secure set up + +// Parameters +@minLength(2) +@maxLength(10) +@description('Prefix for all resource names.') +param prefix string + +@description('Azure region used for the deployment of all resources.') +param location string = resourceGroup().location + +@description('Set of tags to apply to all resources.') +param tags object = {} + +@description('Virtual network address prefix') +param vnetAddressPrefix string = '192.168.8.0/22' + +@description('Training subnet address prefix') +param trainingSubnetPrefix string = '192.168.9.0/24' + +@description('Scoring subnet address prefix') +param scoringSubnetPrefix string = '192.168.10.0/24' + +@description('Bastion subnet address prefix') +param azureBastionSubnetPrefix string = '192.168.11.192/27' + +@description('Deploy a Bastion jumphost to access the network-isolated environment?') +param deployJumphost bool = true + +@description('Jumphost virtual machine username') +param dsvmJumpboxUsername string + +@secure() +@minLength(8) +@description('Jumphost virtual machine password') +param dsvmJumpboxPassword string + +@description('Enable public IP for Azure Machine Learning compute nodes') +param amlComputePublicIp bool = true + +@description('VM size for the default compute cluster') +param amlComputeDefaultVmSize string = 'Standard_DS3_v2' + +// Variables +var name = toLower('${prefix}') + +// Create a short, unique suffix, that will be unique to each resource group +var uniqueSuffix = substring(uniqueString(resourceGroup().id), 0, 4) + +// Virtual network and network security group +module nsg 'modules/nsg.bicep' = { + name: 'nsg-${name}-${uniqueSuffix}-deployment' + params: { + location: location + tags: tags + nsgName: 'nsg-${name}-${uniqueSuffix}' + } +} + +module vnet 'modules/vnet.bicep' = { + name: 'vnet-${name}-${uniqueSuffix}-deployment' + params: { + location: location + virtualNetworkName: 'vnet-${name}-${uniqueSuffix}' + networkSecurityGroupId: nsg.outputs.networkSecurityGroup + vnetAddressPrefix: vnetAddressPrefix + trainingSubnetPrefix: trainingSubnetPrefix + scoringSubnetPrefix: scoringSubnetPrefix + tags: tags + } +} + +// Dependent resources for the Azure Machine Learning workspace +module keyvault 'modules/keyvault.bicep' = { + name: 'kv-${name}-${uniqueSuffix}-deployment' + params: { + location: location + keyvaultName: 'kv-${name}-${uniqueSuffix}' + keyvaultPleName: 'ple-${name}-${uniqueSuffix}-kv' + subnetId: '${vnet.outputs.id}/subnets/snet-training' + virtualNetworkId: vnet.outputs.id + tags: tags + } +} + +module storage 'modules/storage.bicep' = { + name: 'st${name}${uniqueSuffix}-deployment' + params: { + location: location + storageName: 'st${name}${uniqueSuffix}' + storagePleBlobName: 'ple-${name}-${uniqueSuffix}-st-blob' + storagePleFileName: 'ple-${name}-${uniqueSuffix}-st-file' + storageSkuName: 'Standard_LRS' + subnetId: '${vnet.outputs.id}/subnets/snet-training' + virtualNetworkId: vnet.outputs.id + tags: tags + } +} + +module containerRegistry 'modules/containerregistry.bicep' = { + name: 'cr${name}${uniqueSuffix}-deployment' + params: { + location: location + containerRegistryName: 'cr${name}${uniqueSuffix}' + containerRegistryPleName: 'ple-${name}-${uniqueSuffix}-cr' + subnetId: '${vnet.outputs.id}/subnets/snet-training' + virtualNetworkId: vnet.outputs.id + tags: tags + } +} + +module applicationInsights 'modules/applicationinsights.bicep' = { + name: 'appi-${name}-${uniqueSuffix}-deployment' + params: { + location: location + applicationInsightsName: 'appi-${name}-${uniqueSuffix}' + logAnalyticsWorkspaceName: 'ws-${name}-${uniqueSuffix}' + tags: tags + } +} + +module azuremlWorkspace 'modules/machinelearning.bicep' = { + name: 'mlw-${name}-${uniqueSuffix}-deployment' + params: { + // workspace organization + machineLearningName: 'mlw-${name}-${uniqueSuffix}' + machineLearningFriendlyName: 'Private link endpoint sample workspace' + machineLearningDescription: 'This is an example workspace having a private link endpoint.' + location: location + prefix: name + tags: tags + + // dependent resources + applicationInsightsId: applicationInsights.outputs.applicationInsightsId + containerRegistryId: containerRegistry.outputs.containerRegistryId + keyVaultId: keyvault.outputs.keyvaultId + storageAccountId: storage.outputs.storageId + + // networking + subnetId: '${vnet.outputs.id}/subnets/snet-training' + computeSubnetId: '${vnet.outputs.id}/subnets/snet-training' + aksSubnetId: '${vnet.outputs.id}/subnets/snet-scoring' + virtualNetworkId: vnet.outputs.id + machineLearningPleName: 'ple-${name}-${uniqueSuffix}-mlw' + + // compute + amlComputePublicIp: amlComputePublicIp + mlAksName: 'aks-${name}-${uniqueSuffix}' + vmSizeParam: amlComputeDefaultVmSize + } + dependsOn: [ + keyvault + containerRegistry + applicationInsights + storage + ] +} + +// Optional VM and Bastion jumphost to help access the network isolated environment +module dsvm 'modules/dsvmjumpbox.bicep' = if (deployJumphost) { + name: 'vm-${name}-${uniqueSuffix}-deployment' + params: { + location: location + virtualMachineName: 'vm-${name}-${uniqueSuffix}' + subnetId: '${vnet.outputs.id}/subnets/snet-training' + adminUsername: dsvmJumpboxUsername + adminPassword: dsvmJumpboxPassword + networkSecurityGroupId: nsg.outputs.networkSecurityGroup + vmSizeParameter: amlComputeDefaultVmSize + } +} + +// module bastion 'modules/bastion.bicep' = if (deployJumphost) { +// name: 'bas-${name}-${uniqueSuffix}-deployment' +// params: { +// bastionHostName: 'bas-${name}-${uniqueSuffix}' +// location: location +// vnetName: vnet.outputs.name +// addressPrefix: azureBastionSubnetPrefix +// } +// dependsOn: [ +// vnet +// ] +// } diff --git a/src/az-aml-byo-vnet/deploy/bicep/main.json b/src/az-aml-byo-vnet/deploy/bicep/main.json new file mode 100644 index 0000000..df8c683 --- /dev/null +++ b/src/az-aml-byo-vnet/deploy/bicep/main.json @@ -0,0 +1,2329 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.24.24.22086", + "templateHash": "2946500208789668593" + } + }, + "parameters": { + "prefix": { + "type": "string", + "minLength": 2, + "maxLength": 10, + "metadata": { + "description": "Prefix for all resource names." + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Azure region used for the deployment of all resources." + } + }, + "tags": { + "type": "object", + "defaultValue": {}, + "metadata": { + "description": "Set of tags to apply to all resources." + } + }, + "vnetAddressPrefix": { + "type": "string", + "defaultValue": "192.168.8.0/22", + "metadata": { + "description": "Virtual network address prefix" + } + }, + "trainingSubnetPrefix": { + "type": "string", + "defaultValue": "192.168.9.0/24", + "metadata": { + "description": "Training subnet address prefix" + } + }, + "scoringSubnetPrefix": { + "type": "string", + "defaultValue": "192.168.10.0/24", + "metadata": { + "description": "Scoring subnet address prefix" + } + }, + "azureBastionSubnetPrefix": { + "type": "string", + "defaultValue": "192.168.11.192/27", + "metadata": { + "description": "Bastion subnet address prefix" + } + }, + "deployJumphost": { + "type": "bool", + "defaultValue": true, + "metadata": { + "description": "Deploy a Bastion jumphost to access the network-isolated environment?" + } + }, + "dsvmJumpboxUsername": { + "type": "string", + "metadata": { + "description": "Jumphost virtual machine username" + } + }, + "dsvmJumpboxPassword": { + "type": "securestring", + "minLength": 8, + "metadata": { + "description": "Jumphost virtual machine password" + } + }, + "amlComputePublicIp": { + "type": "bool", + "defaultValue": false, + "metadata": { + "description": "Enable public IP for Azure Machine Learning compute nodes" + } + }, + "amlComputeDefaultVmSize": { + "type": "string", + "defaultValue": "Standard_DS3_v2", + "metadata": { + "description": "VM size for the default compute cluster" + } + } + }, + "variables": { + "name": "[toLower(format('{0}', parameters('prefix')))]", + "uniqueSuffix": "[substring(uniqueString(resourceGroup().id), 0, 4)]" + }, + "resources": [ + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[format('nsg-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "location": { + "value": "[parameters('location')]" + }, + "tags": { + "value": "[parameters('tags')]" + }, + "nsgName": { + "value": "[format('nsg-{0}-{1}', variables('name'), variables('uniqueSuffix'))]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.24.24.22086", + "templateHash": "17191482663121081812" + } + }, + "parameters": { + "location": { + "type": "string", + "metadata": { + "description": "Azure region of the deployment" + } + }, + "tags": { + "type": "object", + "metadata": { + "description": "Tags to add to the resources" + } + }, + "nsgName": { + "type": "string", + "metadata": { + "description": "Name of the network security group" + } + } + }, + "resources": [ + { + "type": "Microsoft.Network/networkSecurityGroups", + "apiVersion": "2022-01-01", + "name": "[parameters('nsgName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "properties": { + "securityRules": [ + { + "name": "BatchNodeManagement", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "29876-29877", + "sourceAddressPrefix": "BatchNodeManagement", + "destinationAddressPrefix": "*", + "access": "Allow", + "priority": 120, + "direction": "Inbound" + } + }, + { + "name": "AzureMachineLearning", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "44224", + "sourceAddressPrefix": "AzureMachineLearning", + "destinationAddressPrefix": "*", + "access": "Allow", + "priority": 130, + "direction": "Inbound" + } + }, + { + "name": "AzureActiveDirectory", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "*", + "sourceAddressPrefix": "*", + "destinationAddressPrefix": "AzureActiveDirectory", + "access": "Allow", + "priority": 140, + "direction": "Outbound" + } + }, + { + "name": "AzureMachineLearningOutbound", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "443", + "sourceAddressPrefix": "*", + "destinationAddressPrefix": "AzureMachineLearning", + "access": "Allow", + "priority": 150, + "direction": "Outbound" + } + }, + { + "name": "AzureResourceManager", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "443", + "sourceAddressPrefix": "*", + "destinationAddressPrefix": "AzureResourceManager", + "access": "Allow", + "priority": 160, + "direction": "Outbound" + } + }, + { + "name": "AzureStorageAccount", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "443", + "sourceAddressPrefix": "*", + "destinationAddressPrefix": "[format('Storage.{0}', parameters('location'))]", + "access": "Allow", + "priority": 170, + "direction": "Outbound" + } + }, + { + "name": "AzureFrontDoor", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "443", + "sourceAddressPrefix": "*", + "destinationAddressPrefix": "AzureFrontDoor.FrontEnd", + "access": "Allow", + "priority": 180, + "direction": "Outbound" + } + }, + { + "name": "AzureContainerRegistry", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "443", + "sourceAddressPrefix": "*", + "destinationAddressPrefix": "[format('AzureContainerRegistry.{0}', parameters('location'))]", + "access": "Allow", + "priority": 190, + "direction": "Outbound" + } + }, + { + "name": "MicrosoftContainerRegistry", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "443", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "MicrosoftContainerRegistry", + "access": "Allow", + "priority": 200, + "direction": "Outbound" + } + } + ] + } + } + ], + "outputs": { + "networkSecurityGroup": { + "type": "string", + "value": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('nsgName'))]" + } + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "location": { + "value": "[parameters('location')]" + }, + "virtualNetworkName": { + "value": "[format('vnet-{0}-{1}', variables('name'), variables('uniqueSuffix'))]" + }, + "networkSecurityGroupId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('nsg-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.networkSecurityGroup.value]" + }, + "vnetAddressPrefix": { + "value": "[parameters('vnetAddressPrefix')]" + }, + "trainingSubnetPrefix": { + "value": "[parameters('trainingSubnetPrefix')]" + }, + "scoringSubnetPrefix": { + "value": "[parameters('scoringSubnetPrefix')]" + }, + "tags": { + "value": "[parameters('tags')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.24.24.22086", + "templateHash": "286505905098024720" + } + }, + "parameters": { + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Azure region of the deployment" + } + }, + "tags": { + "type": "object", + "defaultValue": {}, + "metadata": { + "description": "Tags to add to the resources" + } + }, + "virtualNetworkName": { + "type": "string", + "metadata": { + "description": "Name of the virtual network resource" + } + }, + "networkSecurityGroupId": { + "type": "string", + "metadata": { + "description": "Group ID of the network security group" + } + }, + "vnetAddressPrefix": { + "type": "string", + "defaultValue": "192.168.0.0/16", + "metadata": { + "description": "Virtual network address prefix" + } + }, + "trainingSubnetPrefix": { + "type": "string", + "defaultValue": "192.168.0.0/24", + "metadata": { + "description": "Training subnet address prefix" + } + }, + "scoringSubnetPrefix": { + "type": "string", + "defaultValue": "192.168.1.0/24", + "metadata": { + "description": "Scoring subnet address prefix" + } + } + }, + "resources": [ + { + "type": "Microsoft.Network/virtualNetworks", + "apiVersion": "2022-01-01", + "name": "[parameters('virtualNetworkName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "properties": { + "addressSpace": { + "addressPrefixes": [ + "[parameters('vnetAddressPrefix')]" + ] + }, + "subnets": [ + { + "name": "snet-training", + "properties": { + "addressPrefix": "[parameters('trainingSubnetPrefix')]", + "privateEndpointNetworkPolicies": "Disabled", + "privateLinkServiceNetworkPolicies": "Disabled", + "networkSecurityGroup": { + "id": "[parameters('networkSecurityGroupId')]" + } + } + }, + { + "name": "snet-scoring", + "properties": { + "addressPrefix": "[parameters('scoringSubnetPrefix')]", + "privateEndpointNetworkPolicies": "Disabled", + "privateLinkServiceNetworkPolicies": "Disabled", + "serviceEndpoints": [ + { + "service": "Microsoft.KeyVault" + }, + { + "service": "Microsoft.ContainerRegistry" + }, + { + "service": "Microsoft.Storage" + } + ], + "networkSecurityGroup": { + "id": "[parameters('networkSecurityGroupId')]" + } + } + } + ] + } + } + ], + "outputs": { + "id": { + "type": "string", + "value": "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworkName'))]" + }, + "name": { + "type": "string", + "value": "[parameters('virtualNetworkName')]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', format('nsg-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix')))]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[format('kv-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "location": { + "value": "[parameters('location')]" + }, + "keyvaultName": { + "value": "[format('kv-{0}-{1}', variables('name'), variables('uniqueSuffix'))]" + }, + "keyvaultPleName": { + "value": "[format('ple-{0}-{1}-kv', variables('name'), variables('uniqueSuffix'))]" + }, + "subnetId": { + "value": "[format('{0}/subnets/snet-training', reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.id.value)]" + }, + "virtualNetworkId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.id.value]" + }, + "tags": { + "value": "[parameters('tags')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.24.24.22086", + "templateHash": "2669677357019411626" + } + }, + "parameters": { + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "The Azure Region to deploy the resources into" + } + }, + "tags": { + "type": "object", + "defaultValue": {}, + "metadata": { + "description": "Tags to apply to the Key Vault Instance" + } + }, + "keyvaultName": { + "type": "string", + "metadata": { + "description": "The name of the Key Vault" + } + }, + "keyvaultPleName": { + "type": "string", + "metadata": { + "description": "The name of the Key Vault private link endpoint" + } + }, + "subnetId": { + "type": "string", + "metadata": { + "description": "The Subnet ID where the Key Vault Private Link is to be created" + } + }, + "virtualNetworkId": { + "type": "string", + "metadata": { + "description": "The VNet ID where the Key Vault Private Link is to be created" + } + } + }, + "variables": { + "privateDnsZoneName": "[format('privatelink{0}', environment().suffixes.keyvaultDns)]" + }, + "resources": [ + { + "type": "Microsoft.KeyVault/vaults", + "apiVersion": "2021-10-01", + "name": "[parameters('keyvaultName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "properties": { + "createMode": "default", + "enabledForDeployment": false, + "enabledForDiskEncryption": false, + "enabledForTemplateDeployment": false, + "enableSoftDelete": true, + "enableRbacAuthorization": true, + "enablePurgeProtection": true, + "networkAcls": { + "bypass": "AzureServices", + "defaultAction": "Deny" + }, + "sku": { + "family": "A", + "name": "standard" + }, + "softDeleteRetentionInDays": 7, + "tenantId": "[subscription().tenantId]" + } + }, + { + "type": "Microsoft.Network/privateEndpoints", + "apiVersion": "2022-01-01", + "name": "[parameters('keyvaultPleName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "properties": { + "privateLinkServiceConnections": [ + { + "name": "[parameters('keyvaultPleName')]", + "properties": { + "groupIds": [ + "vault" + ], + "privateLinkServiceId": "[resourceId('Microsoft.KeyVault/vaults', parameters('keyvaultName'))]" + } + } + ], + "subnet": { + "id": "[parameters('subnetId')]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.KeyVault/vaults', parameters('keyvaultName'))]" + ] + }, + { + "type": "Microsoft.Network/privateDnsZones", + "apiVersion": "2020-06-01", + "name": "[variables('privateDnsZoneName')]", + "location": "global" + }, + { + "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", + "apiVersion": "2022-01-01", + "name": "[format('{0}/vault-PrivateDnsZoneGroup', parameters('keyvaultPleName'))]", + "properties": { + "privateDnsZoneConfigs": [ + { + "name": "[variables('privateDnsZoneName')]", + "properties": { + "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZoneName'))]" + } + } + ] + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZoneName'))]", + "[resourceId('Microsoft.Network/privateEndpoints', parameters('keyvaultPleName'))]" + ] + }, + { + "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks", + "apiVersion": "2020-06-01", + "name": "[format('{0}/{1}', variables('privateDnsZoneName'), uniqueString(resourceId('Microsoft.KeyVault/vaults', parameters('keyvaultName'))))]", + "location": "global", + "properties": { + "registrationEnabled": false, + "virtualNetwork": { + "id": "[parameters('virtualNetworkId')]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.KeyVault/vaults', parameters('keyvaultName'))]", + "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZoneName'))]" + ] + } + ], + "outputs": { + "keyvaultId": { + "type": "string", + "value": "[resourceId('Microsoft.KeyVault/vaults', parameters('keyvaultName'))]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix')))]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[format('st{0}{1}-deployment', variables('name'), variables('uniqueSuffix'))]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "location": { + "value": "[parameters('location')]" + }, + "storageName": { + "value": "[format('st{0}{1}', variables('name'), variables('uniqueSuffix'))]" + }, + "storagePleBlobName": { + "value": "[format('ple-{0}-{1}-st-blob', variables('name'), variables('uniqueSuffix'))]" + }, + "storagePleFileName": { + "value": "[format('ple-{0}-{1}-st-file', variables('name'), variables('uniqueSuffix'))]" + }, + "storageSkuName": { + "value": "Standard_LRS" + }, + "subnetId": { + "value": "[format('{0}/subnets/snet-training', reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.id.value)]" + }, + "virtualNetworkId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.id.value]" + }, + "tags": { + "value": "[parameters('tags')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.24.24.22086", + "templateHash": "12705842885664256839" + } + }, + "parameters": { + "location": { + "type": "string", + "metadata": { + "description": "Azure region of the deployment" + } + }, + "tags": { + "type": "object", + "metadata": { + "description": "Tags to add to the resources" + } + }, + "storageName": { + "type": "string", + "metadata": { + "description": "Name of the storage account" + } + }, + "storagePleBlobName": { + "type": "string", + "metadata": { + "description": "Name of the storage blob private link endpoint" + } + }, + "storagePleFileName": { + "type": "string", + "metadata": { + "description": "Name of the storage file private link endpoint" + } + }, + "subnetId": { + "type": "string", + "metadata": { + "description": "Resource ID of the subnet" + } + }, + "virtualNetworkId": { + "type": "string", + "metadata": { + "description": "Resource ID of the virtual network" + } + }, + "storageSkuName": { + "type": "string", + "defaultValue": "Standard_LRS", + "allowedValues": [ + "Standard_LRS", + "Standard_ZRS", + "Standard_GRS", + "Standard_GZRS", + "Standard_RAGRS", + "Standard_RAGZRS", + "Premium_LRS", + "Premium_ZRS" + ], + "metadata": { + "description": "Storage SKU" + } + } + }, + "variables": { + "storageNameCleaned": "[replace(parameters('storageName'), '-', '')]", + "blobPrivateDnsZoneName": "[format('privatelink.blob.{0}', environment().suffixes.storage)]", + "filePrivateDnsZoneName": "[format('privatelink.file.{0}', environment().suffixes.storage)]" + }, + "resources": [ + { + "type": "Microsoft.Storage/storageAccounts", + "apiVersion": "2021-09-01", + "name": "[variables('storageNameCleaned')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "sku": { + "name": "[parameters('storageSkuName')]" + }, + "kind": "StorageV2", + "properties": { + "accessTier": "Hot", + "allowBlobPublicAccess": false, + "allowCrossTenantReplication": false, + "allowSharedKeyAccess": true, + "encryption": { + "keySource": "Microsoft.Storage", + "requireInfrastructureEncryption": false, + "services": { + "blob": { + "enabled": true, + "keyType": "Account" + }, + "file": { + "enabled": true, + "keyType": "Account" + }, + "queue": { + "enabled": true, + "keyType": "Service" + }, + "table": { + "enabled": true, + "keyType": "Service" + } + } + }, + "isHnsEnabled": false, + "isNfsV3Enabled": false, + "keyPolicy": { + "keyExpirationPeriodInDays": 7 + }, + "largeFileSharesState": "Disabled", + "minimumTlsVersion": "TLS1_2", + "networkAcls": { + "bypass": "AzureServices", + "defaultAction": "Deny" + }, + "supportsHttpsTrafficOnly": true + } + }, + { + "type": "Microsoft.Network/privateEndpoints", + "apiVersion": "2022-01-01", + "name": "[parameters('storagePleBlobName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "properties": { + "privateLinkServiceConnections": [ + { + "name": "[parameters('storagePleBlobName')]", + "properties": { + "groupIds": [ + "blob" + ], + "privateLinkServiceId": "[resourceId('Microsoft.Storage/storageAccounts', variables('storageNameCleaned'))]", + "privateLinkServiceConnectionState": { + "status": "Approved", + "description": "Auto-Approved", + "actionsRequired": "None" + } + } + } + ], + "subnet": { + "id": "[parameters('subnetId')]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Storage/storageAccounts', variables('storageNameCleaned'))]" + ] + }, + { + "type": "Microsoft.Network/privateEndpoints", + "apiVersion": "2022-01-01", + "name": "[parameters('storagePleFileName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "properties": { + "privateLinkServiceConnections": [ + { + "name": "[parameters('storagePleFileName')]", + "properties": { + "groupIds": [ + "file" + ], + "privateLinkServiceId": "[resourceId('Microsoft.Storage/storageAccounts', variables('storageNameCleaned'))]", + "privateLinkServiceConnectionState": { + "status": "Approved", + "description": "Auto-Approved", + "actionsRequired": "None" + } + } + } + ], + "subnet": { + "id": "[parameters('subnetId')]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Storage/storageAccounts', variables('storageNameCleaned'))]" + ] + }, + { + "type": "Microsoft.Network/privateDnsZones", + "apiVersion": "2020-06-01", + "name": "[variables('blobPrivateDnsZoneName')]", + "location": "global" + }, + { + "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", + "apiVersion": "2022-01-01", + "name": "[format('{0}/blob-PrivateDnsZoneGroup', parameters('storagePleBlobName'))]", + "properties": { + "privateDnsZoneConfigs": [ + { + "name": "[variables('blobPrivateDnsZoneName')]", + "properties": { + "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('blobPrivateDnsZoneName'))]" + } + } + ] + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', variables('blobPrivateDnsZoneName'))]", + "[resourceId('Microsoft.Network/privateEndpoints', parameters('storagePleBlobName'))]" + ] + }, + { + "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks", + "apiVersion": "2020-06-01", + "name": "[format('{0}/{1}', variables('blobPrivateDnsZoneName'), uniqueString(resourceId('Microsoft.Storage/storageAccounts', variables('storageNameCleaned'))))]", + "location": "global", + "properties": { + "registrationEnabled": false, + "virtualNetwork": { + "id": "[parameters('virtualNetworkId')]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', variables('blobPrivateDnsZoneName'))]", + "[resourceId('Microsoft.Storage/storageAccounts', variables('storageNameCleaned'))]" + ] + }, + { + "type": "Microsoft.Network/privateDnsZones", + "apiVersion": "2020-06-01", + "name": "[variables('filePrivateDnsZoneName')]", + "location": "global" + }, + { + "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", + "apiVersion": "2022-01-01", + "name": "[format('{0}/flie-PrivateDnsZoneGroup', parameters('storagePleFileName'))]", + "properties": { + "privateDnsZoneConfigs": [ + { + "name": "[variables('filePrivateDnsZoneName')]", + "properties": { + "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('filePrivateDnsZoneName'))]" + } + } + ] + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', variables('filePrivateDnsZoneName'))]", + "[resourceId('Microsoft.Network/privateEndpoints', parameters('storagePleFileName'))]" + ] + }, + { + "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks", + "apiVersion": "2020-06-01", + "name": "[format('{0}/{1}', variables('filePrivateDnsZoneName'), uniqueString(resourceId('Microsoft.Storage/storageAccounts', variables('storageNameCleaned'))))]", + "location": "global", + "properties": { + "registrationEnabled": false, + "virtualNetwork": { + "id": "[parameters('virtualNetworkId')]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', variables('filePrivateDnsZoneName'))]", + "[resourceId('Microsoft.Storage/storageAccounts', variables('storageNameCleaned'))]" + ] + } + ], + "outputs": { + "storageId": { + "type": "string", + "value": "[resourceId('Microsoft.Storage/storageAccounts', variables('storageNameCleaned'))]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix')))]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[format('cr{0}{1}-deployment', variables('name'), variables('uniqueSuffix'))]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "location": { + "value": "[parameters('location')]" + }, + "containerRegistryName": { + "value": "[format('cr{0}{1}', variables('name'), variables('uniqueSuffix'))]" + }, + "containerRegistryPleName": { + "value": "[format('ple-{0}-{1}-cr', variables('name'), variables('uniqueSuffix'))]" + }, + "subnetId": { + "value": "[format('{0}/subnets/snet-training', reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.id.value)]" + }, + "virtualNetworkId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.id.value]" + }, + "tags": { + "value": "[parameters('tags')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.24.24.22086", + "templateHash": "576166942885878055" + } + }, + "parameters": { + "location": { + "type": "string", + "metadata": { + "description": "Azure region of the deployment" + } + }, + "tags": { + "type": "object", + "metadata": { + "description": "Tags to add to the resources" + } + }, + "containerRegistryName": { + "type": "string", + "metadata": { + "description": "Container registry name" + } + }, + "containerRegistryPleName": { + "type": "string", + "metadata": { + "description": "Container registry private link endpoint name" + } + }, + "subnetId": { + "type": "string", + "metadata": { + "description": "Resource ID of the subnet" + } + }, + "virtualNetworkId": { + "type": "string", + "metadata": { + "description": "Resource ID of the virtual network" + } + } + }, + "variables": { + "containerRegistryNameCleaned": "[replace(parameters('containerRegistryName'), '-', '')]", + "privateDnsZoneName": "[format('privatelink{0}', environment().suffixes.acrLoginServer)]", + "groupName": "registry" + }, + "resources": [ + { + "type": "Microsoft.ContainerRegistry/registries", + "apiVersion": "2021-09-01", + "name": "[variables('containerRegistryNameCleaned')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "sku": { + "name": "Premium" + }, + "properties": { + "adminUserEnabled": true, + "dataEndpointEnabled": false, + "networkRuleBypassOptions": "AzureServices", + "networkRuleSet": { + "defaultAction": "Deny" + }, + "policies": { + "quarantinePolicy": { + "status": "disabled" + }, + "retentionPolicy": { + "status": "enabled", + "days": 7 + }, + "trustPolicy": { + "status": "disabled", + "type": "Notary" + } + }, + "publicNetworkAccess": "Disabled", + "zoneRedundancy": "Disabled" + } + }, + { + "type": "Microsoft.Network/privateEndpoints", + "apiVersion": "2022-01-01", + "name": "[parameters('containerRegistryPleName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "properties": { + "privateLinkServiceConnections": [ + { + "name": "[parameters('containerRegistryPleName')]", + "properties": { + "groupIds": [ + "[variables('groupName')]" + ], + "privateLinkServiceId": "[resourceId('Microsoft.ContainerRegistry/registries', variables('containerRegistryNameCleaned'))]" + } + } + ], + "subnet": { + "id": "[parameters('subnetId')]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.ContainerRegistry/registries', variables('containerRegistryNameCleaned'))]" + ] + }, + { + "type": "Microsoft.Network/privateDnsZones", + "apiVersion": "2020-06-01", + "name": "[variables('privateDnsZoneName')]", + "location": "global" + }, + { + "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", + "apiVersion": "2022-01-01", + "name": "[format('{0}/{1}-PrivateDnsZoneGroup', parameters('containerRegistryPleName'), variables('groupName'))]", + "properties": { + "privateDnsZoneConfigs": [ + { + "name": "[variables('privateDnsZoneName')]", + "properties": { + "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZoneName'))]" + } + } + ] + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZoneName'))]", + "[resourceId('Microsoft.Network/privateEndpoints', parameters('containerRegistryPleName'))]" + ] + }, + { + "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks", + "apiVersion": "2020-06-01", + "name": "[format('{0}/{1}', variables('privateDnsZoneName'), uniqueString(resourceId('Microsoft.ContainerRegistry/registries', variables('containerRegistryNameCleaned'))))]", + "location": "global", + "properties": { + "registrationEnabled": false, + "virtualNetwork": { + "id": "[parameters('virtualNetworkId')]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZoneName'))]", + "[resourceId('Microsoft.ContainerRegistry/registries', variables('containerRegistryNameCleaned'))]" + ] + } + ], + "outputs": { + "containerRegistryId": { + "type": "string", + "value": "[resourceId('Microsoft.ContainerRegistry/registries', variables('containerRegistryNameCleaned'))]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix')))]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[format('appi-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "location": { + "value": "[parameters('location')]" + }, + "applicationInsightsName": { + "value": "[format('appi-{0}-{1}', variables('name'), variables('uniqueSuffix'))]" + }, + "logAnalyticsWorkspaceName": { + "value": "[format('ws-{0}-{1}', variables('name'), variables('uniqueSuffix'))]" + }, + "tags": { + "value": "[parameters('tags')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.24.24.22086", + "templateHash": "84687119066836453" + } + }, + "parameters": { + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Azure region of the deployment" + } + }, + "tags": { + "type": "object", + "defaultValue": {}, + "metadata": { + "description": "Tags to add to the resources" + } + }, + "applicationInsightsName": { + "type": "string", + "metadata": { + "description": "Application Insights resource name" + } + }, + "logAnalyticsWorkspaceName": { + "type": "string", + "metadata": { + "description": "Log Analytics resource name" + } + } + }, + "resources": [ + { + "type": "Microsoft.OperationalInsights/workspaces", + "apiVersion": "2021-06-01", + "name": "[parameters('logAnalyticsWorkspaceName')]", + "location": "[parameters('location')]", + "properties": { + "sku": { + "name": "PerGB2018" + }, + "retentionInDays": 30, + "publicNetworkAccessForIngestion": "Enabled", + "publicNetworkAccessForQuery": "Disabled" + } + }, + { + "type": "Microsoft.Insights/components", + "apiVersion": "2020-02-02", + "name": "[parameters('applicationInsightsName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "kind": "web", + "properties": { + "Application_Type": "web", + "WorkspaceResourceId": "[resourceId('Microsoft.OperationalInsights/workspaces', parameters('logAnalyticsWorkspaceName'))]", + "Flow_Type": "Bluefield" + }, + "dependsOn": [ + "[resourceId('Microsoft.OperationalInsights/workspaces', parameters('logAnalyticsWorkspaceName'))]" + ] + } + ], + "outputs": { + "applicationInsightsId": { + "type": "string", + "value": "[resourceId('Microsoft.Insights/components', parameters('applicationInsightsName'))]" + } + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[format('mlw-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "machineLearningName": { + "value": "[format('mlw-{0}-{1}', variables('name'), variables('uniqueSuffix'))]" + }, + "machineLearningFriendlyName": { + "value": "Private link endpoint sample workspace" + }, + "machineLearningDescription": { + "value": "This is an example workspace having a private link endpoint." + }, + "location": { + "value": "[parameters('location')]" + }, + "prefix": { + "value": "[variables('name')]" + }, + "tags": { + "value": "[parameters('tags')]" + }, + "applicationInsightsId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('appi-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.applicationInsightsId.value]" + }, + "containerRegistryId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('cr{0}{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.containerRegistryId.value]" + }, + "keyVaultId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('kv-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.keyvaultId.value]" + }, + "storageAccountId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('st{0}{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.storageId.value]" + }, + "subnetId": { + "value": "[format('{0}/subnets/snet-training', reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.id.value)]" + }, + "computeSubnetId": { + "value": "[format('{0}/subnets/snet-training', reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.id.value)]" + }, + "aksSubnetId": { + "value": "[format('{0}/subnets/snet-scoring', reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.id.value)]" + }, + "virtualNetworkId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.id.value]" + }, + "machineLearningPleName": { + "value": "[format('ple-{0}-{1}-mlw', variables('name'), variables('uniqueSuffix'))]" + }, + "amlComputePublicIp": { + "value": "[parameters('amlComputePublicIp')]" + }, + "mlAksName": { + "value": "[format('aks-{0}-{1}', variables('name'), variables('uniqueSuffix'))]" + }, + "vmSizeParam": { + "value": "[parameters('amlComputeDefaultVmSize')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.24.24.22086", + "templateHash": "4739791353905175610" + } + }, + "parameters": { + "prefix": { + "type": "string", + "metadata": { + "description": "Prefix for resource names" + } + }, + "location": { + "type": "string", + "metadata": { + "description": "Azure region of the deployment" + } + }, + "tags": { + "type": "object", + "metadata": { + "description": "Tags to add to the resources" + } + }, + "machineLearningName": { + "type": "string", + "metadata": { + "description": "Machine learning workspace name" + } + }, + "machineLearningFriendlyName": { + "type": "string", + "defaultValue": "[parameters('machineLearningName')]", + "metadata": { + "description": "Machine learning workspace display name" + } + }, + "machineLearningDescription": { + "type": "string", + "metadata": { + "description": "Machine learning workspace description" + } + }, + "mlAksName": { + "type": "string", + "metadata": { + "description": "Name of the Azure Kubernetes services resource to create and attached to the machine learning workspace" + } + }, + "applicationInsightsId": { + "type": "string", + "metadata": { + "description": "Resource ID of the application insights resource" + } + }, + "containerRegistryId": { + "type": "string", + "metadata": { + "description": "Resource ID of the container registry resource" + } + }, + "keyVaultId": { + "type": "string", + "metadata": { + "description": "Resource ID of the key vault resource" + } + }, + "storageAccountId": { + "type": "string", + "metadata": { + "description": "Resource ID of the storage account resource" + } + }, + "subnetId": { + "type": "string", + "metadata": { + "description": "Resource ID of the subnet resource" + } + }, + "computeSubnetId": { + "type": "string", + "metadata": { + "description": "Resource ID of the compute subnet" + } + }, + "aksSubnetId": { + "type": "string", + "metadata": { + "description": "Resource ID of the Azure Kubernetes services resource" + } + }, + "virtualNetworkId": { + "type": "string", + "metadata": { + "description": "Resource ID of the virtual network" + } + }, + "machineLearningPleName": { + "type": "string", + "metadata": { + "description": "Machine learning workspace private link endpoint name" + } + }, + "amlComputePublicIp": { + "type": "bool", + "defaultValue": true, + "metadata": { + "description": "Enable public IP for Azure Machine Learning compute nodes" + } + }, + "vmSizeParam": { + "type": "string", + "metadata": { + "description": "VM size for the default compute cluster" + } + } + }, + "resources": [ + { + "type": "Microsoft.MachineLearningServices/workspaces", + "apiVersion": "2022-05-01", + "name": "[parameters('machineLearningName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "identity": { + "type": "SystemAssigned" + }, + "properties": { + "friendlyName": "[parameters('machineLearningFriendlyName')]", + "description": "[parameters('machineLearningDescription')]", + "applicationInsights": "[parameters('applicationInsightsId')]", + "containerRegistry": "[parameters('containerRegistryId')]", + "keyVault": "[parameters('keyVaultId')]", + "storageAccount": "[parameters('storageAccountId')]", + "imageBuildCompute": "cluster001", + "publicNetworkAccess": "Disabled" + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "machineLearningNetworking", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "location": { + "value": "[parameters('location')]" + }, + "tags": { + "value": "[parameters('tags')]" + }, + "virtualNetworkId": { + "value": "[parameters('virtualNetworkId')]" + }, + "workspaceArmId": { + "value": "[resourceId('Microsoft.MachineLearningServices/workspaces', parameters('machineLearningName'))]" + }, + "subnetId": { + "value": "[parameters('subnetId')]" + }, + "machineLearningPleName": { + "value": "[parameters('machineLearningPleName')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.24.24.22086", + "templateHash": "7894620976253505187" + } + }, + "parameters": { + "location": { + "type": "string", + "metadata": { + "description": "Azure region of the deployment" + } + }, + "machineLearningPleName": { + "type": "string", + "metadata": { + "description": "Machine learning workspace private link endpoint name" + } + }, + "virtualNetworkId": { + "type": "string", + "metadata": { + "description": "Resource ID of the virtual network resource" + } + }, + "subnetId": { + "type": "string", + "metadata": { + "description": "Resource ID of the subnet resource" + } + }, + "workspaceArmId": { + "type": "string", + "metadata": { + "description": "Resource ID of the machine learning workspace" + } + }, + "tags": { + "type": "object", + "metadata": { + "description": "Tags to add to the resources" + } + } + }, + "variables": { + "privateDnsZoneName": { + "azureusgovernment": "privatelink.api.ml.azure.us", + "azurechinacloud": "privatelink.api.ml.azure.cn", + "azurecloud": "privatelink.api.azureml.ms" + }, + "privateAznbDnsZoneName": { + "azureusgovernment": "privatelink.notebooks.usgovcloudapi.net", + "azurechinacloud": "privatelink.notebooks.chinacloudapi.cn", + "azurecloud": "privatelink.notebooks.azure.net" + } + }, + "resources": [ + { + "type": "Microsoft.Network/privateEndpoints", + "apiVersion": "2022-01-01", + "name": "[parameters('machineLearningPleName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "properties": { + "privateLinkServiceConnections": [ + { + "name": "[parameters('machineLearningPleName')]", + "properties": { + "groupIds": [ + "amlworkspace" + ], + "privateLinkServiceId": "[parameters('workspaceArmId')]" + } + } + ], + "subnet": { + "id": "[parameters('subnetId')]" + } + } + }, + { + "type": "Microsoft.Network/privateDnsZones", + "apiVersion": "2020-06-01", + "name": "[variables('privateDnsZoneName')[toLower(environment().name)]]", + "location": "global" + }, + { + "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks", + "apiVersion": "2020-06-01", + "name": "[format('{0}/{1}', variables('privateDnsZoneName')[toLower(environment().name)], uniqueString(parameters('workspaceArmId')))]", + "location": "global", + "properties": { + "registrationEnabled": false, + "virtualNetwork": { + "id": "[parameters('virtualNetworkId')]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZoneName')[toLower(environment().name)])]" + ] + }, + { + "type": "Microsoft.Network/privateDnsZones", + "apiVersion": "2020-06-01", + "name": "[variables('privateAznbDnsZoneName')[toLower(environment().name)]]", + "location": "global" + }, + { + "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks", + "apiVersion": "2020-06-01", + "name": "[format('{0}/{1}', variables('privateAznbDnsZoneName')[toLower(environment().name)], uniqueString(parameters('workspaceArmId')))]", + "location": "global", + "properties": { + "registrationEnabled": false, + "virtualNetwork": { + "id": "[parameters('virtualNetworkId')]" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', variables('privateAznbDnsZoneName')[toLower(environment().name)])]" + ] + }, + { + "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", + "apiVersion": "2022-01-01", + "name": "[format('{0}/amlworkspace-PrivateDnsZoneGroup', parameters('machineLearningPleName'))]", + "properties": { + "privateDnsZoneConfigs": [ + { + "name": "[variables('privateDnsZoneName')[environment().name]]", + "properties": { + "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZoneName')[toLower(environment().name)])]" + } + }, + { + "name": "[variables('privateAznbDnsZoneName')[environment().name]]", + "properties": { + "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('privateAznbDnsZoneName')[toLower(environment().name)])]" + } + } + ] + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZoneName')[toLower(environment().name)])]", + "[resourceId('Microsoft.Network/privateEndpoints', parameters('machineLearningPleName'))]", + "[resourceId('Microsoft.Network/privateDnsZones', variables('privateAznbDnsZoneName')[toLower(environment().name)])]" + ] + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.MachineLearningServices/workspaces', parameters('machineLearningName'))]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "machineLearningComputes", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "machineLearning": { + "value": "[parameters('machineLearningName')]" + }, + "location": { + "value": "[parameters('location')]" + }, + "computeSubnetId": { + "value": "[parameters('computeSubnetId')]" + }, + "aksName": { + "value": "[parameters('mlAksName')]" + }, + "aksSubnetId": { + "value": "[parameters('aksSubnetId')]" + }, + "prefix": { + "value": "[parameters('prefix')]" + }, + "tags": { + "value": "[parameters('tags')]" + }, + "amlComputePublicIp": { + "value": "[parameters('amlComputePublicIp')]" + }, + "vmSizeParam": { + "value": "[parameters('vmSizeParam')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.24.24.22086", + "templateHash": "1694319613281513447" + } + }, + "parameters": { + "prefix": { + "type": "string", + "metadata": { + "description": "Prefix for resource names" + } + }, + "machineLearning": { + "type": "string", + "metadata": { + "description": "Azure Machine Learning workspace to create the compute resources in" + } + }, + "location": { + "type": "string", + "metadata": { + "description": "Azure region of the deployment" + } + }, + "tags": { + "type": "object", + "metadata": { + "description": "Tags to add to the resources" + } + }, + "computeSubnetId": { + "type": "string", + "metadata": { + "description": "Resource ID of the compute subnet" + } + }, + "aksName": { + "type": "string", + "metadata": { + "description": "Name of the Azure Kubernetes services resource" + } + }, + "aksSubnetId": { + "type": "string", + "metadata": { + "description": "Resource ID of the Azure Kubernetes services resource" + } + }, + "amlComputePublicIp": { + "type": "bool", + "metadata": { + "description": "Resource ID of the Azure Kubernetes services resource" + } + }, + "vmSizeParam": { + "type": "string", + "metadata": { + "description": "VM size for the default compute cluster" + } + } + }, + "resources": [ + { + "type": "Microsoft.MachineLearningServices/workspaces/computes", + "apiVersion": "2022-05-01", + "name": "[format('{0}/cluster001', parameters('machineLearning'))]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "identity": { + "type": "SystemAssigned" + }, + "properties": { + "computeType": "AmlCompute", + "computeLocation": "[parameters('location')]", + "description": "Machine Learning cluster 001", + "disableLocalAuth": true, + "properties": { + "vmPriority": "Dedicated", + "vmSize": "[parameters('vmSizeParam')]", + "enableNodePublicIp": "[parameters('amlComputePublicIp')]", + "isolatedNetwork": false, + "osType": "Linux", + "remoteLoginPortPublicAccess": "Disabled", + "scaleSettings": { + "minNodeCount": 0, + "maxNodeCount": 5, + "nodeIdleTimeBeforeScaleDown": "PT120S" + }, + "subnet": { + "id": "[parameters('computeSubnetId')]" + } + } + } + }, + { + "type": "Microsoft.MachineLearningServices/workspaces/computes", + "apiVersion": "2022-05-01", + "name": "[format('{0}/{1}-ci001', parameters('machineLearning'), parameters('prefix'))]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "identity": { + "type": "SystemAssigned" + }, + "properties": { + "computeType": "ComputeInstance", + "computeLocation": "[parameters('location')]", + "description": "Machine Learning compute instance 001", + "disableLocalAuth": true, + "properties": { + "applicationSharingPolicy": "Personal", + "computeInstanceAuthorizationType": "personal", + "sshSettings": { + "sshPublicAccess": "Disabled" + }, + "subnet": { + "id": "[parameters('computeSubnetId')]" + }, + "vmSize": "[parameters('vmSizeParam')]" + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[parameters('aksName')]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "location": { + "value": "[parameters('location')]" + }, + "tags": { + "value": "[parameters('tags')]" + }, + "aksClusterName": { + "value": "[parameters('aksName')]" + }, + "computeName": { + "value": "[parameters('aksName')]" + }, + "aksSubnetId": { + "value": "[parameters('aksSubnetId')]" + }, + "workspaceName": { + "value": "[parameters('machineLearning')]" + }, + "vmSizeParam": { + "value": "[parameters('vmSizeParam')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.24.24.22086", + "templateHash": "1510257593204469368" + } + }, + "parameters": { + "aksClusterName": { + "type": "string", + "metadata": { + "description": "Name of the Azure Kubernetes Service cluster" + } + }, + "location": { + "type": "string", + "metadata": { + "description": "Azure region of the deployment" + } + }, + "tags": { + "type": "object", + "metadata": { + "description": "Tags to add to the resources" + } + }, + "aksSubnetId": { + "type": "string", + "metadata": { + "description": "Resource ID for the Azure Kubernetes Service subnet" + } + }, + "workspaceName": { + "type": "string", + "metadata": { + "description": "Name of the Azure Machine Learning workspace" + } + }, + "computeName": { + "type": "string", + "metadata": { + "description": "Name of the Azure Machine Learning attached compute" + } + }, + "vmSizeParam": { + "type": "string", + "metadata": { + "description": "Size of the virtual machine" + } + } + }, + "resources": [ + { + "type": "Microsoft.ContainerService/managedClusters", + "apiVersion": "2022-04-01", + "name": "[parameters('aksClusterName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "identity": { + "type": "SystemAssigned" + }, + "properties": { + "kubernetesVersion": "1.28.3", + "dnsPrefix": "[format('{0}-dns', parameters('aksClusterName'))]", + "agentPoolProfiles": [ + { + "name": "[toLower('agentpool')]", + "count": 3, + "vmSize": "[parameters('vmSizeParam')]", + "osDiskSizeGB": 128, + "vnetSubnetID": "[parameters('aksSubnetId')]", + "maxPods": 110, + "osType": "Linux", + "mode": "System", + "type": "VirtualMachineScaleSets" + } + ], + "enableRBAC": true, + "networkProfile": { + "networkPlugin": "kubenet", + "serviceCidr": "10.0.0.0/16", + "dnsServiceIP": "10.0.0.10", + "dockerBridgeCidr": "172.17.0.1/16", + "loadBalancerSku": "standard" + }, + "apiServerAccessProfile": { + "enablePrivateCluster": true + } + } + }, + { + "type": "Microsoft.MachineLearningServices/workspaces/computes", + "apiVersion": "2022-05-01", + "name": "[format('{0}/{1}', parameters('workspaceName'), parameters('computeName'))]", + "location": "[parameters('location')]", + "properties": { + "computeType": "AKS", + "resourceId": "[resourceId('Microsoft.ContainerService/managedClusters', parameters('aksClusterName'))]", + "properties": { + "aksNetworkingConfiguration": { + "subnetId": "[parameters('aksSubnetId')]" + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.ContainerService/managedClusters', parameters('aksClusterName'))]" + ] + } + ], + "outputs": { + "aksResourceId": { + "type": "string", + "value": "[resourceId('Microsoft.ContainerService/managedClusters', parameters('aksClusterName'))]" + } + } + } + } + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.MachineLearningServices/workspaces', parameters('machineLearningName'))]", + "[resourceId('Microsoft.Resources/deployments', 'machineLearningNetworking')]" + ] + } + ], + "outputs": { + "machineLearningId": { + "type": "string", + "value": "[resourceId('Microsoft.MachineLearningServices/workspaces', parameters('machineLearningName'))]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', format('appi-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix')))]", + "[resourceId('Microsoft.Resources/deployments', format('cr{0}{1}-deployment', variables('name'), variables('uniqueSuffix')))]", + "[resourceId('Microsoft.Resources/deployments', format('kv-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix')))]", + "[resourceId('Microsoft.Resources/deployments', format('st{0}{1}-deployment', variables('name'), variables('uniqueSuffix')))]", + "[resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix')))]" + ] + }, + { + "condition": "[parameters('deployJumphost')]", + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[format('vm-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "location": { + "value": "[parameters('location')]" + }, + "virtualMachineName": { + "value": "[format('vm-{0}-{1}', variables('name'), variables('uniqueSuffix'))]" + }, + "subnetId": { + "value": "[format('{0}/subnets/snet-training', reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.id.value)]" + }, + "adminUsername": { + "value": "[parameters('dsvmJumpboxUsername')]" + }, + "adminPassword": { + "value": "[parameters('dsvmJumpboxPassword')]" + }, + "networkSecurityGroupId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('nsg-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.networkSecurityGroup.value]" + }, + "vmSizeParameter": { + "value": "[parameters('amlComputeDefaultVmSize')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.24.24.22086", + "templateHash": "10664393767878133670" + } + }, + "parameters": { + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Azure region of the deployment" + } + }, + "subnetId": { + "type": "string", + "metadata": { + "description": "Resource ID of the subnet" + } + }, + "networkSecurityGroupId": { + "type": "string", + "metadata": { + "description": "Network Security Group Resource ID" + } + }, + "virtualMachineName": { + "type": "string", + "metadata": { + "description": "Virtual machine name" + } + }, + "vmSizeParameter": { + "type": "string", + "metadata": { + "description": "Virtual machine size" + } + }, + "adminUsername": { + "type": "string", + "metadata": { + "description": "Virtual machine admin username" + } + }, + "adminPassword": { + "type": "securestring", + "minLength": 8, + "metadata": { + "description": "Virtual machine admin password" + } + } + }, + "variables": { + "aadLoginExtensionName": "AADLoginForWindows" + }, + "resources": [ + { + "type": "Microsoft.Network/networkInterfaces", + "apiVersion": "2022-07-01", + "name": "[format('{0}-nic', parameters('virtualMachineName'))]", + "location": "[parameters('location')]", + "properties": { + "ipConfigurations": [ + { + "name": "ipconfig1", + "properties": { + "subnet": { + "id": "[parameters('subnetId')]" + }, + "privateIPAllocationMethod": "Dynamic" + } + } + ], + "networkSecurityGroup": { + "id": "[parameters('networkSecurityGroupId')]" + } + } + }, + { + "type": "Microsoft.Compute/virtualMachines", + "apiVersion": "2021-03-01", + "name": "[parameters('virtualMachineName')]", + "location": "[parameters('location')]", + "properties": { + "hardwareProfile": { + "vmSize": "[parameters('vmSizeParameter')]" + }, + "storageProfile": { + "osDisk": { + "createOption": "FromImage", + "managedDisk": { + "storageAccountType": "Premium_LRS" + } + }, + "imageReference": { + "publisher": "microsoft-dsvm", + "offer": "dsvm-win-2019", + "sku": "server-2019", + "version": "latest" + } + }, + "networkProfile": { + "networkInterfaces": [ + { + "id": "[resourceId('Microsoft.Network/networkInterfaces', format('{0}-nic', parameters('virtualMachineName')))]" + } + ] + }, + "osProfile": { + "computerName": "[parameters('virtualMachineName')]", + "adminUsername": "[parameters('adminUsername')]", + "adminPassword": "[parameters('adminPassword')]", + "windowsConfiguration": { + "enableAutomaticUpdates": true, + "provisionVMAgent": true, + "patchSettings": { + "enableHotpatching": false, + "patchMode": "AutomaticByOS" + } + } + }, + "diagnosticsProfile": { + "bootDiagnostics": { + "enabled": true + } + } + }, + "identity": { + "type": "SystemAssigned" + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/networkInterfaces', format('{0}-nic', parameters('virtualMachineName')))]" + ] + }, + { + "type": "Microsoft.Compute/virtualMachines/extensions", + "apiVersion": "2021-11-01", + "name": "[format('{0}/{1}', parameters('virtualMachineName'), variables('aadLoginExtensionName'))]", + "location": "[parameters('location')]", + "properties": { + "publisher": "Microsoft.Azure.ActiveDirectory", + "type": "[variables('aadLoginExtensionName')]", + "typeHandlerVersion": "1.0", + "autoUpgradeMinorVersion": true + }, + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines', parameters('virtualMachineName'))]" + ] + } + ], + "outputs": { + "dsvmId": { + "type": "string", + "value": "[resourceId('Microsoft.Compute/virtualMachines', parameters('virtualMachineName'))]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', format('nsg-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix')))]", + "[resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix')))]" + ] + }, + { + "condition": "[parameters('deployJumphost')]", + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[format('bas-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "bastionHostName": { + "value": "[format('bas-{0}-{1}', variables('name'), variables('uniqueSuffix'))]" + }, + "location": { + "value": "[parameters('location')]" + }, + "vnetName": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix'))), '2022-09-01').outputs.name.value]" + }, + "addressPrefix": { + "value": "[parameters('azureBastionSubnetPrefix')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.24.24.22086", + "templateHash": "11582265856033040555" + } + }, + "parameters": { + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "The Azure region where the Bastion should be deployed" + } + }, + "vnetName": { + "type": "string", + "metadata": { + "description": "Virtual network name" + } + }, + "addressPrefix": { + "type": "string", + "defaultValue": "192.168.250.0/27", + "metadata": { + "description": "The address prefix to use for the Bastion subnet" + } + }, + "publicIpName": { + "type": "string", + "defaultValue": "pip-bastion", + "metadata": { + "description": "The name of the Bastion public IP address" + } + }, + "bastionHostName": { + "type": "string", + "defaultValue": "bastion-jumpbox", + "metadata": { + "description": "The name of the Bastion host" + } + } + }, + "variables": { + "subnetName": "AzureBastionSubnet" + }, + "resources": [ + { + "type": "Microsoft.Network/virtualNetworks/subnets", + "apiVersion": "2022-01-01", + "name": "[format('{0}/{1}', parameters('vnetName'), variables('subnetName'))]", + "properties": { + "addressPrefix": "[parameters('addressPrefix')]", + "privateEndpointNetworkPolicies": "Disabled", + "privateLinkServiceNetworkPolicies": "Disabled" + } + }, + { + "type": "Microsoft.Network/publicIPAddresses", + "apiVersion": "2022-01-01", + "name": "[parameters('publicIpName')]", + "location": "[parameters('location')]", + "sku": { + "name": "Standard" + }, + "properties": { + "publicIPAllocationMethod": "Static" + } + }, + { + "type": "Microsoft.Network/bastionHosts", + "apiVersion": "2022-01-01", + "name": "[parameters('bastionHostName')]", + "location": "[parameters('location')]", + "properties": { + "ipConfigurations": [ + { + "name": "IpConf", + "properties": { + "subnet": { + "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', split(format('{0}/{1}', parameters('vnetName'), variables('subnetName')), '/')[0], split(format('{0}/{1}', parameters('vnetName'), variables('subnetName')), '/')[1])]" + }, + "publicIPAddress": { + "id": "[resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIpName'))]" + } + } + } + ] + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/virtualNetworks/subnets', split(format('{0}/{1}', parameters('vnetName'), variables('subnetName')), '/')[0], split(format('{0}/{1}', parameters('vnetName'), variables('subnetName')), '/')[1])]", + "[resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIpName'))]" + ] + } + ], + "outputs": { + "bastionId": { + "type": "string", + "value": "[resourceId('Microsoft.Network/bastionHosts', parameters('bastionHostName'))]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', format('vnet-{0}-{1}-deployment', variables('name'), variables('uniqueSuffix')))]" + ] + } + ] +} \ No newline at end of file diff --git a/src/az-aml-byo-vnet/deploy/bicep/modules/applicationinsights.bicep b/src/az-aml-byo-vnet/deploy/bicep/modules/applicationinsights.bicep new file mode 100644 index 0000000..d86d576 --- /dev/null +++ b/src/az-aml-byo-vnet/deploy/bicep/modules/applicationinsights.bicep @@ -0,0 +1,39 @@ +// Creates an Application Insights instance as dependency for Azure ML +@description('Azure region of the deployment') +param location string = resourceGroup().location + +@description('Tags to add to the resources') +param tags object = {} + +@description('Application Insights resource name') +param applicationInsightsName string + +@description('Log Analytics resource name') +param logAnalyticsWorkspaceName string + +resource logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2021-06-01' = { + name: logAnalyticsWorkspaceName + location: location + properties: { + sku: { + name: 'PerGB2018' + } + retentionInDays: 30 + publicNetworkAccessForIngestion: 'Enabled' + publicNetworkAccessForQuery: 'Disabled' + } +} + +resource applicationInsights 'Microsoft.Insights/components@2020-02-02' = { + name: applicationInsightsName + location: location + tags: tags + kind: 'web' + properties: { + Application_Type: 'web' + WorkspaceResourceId: logAnalyticsWorkspace.id + Flow_Type: 'Bluefield' + } +} + +output applicationInsightsId string = applicationInsights.id diff --git a/src/az-aml-byo-vnet/deploy/bicep/modules/bastion.bicep b/src/az-aml-byo-vnet/deploy/bicep/modules/bastion.bicep new file mode 100644 index 0000000..00e94e3 --- /dev/null +++ b/src/az-aml-byo-vnet/deploy/bicep/modules/bastion.bicep @@ -0,0 +1,60 @@ +// Creates an Azure Bastion Subnet and host in the specified virtual network +@description('The Azure region where the Bastion should be deployed') +param location string = resourceGroup().location + +@description('Virtual network name') +param vnetName string + +@description('The address prefix to use for the Bastion subnet') +param addressPrefix string = '192.168.250.0/27' + +@description('The name of the Bastion public IP address') +param publicIpName string = 'pip-bastion' + +@description('The name of the Bastion host') +param bastionHostName string = 'bastion-jumpbox' + +// The Bastion Subnet is required to be named 'AzureBastionSubnet' +var subnetName = 'AzureBastionSubnet' + +resource bastionSubnet 'Microsoft.Network/virtualNetworks/subnets@2022-01-01' = { + name: '${vnetName}/${subnetName}' + properties: { + addressPrefix: addressPrefix + privateEndpointNetworkPolicies: 'Disabled' + privateLinkServiceNetworkPolicies: 'Disabled' + } +} + +resource publicIpAddressForBastion 'Microsoft.Network/publicIPAddresses@2022-01-01' = { + name: publicIpName + location: location + sku: { + name: 'Standard' + } + properties: { + publicIPAllocationMethod: 'Static' + } +} + +resource bastionHost 'Microsoft.Network/bastionHosts@2022-01-01' = { + name: bastionHostName + location: location + properties: { + ipConfigurations: [ + { + name: 'IpConf' + properties: { + subnet: { + id: bastionSubnet.id + } + publicIPAddress: { + id: publicIpAddressForBastion.id + } + } + } + ] + } +} + +output bastionId string = bastionHost.id diff --git a/src/az-aml-byo-vnet/deploy/bicep/modules/containerregistry.bicep b/src/az-aml-byo-vnet/deploy/bicep/modules/containerregistry.bicep new file mode 100644 index 0000000..634c3fc --- /dev/null +++ b/src/az-aml-byo-vnet/deploy/bicep/modules/containerregistry.bicep @@ -0,0 +1,110 @@ +// Creates an Azure Container Registry with Azure Private Link endpoint +@description('Azure region of the deployment') +param location string + +@description('Tags to add to the resources') +param tags object + +@description('Container registry name') +param containerRegistryName string + +@description('Container registry private link endpoint name') +param containerRegistryPleName string + +@description('Resource ID of the subnet') +param subnetId string + +@description('Resource ID of the virtual network') +param virtualNetworkId string + +var containerRegistryNameCleaned = replace(containerRegistryName, '-', '') + +var privateDnsZoneName = 'privatelink${environment().suffixes.acrLoginServer}' + +var groupName = 'registry' + +resource containerRegistry 'Microsoft.ContainerRegistry/registries@2021-09-01' = { + name: containerRegistryNameCleaned + location: location + tags: tags + sku: { + name: 'Premium' + } + properties: { + adminUserEnabled: true + dataEndpointEnabled: false + networkRuleBypassOptions: 'AzureServices' + networkRuleSet: { + defaultAction: 'Deny' + } + policies: { + quarantinePolicy: { + status: 'disabled' + } + retentionPolicy: { + status: 'enabled' + days: 7 + } + trustPolicy: { + status: 'disabled' + type: 'Notary' + } + } + publicNetworkAccess: 'Disabled' + zoneRedundancy: 'Disabled' + } +} + +resource containerRegistryPrivateEndpoint 'Microsoft.Network/privateEndpoints@2022-01-01' = { + name: containerRegistryPleName + location: location + tags: tags + properties: { + privateLinkServiceConnections: [ + { + name: containerRegistryPleName + properties: { + groupIds: [ + groupName + ] + privateLinkServiceId: containerRegistry.id + } + } + ] + subnet: { + id: subnetId + } + } +} + +resource acrPrivateDnsZone 'Microsoft.Network/privateDnsZones@2020-06-01' = { + name: privateDnsZoneName + location: 'global' +} + +resource privateEndpointDns 'Microsoft.Network/privateEndpoints/privateDnsZoneGroups@2022-01-01' = { + name: '${containerRegistryPrivateEndpoint.name}/${groupName}-PrivateDnsZoneGroup' + properties:{ + privateDnsZoneConfigs: [ + { + name: privateDnsZoneName + properties:{ + privateDnsZoneId: acrPrivateDnsZone.id + } + } + ] + } +} + +resource acrPrivateDnsZoneVnetLink 'Microsoft.Network/privateDnsZones/virtualNetworkLinks@2020-06-01' = { + name: '${acrPrivateDnsZone.name}/${uniqueString(containerRegistry.id)}' + location: 'global' + properties: { + registrationEnabled: false + virtualNetwork: { + id: virtualNetworkId + } + } +} + +output containerRegistryId string = containerRegistry.id diff --git a/src/az-aml-byo-vnet/deploy/bicep/modules/dsvmjumpbox.bicep b/src/az-aml-byo-vnet/deploy/bicep/modules/dsvmjumpbox.bicep new file mode 100644 index 0000000..def42a7 --- /dev/null +++ b/src/az-aml-byo-vnet/deploy/bicep/modules/dsvmjumpbox.bicep @@ -0,0 +1,111 @@ +// Creates a Data Science Virtual Machine jumpbox. +@description('Azure region of the deployment') +param location string = resourceGroup().location + +@description('Resource ID of the subnet') +param subnetId string + +@description('Network Security Group Resource ID') +param networkSecurityGroupId string + +@description('Virtual machine name') +param virtualMachineName string + +@description('Virtual machine size') +param vmSizeParameter string + +@description('Virtual machine admin username') +param adminUsername string + +@secure() +@minLength(8) +@description('Virtual machine admin password') +param adminPassword string + +var aadLoginExtensionName = 'AADLoginForWindows' + +resource networkInterface 'Microsoft.Network/networkInterfaces@2022-07-01' = { + name: '${virtualMachineName}-nic' + location: location + properties: { + ipConfigurations: [ + { + name: 'ipconfig1' + properties: { + subnet: { + id: subnetId + } + privateIPAllocationMethod: 'Dynamic' + } + } + ] + networkSecurityGroup: { + id: networkSecurityGroupId + } + } +} + +resource virtualMachine 'Microsoft.Compute/virtualMachines@2021-03-01' = { + name: virtualMachineName + location: location + properties: { + hardwareProfile: { + vmSize: vmSizeParameter + } + storageProfile: { + osDisk: { + createOption: 'FromImage' + managedDisk: { + storageAccountType: 'Premium_LRS' + } + } + imageReference: { + publisher: 'microsoft-dsvm' + offer: 'dsvm-win-2019' + sku: 'server-2019' + version: 'latest' + } + } + networkProfile: { + networkInterfaces: [ + { + id: networkInterface.id + } + ] + } + osProfile: { + computerName: virtualMachineName + adminUsername: adminUsername + adminPassword: adminPassword + windowsConfiguration: { + enableAutomaticUpdates: true + provisionVMAgent: true + patchSettings: { + enableHotpatching: false + patchMode: 'AutomaticByOS' + } + } + } + diagnosticsProfile: { + bootDiagnostics: { + enabled: true + } + } + } + identity: { + type: 'SystemAssigned' + } +} + +resource virtualMachineName_aadLoginExtensionName 'Microsoft.Compute/virtualMachines/extensions@2021-11-01' = { + name: '${virtualMachine.name}/${aadLoginExtensionName}' + location: location + properties: { + publisher: 'Microsoft.Azure.ActiveDirectory' + type: aadLoginExtensionName + typeHandlerVersion: '1.0' + autoUpgradeMinorVersion: true + } +} + +output dsvmId string = virtualMachine.id diff --git a/src/az-aml-byo-vnet/deploy/bicep/modules/keyvault.bicep b/src/az-aml-byo-vnet/deploy/bicep/modules/keyvault.bicep new file mode 100644 index 0000000..58053f8 --- /dev/null +++ b/src/az-aml-byo-vnet/deploy/bicep/modules/keyvault.bicep @@ -0,0 +1,99 @@ +// Creates a KeyVault with Private Link Endpoint +@description('The Azure Region to deploy the resources into') +param location string = resourceGroup().location + +@description('Tags to apply to the Key Vault Instance') +param tags object = {} + +@description('The name of the Key Vault') +param keyvaultName string + +@description('The name of the Key Vault private link endpoint') +param keyvaultPleName string + +@description('The Subnet ID where the Key Vault Private Link is to be created') +param subnetId string + +@description('The VNet ID where the Key Vault Private Link is to be created') +param virtualNetworkId string + +var privateDnsZoneName = 'privatelink${environment().suffixes.keyvaultDns}' + +resource keyVault 'Microsoft.KeyVault/vaults@2021-10-01' = { + name: keyvaultName + location: location + tags: tags + properties: { + createMode: 'default' + enabledForDeployment: false + enabledForDiskEncryption: false + enabledForTemplateDeployment: false + enableSoftDelete: true + enableRbacAuthorization: true + enablePurgeProtection: true + networkAcls: { + bypass: 'AzureServices' + defaultAction: 'Deny' + } + sku: { + family: 'A' + name: 'standard' + } + softDeleteRetentionInDays: 7 + tenantId: subscription().tenantId + } +} + +resource keyVaultPrivateEndpoint 'Microsoft.Network/privateEndpoints@2022-01-01' = { + name: keyvaultPleName + location: location + tags: tags + properties: { + privateLinkServiceConnections: [ + { + name: keyvaultPleName + properties: { + groupIds: [ + 'vault' + ] + privateLinkServiceId: keyVault.id + } + } + ] + subnet: { + id: subnetId + } + } +} + +resource keyVaultPrivateDnsZone 'Microsoft.Network/privateDnsZones@2020-06-01' = { + name: privateDnsZoneName + location: 'global' +} + +resource privateEndpointDns 'Microsoft.Network/privateEndpoints/privateDnsZoneGroups@2022-01-01' = { + name: '${keyVaultPrivateEndpoint.name}/vault-PrivateDnsZoneGroup' + properties:{ + privateDnsZoneConfigs: [ + { + name: privateDnsZoneName + properties:{ + privateDnsZoneId: keyVaultPrivateDnsZone.id + } + } + ] + } +} + +resource keyVaultPrivateDnsZoneVnetLink 'Microsoft.Network/privateDnsZones/virtualNetworkLinks@2020-06-01' = { + name: '${keyVaultPrivateDnsZone.name}/${uniqueString(keyVault.id)}' + location: 'global' + properties: { + registrationEnabled: false + virtualNetwork: { + id: virtualNetworkId + } + } +} + +output keyvaultId string = keyVault.id diff --git a/src/az-aml-byo-vnet/deploy/bicep/modules/machinelearning.bicep b/src/az-aml-byo-vnet/deploy/bicep/modules/machinelearning.bicep new file mode 100644 index 0000000..a8717b6 --- /dev/null +++ b/src/az-aml-byo-vnet/deploy/bicep/modules/machinelearning.bicep @@ -0,0 +1,114 @@ +// Creates a machine learning workspace, private endpoints and compute resources +// Compute resources include a GPU cluster, CPU cluster, compute instance and attached private AKS cluster +@description('Prefix for resource names') +param prefix string + +@description('Azure region of the deployment') +param location string + +@description('Tags to add to the resources') +param tags object + +@description('Machine learning workspace name') +param machineLearningName string + +@description('Machine learning workspace display name') +param machineLearningFriendlyName string = machineLearningName + +@description('Machine learning workspace description') +param machineLearningDescription string + +@description('Name of the Azure Kubernetes services resource to create and attached to the machine learning workspace') +param mlAksName string + +@description('Resource ID of the application insights resource') +param applicationInsightsId string + +@description('Resource ID of the container registry resource') +param containerRegistryId string + +@description('Resource ID of the key vault resource') +param keyVaultId string + +@description('Resource ID of the storage account resource') +param storageAccountId string + +@description('Resource ID of the subnet resource') +param subnetId string + +@description('Resource ID of the compute subnet') +param computeSubnetId string + +@description('Resource ID of the Azure Kubernetes services resource') +param aksSubnetId string + +@description('Resource ID of the virtual network') +param virtualNetworkId string + +@description('Machine learning workspace private link endpoint name') +param machineLearningPleName string + +@description('Enable public IP for Azure Machine Learning compute nodes') +param amlComputePublicIp bool = true + +@description('VM size for the default compute cluster') +param vmSizeParam string + +resource machineLearning 'Microsoft.MachineLearningServices/workspaces@2022-05-01' = { + name: machineLearningName + location: location + tags: tags + identity: { + type: 'SystemAssigned' + } + properties: { + // workspace organization + friendlyName: machineLearningFriendlyName + description: machineLearningDescription + + // dependent resources + applicationInsights: applicationInsightsId + containerRegistry: containerRegistryId + keyVault: keyVaultId + storageAccount: storageAccountId + + // configuration for workspaces with private link endpoint + imageBuildCompute: 'cluster001' + publicNetworkAccess: 'Disabled' + } +} + +module machineLearningPrivateEndpoint 'machinelearningnetworking.bicep' = { + name: 'machineLearningNetworking' + scope: resourceGroup() + params: { + location: location + tags: tags + virtualNetworkId: virtualNetworkId + workspaceArmId: machineLearning.id + subnetId: subnetId + machineLearningPleName: machineLearningPleName + } +} + +module machineLearningCompute 'machinelearningcompute.bicep' = { + name: 'machineLearningComputes' + scope: resourceGroup() + params: { + machineLearning: machineLearningName + location: location + computeSubnetId:computeSubnetId + aksName: mlAksName + aksSubnetId: aksSubnetId + prefix: prefix + tags: tags + amlComputePublicIp: amlComputePublicIp + vmSizeParam: vmSizeParam + } + dependsOn: [ + machineLearning + machineLearningPrivateEndpoint + ] +} + +output machineLearningId string = machineLearning.id diff --git a/src/az-aml-byo-vnet/deploy/bicep/modules/machinelearningcompute.bicep b/src/az-aml-byo-vnet/deploy/bicep/modules/machinelearningcompute.bicep new file mode 100644 index 0000000..9072766 --- /dev/null +++ b/src/az-aml-byo-vnet/deploy/bicep/modules/machinelearningcompute.bicep @@ -0,0 +1,100 @@ +// Creates compute resources in the specified machine learning workspace +// Includes Compute Instance, Compute Cluster and attached Azure Kubernetes Service compute types +@description('Prefix for resource names') +param prefix string + +@description('Azure Machine Learning workspace to create the compute resources in') +param machineLearning string + +@description('Azure region of the deployment') +param location string + +@description('Tags to add to the resources') +param tags object + +@description('Resource ID of the compute subnet') +param computeSubnetId string + +@description('Name of the Azure Kubernetes services resource') +param aksName string + +@description('Resource ID of the Azure Kubernetes services resource') +param aksSubnetId string + +@description('Resource ID of the Azure Kubernetes services resource') +param amlComputePublicIp bool + +@description('VM size for the default compute cluster') +param vmSizeParam string + +resource machineLearningCluster001 'Microsoft.MachineLearningServices/workspaces/computes@2022-05-01' = { + name: '${machineLearning}/cluster001' + location: location + tags: tags + identity: { + type: 'SystemAssigned' + } + properties: { + computeType: 'AmlCompute' + computeLocation: location + description: 'Machine Learning cluster 001' + disableLocalAuth: true + properties: { + vmPriority: 'Dedicated' + vmSize: vmSizeParam + enableNodePublicIp: amlComputePublicIp + isolatedNetwork: false + osType: 'Linux' + remoteLoginPortPublicAccess: 'Disabled' + scaleSettings: { + minNodeCount: 0 + maxNodeCount: 5 + nodeIdleTimeBeforeScaleDown: 'PT120S' + } + subnet: { + id: computeSubnetId + } + } + } +} + +resource machineLearningComputeInstance001 'Microsoft.MachineLearningServices/workspaces/computes@2022-05-01' = { + name: '${machineLearning}/${prefix}-ci001' + location: location + tags: tags + identity: { + type: 'SystemAssigned' + } + properties: { + computeType: 'ComputeInstance' + computeLocation: location + description: 'Machine Learning compute instance 001' + disableLocalAuth: true + properties: { + applicationSharingPolicy: 'Personal' + + computeInstanceAuthorizationType: 'personal' + sshSettings: { + sshPublicAccess: 'Disabled' + } + subnet: { + id: computeSubnetId + } + vmSize: vmSizeParam + } + } +} + +module machineLearningAksCompute 'privateaks.bicep' = { + name: aksName + scope: resourceGroup() + params: { + location: location + tags: tags + aksClusterName: aksName + computeName: aksName + aksSubnetId: aksSubnetId + workspaceName: machineLearning + vmSizeParam: vmSizeParam + } +} diff --git a/src/az-aml-byo-vnet/deploy/bicep/modules/machinelearningnetworking.bicep b/src/az-aml-byo-vnet/deploy/bicep/modules/machinelearningnetworking.bicep new file mode 100644 index 0000000..aa96717 --- /dev/null +++ b/src/az-aml-byo-vnet/deploy/bicep/modules/machinelearningnetworking.bicep @@ -0,0 +1,105 @@ +// Creates private endpoints and DNS zones for the azure machine learning workspace +@description('Azure region of the deployment') +param location string + +@description('Machine learning workspace private link endpoint name') +param machineLearningPleName string + +@description('Resource ID of the virtual network resource') +param virtualNetworkId string + +@description('Resource ID of the subnet resource') +param subnetId string + +@description('Resource ID of the machine learning workspace') +param workspaceArmId string + +@description('Tags to add to the resources') +param tags object + +var privateDnsZoneName = { + azureusgovernment: 'privatelink.api.ml.azure.us' + azurechinacloud: 'privatelink.api.ml.azure.cn' + azurecloud: 'privatelink.api.azureml.ms' +} + +var privateAznbDnsZoneName = { + azureusgovernment: 'privatelink.notebooks.usgovcloudapi.net' + azurechinacloud: 'privatelink.notebooks.chinacloudapi.cn' + azurecloud: 'privatelink.notebooks.azure.net' +} + +resource machineLearningPrivateEndpoint 'Microsoft.Network/privateEndpoints@2022-01-01' = { + name: machineLearningPleName + location: location + tags: tags + properties: { + privateLinkServiceConnections: [ + { + name: machineLearningPleName + properties: { + groupIds: [ + 'amlworkspace' + ] + privateLinkServiceId: workspaceArmId + } + } + ] + subnet: { + id: subnetId + } + } +} + +resource amlPrivateDnsZone 'Microsoft.Network/privateDnsZones@2020-06-01' = { + name: privateDnsZoneName[toLower(environment().name)] + location: 'global' +} + +resource amlPrivateDnsZoneVnetLink 'Microsoft.Network/privateDnsZones/virtualNetworkLinks@2020-06-01' = { + name: '${amlPrivateDnsZone.name}/${uniqueString(workspaceArmId)}' + location: 'global' + properties: { + registrationEnabled: false + virtualNetwork: { + id: virtualNetworkId + } + } +} + +// Notebook +resource notebookPrivateDnsZone 'Microsoft.Network/privateDnsZones@2020-06-01' = { + name: privateAznbDnsZoneName[toLower(environment().name)] + location: 'global' +} + +resource notebookPrivateDnsZoneVnetLink 'Microsoft.Network/privateDnsZones/virtualNetworkLinks@2020-06-01' = { + name: '${notebookPrivateDnsZone.name}/${uniqueString(workspaceArmId)}' + location: 'global' + properties: { + registrationEnabled: false + virtualNetwork: { + id: virtualNetworkId + } + } +} + +resource privateEndpointDns 'Microsoft.Network/privateEndpoints/privateDnsZoneGroups@2022-01-01' = { + name: '${machineLearningPrivateEndpoint.name}/amlworkspace-PrivateDnsZoneGroup' + properties:{ + privateDnsZoneConfigs: [ + { + name: privateDnsZoneName[environment().name] + properties:{ + privateDnsZoneId: amlPrivateDnsZone.id + } + } + { + name: privateAznbDnsZoneName[environment().name] + properties:{ + privateDnsZoneId: notebookPrivateDnsZone.id + } + } + ] + } +} diff --git a/src/az-aml-byo-vnet/deploy/bicep/modules/nsg.bicep b/src/az-aml-byo-vnet/deploy/bicep/modules/nsg.bicep new file mode 100644 index 0000000..e1c1ddf --- /dev/null +++ b/src/az-aml-byo-vnet/deploy/bicep/modules/nsg.bicep @@ -0,0 +1,139 @@ +// Creates a network security group preconfigured for use with Azure ML +// To learn more, see https://docs.microsoft.com/en-us/azure/machine-learning/how-to-access-azureml-behind-firewall +@description('Azure region of the deployment') +param location string + +@description('Tags to add to the resources') +param tags object + +@description('Name of the network security group') +param nsgName string + +resource nsg 'Microsoft.Network/networkSecurityGroups@2022-01-01' = { + name: nsgName + location: location + tags: tags + properties: { + securityRules: [ + { + name: 'BatchNodeManagement' + properties: { + protocol: 'Tcp' + sourcePortRange: '*' + destinationPortRange: '29876-29877' + sourceAddressPrefix: 'BatchNodeManagement' + destinationAddressPrefix: '*' + access: 'Allow' + priority: 120 + direction: 'Inbound' + } + } + { + name: 'AzureMachineLearning' + properties: { + protocol: 'Tcp' + sourcePortRange: '*' + destinationPortRange: '44224' + sourceAddressPrefix: 'AzureMachineLearning' + destinationAddressPrefix: '*' + access: 'Allow' + priority: 130 + direction: 'Inbound' + } + } + { + name: 'AzureActiveDirectory' + properties: { + protocol: 'Tcp' + sourcePortRange: '*' + destinationPortRange: '*' + sourceAddressPrefix: '*' + destinationAddressPrefix: 'AzureActiveDirectory' + access: 'Allow' + priority: 140 + direction: 'Outbound' + } + } + { + name: 'AzureMachineLearningOutbound' + properties: { + protocol: 'Tcp' + sourcePortRange: '*' + destinationPortRange: '443' + sourceAddressPrefix: '*' + destinationAddressPrefix: 'AzureMachineLearning' + access: 'Allow' + priority: 150 + direction: 'Outbound' + } + } + { + name: 'AzureResourceManager' + properties: { + protocol: 'Tcp' + sourcePortRange: '*' + destinationPortRange: '443' + sourceAddressPrefix: '*' + destinationAddressPrefix: 'AzureResourceManager' + access: 'Allow' + priority: 160 + direction: 'Outbound' + } + } + { + name: 'AzureStorageAccount' + properties: { + protocol: 'Tcp' + sourcePortRange: '*' + destinationPortRange: '443' + sourceAddressPrefix: '*' + destinationAddressPrefix: 'Storage.${location}' + access: 'Allow' + priority: 170 + direction: 'Outbound' + } + } + { + name: 'AzureFrontDoor' + properties: { + protocol: 'Tcp' + sourcePortRange: '*' + destinationPortRange: '443' + sourceAddressPrefix: '*' + destinationAddressPrefix: 'AzureFrontDoor.FrontEnd' + access: 'Allow' + priority: 180 + direction: 'Outbound' + } + } + { + name: 'AzureContainerRegistry' + properties: { + protocol: 'Tcp' + sourcePortRange: '*' + destinationPortRange: '443' + sourceAddressPrefix: '*' + destinationAddressPrefix: 'AzureContainerRegistry.${location}' + access: 'Allow' + priority: 190 + direction: 'Outbound' + } + } + { + name: 'MicrosoftContainerRegistry' + properties: { + protocol: 'Tcp' + sourcePortRange: '*' + destinationPortRange: '443' + sourceAddressPrefix: 'VirtualNetwork' + destinationAddressPrefix: 'MicrosoftContainerRegistry' + access: 'Allow' + priority: 200 + direction: 'Outbound' + } + } + ] + } +} + +output networkSecurityGroup string = nsg.id diff --git a/src/az-aml-byo-vnet/deploy/bicep/modules/privateaks.bicep b/src/az-aml-byo-vnet/deploy/bicep/modules/privateaks.bicep new file mode 100644 index 0000000..a95728e --- /dev/null +++ b/src/az-aml-byo-vnet/deploy/bicep/modules/privateaks.bicep @@ -0,0 +1,74 @@ +// Creates an Azure Kubernetes Services and attaches it to the Azure Machine Learning workspace +@description('Name of the Azure Kubernetes Service cluster') +param aksClusterName string + +@description('Azure region of the deployment') +param location string + +@description('Tags to add to the resources') +param tags object + +@description('Resource ID for the Azure Kubernetes Service subnet') +param aksSubnetId string + +@description('Name of the Azure Machine Learning workspace') +param workspaceName string + +@description('Name of the Azure Machine Learning attached compute') +param computeName string + +@description('Size of the virtual machine') +param vmSizeParam string // = 'Standard_DS2_v2' + +resource aksCluster 'Microsoft.ContainerService/managedClusters@2022-04-01' = { + name: aksClusterName + location: location + tags: tags + identity: { + type: 'SystemAssigned' + } + properties: { + kubernetesVersion: '1.28.3' + dnsPrefix: '${aksClusterName}-dns' + agentPoolProfiles: [ + { + name: toLower('agentpool') + count: 3 + vmSize: vmSizeParam + osDiskSizeGB: 128 + vnetSubnetID: aksSubnetId + maxPods: 110 + osType: 'Linux' + mode: 'System' + type: 'VirtualMachineScaleSets' + } + ] + enableRBAC: true + networkProfile: { + networkPlugin: 'kubenet' + serviceCidr: '10.0.0.0/16' + dnsServiceIP: '10.0.0.10' + dockerBridgeCidr: '172.17.0.1/16' + loadBalancerSku: 'standard' + } + apiServerAccessProfile: { + enablePrivateCluster: true + } + } +} + +output aksResourceId string = aksCluster.id + +resource workspaceName_computeName 'Microsoft.MachineLearningServices/workspaces/computes@2022-05-01' = { + name: '${workspaceName}/${computeName}' + location: location + properties: { + computeType: 'AKS' + resourceId: aksCluster.id + properties: { + aksNetworkingConfiguration: { + subnetId: aksSubnetId + } + } + } +} diff --git a/src/az-aml-byo-vnet/deploy/bicep/modules/storage.bicep b/src/az-aml-byo-vnet/deploy/bicep/modules/storage.bicep new file mode 100644 index 0000000..35c682f --- /dev/null +++ b/src/az-aml-byo-vnet/deploy/bicep/modules/storage.bicep @@ -0,0 +1,207 @@ +// Creates a storage account, private endpoints and DNS zones +@description('Azure region of the deployment') +param location string + +@description('Tags to add to the resources') +param tags object + +@description('Name of the storage account') +param storageName string + +@description('Name of the storage blob private link endpoint') +param storagePleBlobName string + +@description('Name of the storage file private link endpoint') +param storagePleFileName string + +@description('Resource ID of the subnet') +param subnetId string + +@description('Resource ID of the virtual network') +param virtualNetworkId string + +@allowed([ + 'Standard_LRS' + 'Standard_ZRS' + 'Standard_GRS' + 'Standard_GZRS' + 'Standard_RAGRS' + 'Standard_RAGZRS' + 'Premium_LRS' + 'Premium_ZRS' +]) + +@description('Storage SKU') +param storageSkuName string = 'Standard_LRS' + +var storageNameCleaned = replace(storageName, '-', '') + +var blobPrivateDnsZoneName = 'privatelink.blob.${environment().suffixes.storage}' + +var filePrivateDnsZoneName = 'privatelink.file.${environment().suffixes.storage}' + +resource storage 'Microsoft.Storage/storageAccounts@2021-09-01' = { + name: storageNameCleaned + location: location + tags: tags + sku: { + name: storageSkuName + } + kind: 'StorageV2' + properties: { + accessTier: 'Hot' + allowBlobPublicAccess: false + allowCrossTenantReplication: false + allowSharedKeyAccess: true + encryption: { + keySource: 'Microsoft.Storage' + requireInfrastructureEncryption: false + services: { + blob: { + enabled: true + keyType: 'Account' + } + file: { + enabled: true + keyType: 'Account' + } + queue: { + enabled: true + keyType: 'Service' + } + table: { + enabled: true + keyType: 'Service' + } + } + } + isHnsEnabled: false + isNfsV3Enabled: false + keyPolicy: { + keyExpirationPeriodInDays: 7 + } + largeFileSharesState: 'Disabled' + minimumTlsVersion: 'TLS1_2' + networkAcls: { + bypass: 'AzureServices' + defaultAction: 'Deny' + } + supportsHttpsTrafficOnly: true + } +} + +resource storagePrivateEndpointBlob 'Microsoft.Network/privateEndpoints@2022-01-01' = { + name: storagePleBlobName + location: location + tags: tags + properties: { + privateLinkServiceConnections: [ + { + name: storagePleBlobName + properties: { + groupIds: [ + 'blob' + ] + privateLinkServiceId: storage.id + privateLinkServiceConnectionState: { + status: 'Approved' + description: 'Auto-Approved' + actionsRequired: 'None' + } + } + } + ] + subnet: { + id: subnetId + } + } +} + +resource storagePrivateEndpointFile 'Microsoft.Network/privateEndpoints@2022-01-01' = { + name: storagePleFileName + location: location + tags: tags + properties: { + privateLinkServiceConnections: [ + { + name: storagePleFileName + properties: { + groupIds: [ + 'file' + ] + privateLinkServiceId: storage.id + privateLinkServiceConnectionState: { + status: 'Approved' + description: 'Auto-Approved' + actionsRequired: 'None' + } + } + } + ] + subnet: { + id: subnetId + } + } +} + +resource blobPrivateDnsZone 'Microsoft.Network/privateDnsZones@2020-06-01' = { + name: blobPrivateDnsZoneName + location: 'global' +} + +resource privateEndpointDns 'Microsoft.Network/privateEndpoints/privateDnsZoneGroups@2022-01-01' = { + name: '${storagePrivateEndpointBlob.name}/blob-PrivateDnsZoneGroup' + properties:{ + privateDnsZoneConfigs: [ + { + name: blobPrivateDnsZoneName + properties:{ + privateDnsZoneId: blobPrivateDnsZone.id + } + } + ] + } +} + +resource blobPrivateDnsZoneVnetLink 'Microsoft.Network/privateDnsZones/virtualNetworkLinks@2020-06-01' = { + name: '${blobPrivateDnsZone.name}/${uniqueString(storage.id)}' + location: 'global' + properties: { + registrationEnabled: false + virtualNetwork: { + id: virtualNetworkId + } + } +} + +resource filePrivateDnsZone 'Microsoft.Network/privateDnsZones@2020-06-01' = { + name: filePrivateDnsZoneName + location: 'global' +} + +resource filePrivateEndpointDns 'Microsoft.Network/privateEndpoints/privateDnsZoneGroups@2022-01-01' = { + name: '${storagePrivateEndpointFile.name}/flie-PrivateDnsZoneGroup' + properties:{ + privateDnsZoneConfigs: [ + { + name: filePrivateDnsZoneName + properties:{ + privateDnsZoneId: filePrivateDnsZone.id + } + } + ] + } +} + +resource filePrivateDnsZoneVnetLink 'Microsoft.Network/privateDnsZones/virtualNetworkLinks@2020-06-01' = { + name: '${filePrivateDnsZone.name}/${uniqueString(storage.id)}' + location: 'global' + properties: { + registrationEnabled: false + virtualNetwork: { + id: virtualNetworkId + } + } +} + +output storageId string = storage.id diff --git a/src/az-aml-byo-vnet/deploy/bicep/modules/vnet.bicep b/src/az-aml-byo-vnet/deploy/bicep/modules/vnet.bicep new file mode 100644 index 0000000..44bf230 --- /dev/null +++ b/src/az-aml-byo-vnet/deploy/bicep/modules/vnet.bicep @@ -0,0 +1,72 @@ +// Creates a virtual network +@description('Azure region of the deployment') +param location string = resourceGroup().location + +@description('Tags to add to the resources') +param tags object = {} + +@description('Name of the virtual network resource') +param virtualNetworkName string + +@description('Group ID of the network security group') +param networkSecurityGroupId string + +@description('Virtual network address prefix') +param vnetAddressPrefix string = '192.168.0.0/16' + +@description('Training subnet address prefix') +param trainingSubnetPrefix string = '192.168.0.0/24' + +@description('Scoring subnet address prefix') +param scoringSubnetPrefix string = '192.168.1.0/24' + +resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = { + name: virtualNetworkName + location: location + tags: tags + properties: { + addressSpace: { + addressPrefixes: [ + vnetAddressPrefix + ] + } + subnets: [ + { + name: 'snet-training' + properties: { + addressPrefix: trainingSubnetPrefix + privateEndpointNetworkPolicies: 'Disabled' + privateLinkServiceNetworkPolicies: 'Disabled' + networkSecurityGroup: { + id: networkSecurityGroupId + } + } + } + { + name: 'snet-scoring' + properties: { + addressPrefix: scoringSubnetPrefix + privateEndpointNetworkPolicies: 'Disabled' + privateLinkServiceNetworkPolicies: 'Disabled' + serviceEndpoints: [ + { + service: 'Microsoft.KeyVault' + } + { + service: 'Microsoft.ContainerRegistry' + } + { + service: 'Microsoft.Storage' + } + ] + networkSecurityGroup: { + id: networkSecurityGroupId + } + } + } + ] + } +} + +output id string = virtualNetwork.id +output name string = virtualNetwork.name diff --git a/src/az-aml-byo-vnet/deploy/terraform/README.md b/src/az-aml-byo-vnet/deploy/terraform/README.md new file mode 100644 index 0000000..c6b69cf --- /dev/null +++ b/src/az-aml-byo-vnet/deploy/terraform/README.md @@ -0,0 +1,31 @@ + +# Working with Terraform + +## Prerequisites + +Before you can use this template, make sure you have the following prerequisites installed: + +- [Terraform](https://www.terraform.io/downloads.html) (version X.X.X) +- [Azure CLI](https://docs.microsoft.com/en-us/cli/azure/install-azure-cli) (version X.X.X) + + +## Usage + +To use this template, follow these steps: + +1. Clone this repository: `git clone https://github.com/your-username/terraform-template.git` +2. Change into the cloned directory: `cd terraform-template` +3. Initialize Terraform: `terraform init` +4. Modify the `variables.tf` file to customize the template according to your needs. +5. Review and modify the `main.tf` file to define your infrastructure resources. +6. Run `terraform plan` to see the execution plan. +7. Run `terraform apply` to provision the infrastructure resources. +8. When you're done, run `terraform destroy` to destroy the provisioned resources. + +## Contributing + +Contributions are welcome! If you find any issues or have suggestions for improvements, please open an issue or submit a pull request. + +## License + +This template is licensed under the [MIT License](LICENSE). diff --git a/src/az-aml-byo-vnet/deploy/terraform/main.tf b/src/az-aml-byo-vnet/deploy/terraform/main.tf new file mode 100644 index 0000000..2ea1235 --- /dev/null +++ b/src/az-aml-byo-vnet/deploy/terraform/main.tf @@ -0,0 +1,25 @@ +terraform { + required_version = ">=1.0" + + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "=3.0.2" + } + + azureml = { + source = "registry.terraform.io/orobix/azureml" + } + } +} + +provider "azurerm" { + features {} +} + +data "azurerm_client_config" "current" {} + +resource "azurerm_resource_group" "default" { + name = "rg-${var.name}-${var.environment}" + location = var.location +} \ No newline at end of file diff --git a/src/az-aml-byo-vnet/recipe-template.md b/src/az-aml-byo-vnet/recipe-template.md new file mode 100644 index 0000000..e2fc010 --- /dev/null +++ b/src/az-aml-byo-vnet/recipe-template.md @@ -0,0 +1,68 @@ +# Azure Machine Learning in a managed virtual network + + + +## Scenario + + +This scenario aims to address the challenge of correctly configuring an Azure machine learning workspace within a Microsoft managed VNet including ensuring appropriate connectivity with common services such as Storage and Key Vault. + +### Problem Summary + + +Azure machine learning workspace is composed of a number of different components: workspace storage account, key vault, machine learning Data Pipelines and Data Flows, SQL Dedicated pools, SQL Serverless pools, Spark pools and other external data sources. Despite being under a single machine learning umbrella service, each of these sub-components require a slightly different VNet configuration treatment to properly isolate network traffic. For example, generally you need at least four Private Endpoints configured for a single workspace each with connecting to a different sub-component. Another example, while managed workspace are generally a single tenant service with compute resources spun up within a designated Managed VNet, data scientist vm's, azure dev ops pipelines could be multi-tenanted and therefore require provisioning a Private Endpoint within the hub vnet in order to connect to the workspace successfully. + +In addition to this, customers will also need to ensure that traffic between the Azure machine learning workspace studio can still privately flow between the workspace components and additional Azure services such as Storage and Key Vault. This is done through the use of Private Endpoints. + +This recipe aims to provide developers a starting point with IaC + PaC example of an Azure machine learning workspace with all sub-component correctly configured to ensure traffic stays private, while still being able to connect to common additional services such as machine learning studio Azure Storage and Azure Key Vault. + +### Architecture + + + +### Recommendations + +The following sections provide recommendations on when this recipe should, and should not, be used. + +#### Recommended + + +This recipe is recommended if the following conditions are true: + +- TODO + +#### Not Recommended + + +This recipe is **not** recommended if the following conditions are true: + +- TODO + +## Getting Started + + + +### Pre-requisites + + +The following pre-requisites should be in place in order to successfully use this recipe: + +- TODO + +### Deployment + +To deploy this recipe, please perform the following actions: + + + +## Change Log + + + +## Next Steps + + diff --git a/src/az-aml-managed-vnet/README.md b/src/az-aml-managed-vnet/README.md new file mode 100644 index 0000000..363034d --- /dev/null +++ b/src/az-aml-managed-vnet/README.md @@ -0,0 +1,164 @@ +# Azure Machine Learning Workspace in a managed virtual network (Allow Internet Outbound) + + + +## Scenario + + +This scenario aims to address the challenge of correctly configuring an Azure Machine Learning (AML) workspace within a managed virtual network (managed VNet). This includes ensuring appropriate connectivity with common Azure services such as Azure Storage Account, Azure Key Vault, and Azure Container Registry. + +⚠️ WARNING: This code is experimental at this stage and provided solely for evaluation purposes. It is NOT intended for production use and may contain bugs, incomplete features, or other issues. Use at your own risk, as it may undergo significant changes without notice, and no guarantees or support are provided. By using this code, you acknowledge and agree to these conditions. Consult the documentation or contact the maintainer if you have questions or concerns. + +### Problem Summary + + +Azure machine learning workspace is composed of a number of different components: Machine Learning Studio, workspace storage account, key vault, machine learning Data Pipelines, container registry and other external data sources like Azure SQL Server, Azure Data Lake Storage Gen2 (ADLS Gen2). Despite being under a single machine learning umbrella service, each of these sub-components require a slightly different VNet configuration treatment to properly isolate network traffic. For instance, configuring at least four private endpoints is necessary for a single workspace, each connecting to a distinct sub-component. Another example pertains to managed workspaces, which are typically single-tenant services with compute resources deployed within a designated managed VNet. However, data scientist VMs and Azure DevOps pipelines could be multi-tenanted, and thus require the provisioning of a private endpoint within the bridge VNet in order to connect to the workspace successfully. + +In addition to this, customers will also need to ensure that traffic within the Azure machine learning workspace studio can still privately flow between the workspace components and additional Azure services such as external storage accounts. This is done through the use of private endpoints. Another crucial aspect to consider is the secure integration of Azure Machine Learning with Azure DevOps pipelines and GitHub actions, which is facilitated through a bridge virtual network ("VNet to access AML workspace and resources" in the architecture diagram). + +This recipe aims to provide developers with a starting point, offering an Infrastructure as Code (IaC) example of an Azure Machine Learning managed VNet workspace with the required secured networking configured as described above. + +### Architecture + + +![architecture](./media/AML_ManagedVNet_Secure_Architecture.png) + + +### Recommendations + +The following sections provide recommendations on when this recipe should, and should not, be used. + +#### Recommended + + +This recipe is recommended if the following conditions are true: + +- You want to isolate traffic at the network layer for your AML workspace and its sub-components. +- You can't have public IPs for your AML workspace and its sub-components. + +#### Not Recommended + + +This recipe is **not** recommended if the following conditions are true: + +- The AML workspace needs to be accessible from the public internet. +- Customer wants to use their own virtual network for the AML workspace. + +## Getting Started + + + +### Pre-requisites + + +The following pre-requisites should be in place in order to successfully deploy this recipe: + +- [Azure CLI](https://docs.microsoft.com/cli/azure/install-azure-cli) +- [.NET Core 7.0](https://docs.microsoft.com/dotnet/core/install/) +- [Terraform](https://www.terraform.io/downloads.html) +- [Terraform on Azure](https://learn.microsoft.com/en-us/azure/developer/terraform/overview) +- [Configure Terraform in Windows on Bash](https://learn.microsoft.com/en-us/azure/developer/terraform/get-started-windows-bash?tabs=bash) + +### Deployment + +To deploy this recipe, perform the infrastructure deployment steps using Terraform. Unix/Linux shell script is also provided with az cli commands to peform the quick set-up in PoC enviroments. + + + +#### Deploying Infrastructure Using Terraform + + + +[Pre-requisites](https://learn.microsoft.com/en-us/azure/developer/terraform/get-started-windows-bash?tabs=bash) +- Azure subscription: If you don't have an Azure subscription, create a free account before you begin. +- There are many options on Windows to run bash commands, including Git Bash and Windows Terminal. This article has been tested using Git Bash. Download and install [Git Bash](https://git-scm.com/download/win). +- [Install the Azure CLI](https://learn.microsoft.com/en-us/cli/azure/install-azure-cli-windows) +- [Install Terraform for Windows](https://learn.microsoft.com/en-us/azure/developer/terraform/get-started-windows-powershell?tabs=bash) + - [Download Terraform](https://www.terraform.io/downloads.html) + + ![pwd](./media/curl_terraform_windows.png) + + - From the download, extract the executable to a directory of your choosing (for example, c:\terraform). + ![pwd](./media/unzip_terraform.png) + + - Update your [system's global path to the executable](https://stackoverflow.com/questions/1618280/where-can-i-set-path-to-make-exe-on-windows). + variable name - 'terraform' + - Open a Git bash terminal window. Verify the global path configuration with the terraform command. + ### Bash + ``` + terraform version + ``` + ![tf version](./media/terraform_outofdate.png) + - If the Terraform version is outdated, follow the links and steps outlined in the [Install Terraform for Windows](https://learn.microsoft.com/en-us/azure/developer/terraform/get-started-windows-powershell?tabs=bash) guide to update Terraform to the latest version. + - For other configurations for the Terraform, refer the [quickstart](https://learn.microsoft.com/en-us/azure/developer/terraform/quickstart-configure) guide for installing and configuring Terraform. + - Login to Azure and set the Azure subscription. + ``` + pwd + az account show + - Login using the below command if the previous command does not return account details + az login --use-device-code + az account set --subscription + - Check user name, user type and subscription details using the command below + az account show + ``` + + - Create an Azure resource group and note down the name. + ``` + az group create --location --name + ``` + + ``` + mkdir src + ``` + + ``` + cd src + mkdir aml_managed_vnet + cd aml_managed_vnet + cp *.tf . + ``` +Note: For this step, the terraform scripts supplied by us has to be copied to the bash terminal at the user defined location. Subsequently, those scripts are required to be copied to the /src/aml_managed_vnet location in the same bash terminal. + + + ``` + pwd + cd /src/aml_managed_vnet + terraform init + terraform plan -out mvnetworkspace.tfplan + terraform apply mvnetworkspace.tfplan + ``` +### Setting up VNet to access the managed VNet workspace and its resources + +In order to connect to an Azure Machine Learning (AML) workspace secured via a Managed VNet, you should create a private endpoint for the AML workspace inside a VNet where you would like to have access to the workspace (for example, inside a hub VNet). Simply follow the steps for [adding a private endpoint to a workspace](https://learn.microsoft.com/en-us/azure/machine-learning/how-to-configure-private-link?view=azureml-api-2&tabs=cli#add-a-private-endpoint-to-a-workspace) in Azure CLI or Portal. + +Once the private endpoint is created, there are several ways that you can connect to the secured workspace. The steps in the following article use a jump box for [connecting to the workspace](https://learn.microsoft.com/en-us/azure/machine-learning/tutorial-create-secure-workspace-vnet?view=azureml-api-2#connect-to-the-workspace), which is a virtual machine in the same VNet as where you have created the private endpoint. Alternatively, you can use Azure VPN gateway for connecing on-premises networks to the VNet where the private endpoint is created, or use ExpressRoute to connect on-premises networks into the cloud over a private connection. + +In addition to adding a private endpoint for the AML workspace, a private endpoint should be created for the AML dependant resources such as Azure Blob Storage and Key Vault inside your chosen VNet to enable connectivity to these resources. + +### Testing Solution +To test Azure Machine Learning (AML) end-to-end, you can follow these steps using the **AzureML in a day notebook** from the **Samples** folder within the Notebooks section of Azure Machine Learning: +- Create a Compute Instance: + - On the left navigation, select Compute and then Compute Instance. Create a new compute instance and supply a name. Keep all the defaults, expect under networking select No Public IP. Select Review & Create and wait for the deployment to be completed. +- Access the Notebook: + - Sign in to the Azure Machine Learning studio. + - Navigate to Notebooks and select the Samples tab. + - Look for the AzureML in a day notebook. + - Open the notebook and clikc on 'Clone' to create a copy in your workspace file share. +- Choose Your Environment: + - Access the notebook on an Azure Machine Learning compute instance. This provides a dedicated notebook server preloaded with the SDK and the Azure Machine Learning Notebooks repository. No downloads or installations required. +- Run the Notebook: + - Once you’ve chosen your environment, open the desired notebook. Execute the notebook to explore and test AML features end-to-end. + +## Change Log + + +- 2024-01-11 - Created feature branch and check-in code in i +- 2024-02-28 - Tested the terraform in git bash on windows + +## Next Steps + + diff --git a/src/az-aml-managed-vnet/deploy/Terraform/main.tf b/src/az-aml-managed-vnet/deploy/Terraform/main.tf new file mode 100644 index 0000000..bc9b83e --- /dev/null +++ b/src/az-aml-managed-vnet/deploy/Terraform/main.tf @@ -0,0 +1,31 @@ +data "azurerm_client_config" "current" {} + +terraform { + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "~>3.0" + } + azapi = { + source = "Azure/azapi" + version = "1.11.0" + } + } +} + +provider "azurerm" { + features {} +} + +provider "azapi" { +} + +resource "azurerm_resource_group" "default" { + name = "${var.prefix}mvnetrg" + location = var.location +} + +resource "random_integer" "suffix" { + min = 10000000 + max = 99999999 +} diff --git a/src/az-aml-managed-vnet/deploy/Terraform/variables.tf b/src/az-aml-managed-vnet/deploy/Terraform/variables.tf new file mode 100644 index 0000000..b22476a --- /dev/null +++ b/src/az-aml-managed-vnet/deploy/Terraform/variables.tf @@ -0,0 +1,23 @@ +variable "environment" { + type = string + description = "Name of the environment" + default = "poc" +} + +variable "location" { + type = string + description = "Location of the resources" + default = "centralindia" +} + +variable "prefix" { + type = string + description = "Prefix of the resource name" + default = "mvnetaml" +} + +variable "image_build_compute_name" { + type = string + description = "Name of the compute cluster to be created and set to build docker images" + default = "imgbuilder" +} diff --git a/src/az-aml-managed-vnet/deploy/Terraform/workspace.tf b/src/az-aml-managed-vnet/deploy/Terraform/workspace.tf new file mode 100644 index 0000000..1550ed4 --- /dev/null +++ b/src/az-aml-managed-vnet/deploy/Terraform/workspace.tf @@ -0,0 +1,113 @@ +# Dependent resources for Azure Machine Learning +resource "azurerm_application_insights" "default" { + name = "mvnet-${var.prefix}-${var.environment}" + location = azurerm_resource_group.default.location + resource_group_name = azurerm_resource_group.default.name + application_type = "web" +} + +resource "random_string" "kv_prefix" { + length = 4 + upper = false + special = false + numeric = false +} + +resource "azurerm_key_vault" "default" { + name = "kv-${random_string.kv_prefix.result}-${var.environment}" + location = azurerm_resource_group.default.location + resource_group_name = azurerm_resource_group.default.name + tenant_id = data.azurerm_client_config.current.tenant_id + sku_name = "premium" + purge_protection_enabled = true + + network_acls { + default_action = "Deny" + bypass = "AzureServices" + } + public_network_access_enabled = false +} + +resource "random_string" "sa_prefix" { + length = 4 + upper = false + special = false + numeric = false +} + +resource "azurerm_storage_account" "default" { + name = "sa${random_string.sa_prefix.result}${var.environment}" + location = azurerm_resource_group.default.location + resource_group_name = azurerm_resource_group.default.name + account_tier = "Standard" + account_replication_type = "GRS" + + network_rules { + default_action = "Deny" + bypass = ["AzureServices"] + } + public_network_access_enabled = false +} + +resource "azurerm_container_registry" "default" { + name = "acr${var.prefix}${var.environment}" + location = azurerm_resource_group.default.location + resource_group_name = azurerm_resource_group.default.name + sku = "Premium" + admin_enabled = true + + network_rule_set { + default_action = "Deny" + } + public_network_access_enabled = false +} + +resource "azapi_resource" "aml_workspace" { + type = "Microsoft.MachineLearningServices/workspaces@2023-10-01" + name = "${var.prefix}mvnetws" + location = var.location + parent_id = azurerm_resource_group.default.id + tags = { + vnettype = "managed" + } + identity { + type = "SystemAssigned" + } + body = jsonencode({ + properties = { + publicNetworkAccess = "Disabled" + applicationInsights = azurerm_application_insights.default.id + containerRegistry = azurerm_container_registry.default.id + hbiWorkspace = true + friendlyName = "AMLManagedVirtualNetwork" + # imageBuildCompute = azurerm_machine_learning_compute_cluster.image-builder.id + keyVault = azurerm_key_vault.default.id + managedNetwork = { + isolationMode = "AllowInternetOutbound" + status = { + sparkReady = true + status = "Active" + } + } + storageAccount = azurerm_storage_account.default.id + } + }) +} +# Compute cluster for image building required since the workspace is behind a vnet. +# For more details, see https://docs.microsoft.com/en-us/azure/machine-learning/tutorial-create-secure-workspace#configure-image-builds. +resource "azurerm_machine_learning_compute_cluster" "mvnetimagebuilder" { + name = var.image_build_compute_name + location = azurerm_resource_group.default.location + vm_priority = "LowPriority" + vm_size = "Standard_DS2_v2" + machine_learning_workspace_id = azapi_resource.aml_workspace.id + scale_settings { + min_node_count = 0 + max_node_count = 2 + scale_down_nodes_after_idle_duration = "PT15M" # 15 minutes + } + + identity { + type = "SystemAssigned" + } +} diff --git a/src/az-aml-managed-vnet/deploy/bicep/Install_Steps.md b/src/az-aml-managed-vnet/deploy/bicep/Install_Steps.md new file mode 100644 index 0000000..5810e5f --- /dev/null +++ b/src/az-aml-managed-vnet/deploy/bicep/Install_Steps.md @@ -0,0 +1,48 @@ +# Here are the steps to create managed virtual network ml workspace +### Create resource group "rg_poc" + az group create -l westus -n rg_poc +### create managed-vnet workspace "mlws_poc" in the resource group "rg_poc" + az ml workspace create --name mlws_poc --resource-group rg_poc --managed-network allow_only_approved_outbound + Options + --enable-data-isolation -e + + ### output + Creating Key Vault: (mlwspockeyvault87fdea5cb ) .. Done (23s) + Creating Log Analytics Workspace: (mlwspoclogalytia77f654d3 ) Done (22s) + Creating Storage Account: (mlwspocstoraged4813c4856 ) Done (27s) + Creating Application Insights: (mlwspocinsights7eb6d67ca ) Done (32s) + Creating AzureML Workspace: (mlws_poc ) .. Done (22s) + Total time : 57s + +### Create user defined outbound rules if required + az ml workspace create --file workspace.yaml --resource-group rg --name ws +### Disable public access for the workspace + az ml workspace update --name mlws_poc --resource-group rg_poc --public-network-access disabled +### Disable public network access for the Azure keyvault from the Azure Portal as the subscription of the managed-vnet is not known to execute the commands +### Enable trusted microsoft services to bypass the firewall for azure keyvault + Check "Allow trusted Microsoft services to bypass this firewall" from the Azure portal +### Enable purge protection for the key vault from the portal +### Disable public access for the storage account and select the preferred network routing as 'Microsoft' for the traffic +### Provision the network + az ml workspace provision-network -g rg_poc -n mlws_poc +### Create compute resource for the image build + az ml workspace update --name mlws_poc --resource-group rg_poc --image-build-compute mlws_poc_comput +# Here are the steps to create hub virtual network with private endpoint to managed-vnet workspace + +### Create hub vnet +### Create vm in hub vnet +### Create bastion in hub vnet +### Create inbound pe for workspace in the hub vnet + + # Create RBAC +# Technical Validations + 1. View workspace + az --list-defaults/-l --output/ -o table + az-ml-workspace-show + 3. Show details of a managed network outbound rules + az ml workspace outbound-rule list --workspace-name mlws_poc --resource-group rg_poc + az-ml-workspace-outbound-rule-show + +# Functional Validations +Create a VM in the Hub VNet, and connect it via Bastion into this VM to access the AML studio portal. Then create a new compute instance, it should succeed. + diff --git a/src/az-aml-managed-vnet/deploy/bicep/azuredeploy.parameters.sample.json b/src/az-aml-managed-vnet/deploy/bicep/azuredeploy.parameters.sample.json new file mode 100644 index 0000000..6213c41 --- /dev/null +++ b/src/az-aml-managed-vnet/deploy/bicep/azuredeploy.parameters.sample.json @@ -0,0 +1,30 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "vaults_keyvault_name": { + "value": "yogirenkv" + }, + "workspaces_name": { + "value": "yogirenws" + }, + "components_insights_name": { + "value": "yogirenin" + }, + "storageAccounts_name": { + "value": "yogirensa" + }, + "workspaces_logalyti_name": { + "value": "yougirenlog" + }, + "actionGroups_Application_Insights_Smart_Detection_name": { + "value": "yougirenaig" + }, + "smartdetectoralertrules_failure_anomalies_insights_name": { + "value": "yougirenfailure" + }, + "location" : { + "value": "australiaeast" + } + } +} \ No newline at end of file diff --git a/src/az-aml-managed-vnet/deploy/bicep/hub_deploy.bicep b/src/az-aml-managed-vnet/deploy/bicep/hub_deploy.bicep new file mode 100644 index 0000000..72e48ae --- /dev/null +++ b/src/az-aml-managed-vnet/deploy/bicep/hub_deploy.bicep @@ -0,0 +1,1040 @@ +param virtualMachines_hub_vm_name string +param virtualNetworks_hub_vnet_name string +param networkInterfaces_hub_vm_name string +param publicIPAddresses_hub_vm_ip_name string +param bastionHosts_hub_vnet_Bastion_name string +param networkSecurityGroups_hub_vm_nsg_name string +param privateEndpoints_pe_to_managedvnet_name string +param publicIPAddresses_hub_vnet_bastion_name string +param schedules_shutdown_computevm_hub_vm_name string +param privateDnsZones_privatelink_api_azureml_ms_name string +param privateDnsZones_privatelink_notebooks_azure_net_name string +param networkSecurityGroups_hub_vnet_default_nsg_australiaeast_name string +param privateDnsZones_privatelink_blob_core_windows_net_name string +param privateDnsZones_privatelink_file_core_windows_net_name string +param privateEndpoints_pe_managedvnet_storageaccount_file_name string +param networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name string +param storageAccounts_yogirensa_externalid string = '/subscriptions/06600e5d-08f4-4cad-b7ba-2c397f811d11/resourceGroups/yogiren/providers/Microsoft.Storage/storageAccounts/yogirensa' +param workspaces_yogirenws_externalid string = '/subscriptions/06600e5d-08f4-4cad-b7ba-2c397f811d11/resourceGroups/yogiren/providers/Microsoft.MachineLearningServices/workspaces/yogirenws' + +resource networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name_resource 'Microsoft.Network/networkSecurityGroups@2023-06-01' = { + name: networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name + location: 'australiaeast' + properties: { + securityRules: [ + { + name: 'AllowGatewayManager' + id: networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name_AllowGatewayManager.id + type: 'Microsoft.Network/networkSecurityGroups/securityRules' + properties: { + description: 'Allow GatewayManager' + protocol: '*' + sourcePortRange: '*' + destinationPortRange: '443' + sourceAddressPrefix: 'GatewayManager' + destinationAddressPrefix: '*' + access: 'Allow' + priority: 2702 + direction: 'Inbound' + sourcePortRanges: [] + destinationPortRanges: [] + sourceAddressPrefixes: [] + destinationAddressPrefixes: [] + } + } + { + name: 'AllowHttpsInBound' + id: networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name_AllowHttpsInBound.id + type: 'Microsoft.Network/networkSecurityGroups/securityRules' + properties: { + description: 'Allow HTTPs' + protocol: '*' + sourcePortRange: '*' + destinationPortRange: '443' + sourceAddressPrefix: 'Internet' + destinationAddressPrefix: '*' + access: 'Allow' + priority: 2703 + direction: 'Inbound' + sourcePortRanges: [] + destinationPortRanges: [] + sourceAddressPrefixes: [] + destinationAddressPrefixes: [] + } + } + { + name: 'AllowSshRdpOutbound' + id: networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name_AllowSshRdpOutbound.id + type: 'Microsoft.Network/networkSecurityGroups/securityRules' + properties: { + protocol: '*' + sourcePortRange: '*' + sourceAddressPrefix: '*' + destinationAddressPrefix: 'VirtualNetwork' + access: 'Allow' + priority: 100 + direction: 'Outbound' + sourcePortRanges: [] + destinationPortRanges: [ + '22' + '3389' + ] + sourceAddressPrefixes: [] + destinationAddressPrefixes: [] + } + } + { + name: 'AllowAzureCloudOutbound' + id: networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name_AllowAzureCloudOutbound.id + type: 'Microsoft.Network/networkSecurityGroups/securityRules' + properties: { + protocol: 'TCP' + sourcePortRange: '*' + destinationPortRange: '443' + sourceAddressPrefix: '*' + destinationAddressPrefix: 'AzureCloud' + access: 'Allow' + priority: 110 + direction: 'Outbound' + sourcePortRanges: [] + destinationPortRanges: [] + sourceAddressPrefixes: [] + destinationAddressPrefixes: [] + } + } + { + name: 'AllowCorpnet' + id: networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name_AllowCorpnet.id + type: 'Microsoft.Network/networkSecurityGroups/securityRules' + properties: { + description: 'CSS Governance Security Rule. Allow Corpnet inbound. https://aka.ms/casg' + protocol: '*' + sourcePortRange: '*' + destinationPortRange: '*' + sourceAddressPrefix: 'CorpNetPublic' + destinationAddressPrefix: '*' + access: 'Allow' + priority: 2700 + direction: 'Inbound' + sourcePortRanges: [] + destinationPortRanges: [] + sourceAddressPrefixes: [] + destinationAddressPrefixes: [] + } + } + { + name: 'AllowSAW' + id: networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name_AllowSAW.id + type: 'Microsoft.Network/networkSecurityGroups/securityRules' + properties: { + description: 'CSS Governance Security Rule. Allow SAW inbound. https://aka.ms/casg' + protocol: '*' + sourcePortRange: '*' + destinationPortRange: '*' + sourceAddressPrefix: 'CorpNetSaw' + destinationAddressPrefix: '*' + access: 'Allow' + priority: 2701 + direction: 'Inbound' + sourcePortRanges: [] + destinationPortRanges: [] + sourceAddressPrefixes: [] + destinationAddressPrefixes: [] + } + } + ] + } +} + +resource networkSecurityGroups_hub_vnet_default_nsg_australiaeast_name_resource 'Microsoft.Network/networkSecurityGroups@2023-06-01' = { + name: networkSecurityGroups_hub_vnet_default_nsg_australiaeast_name + location: 'australiaeast' + properties: { + securityRules: [ + { + name: 'AllowCorpnet' + id: networkSecurityGroups_hub_vnet_default_nsg_australiaeast_name_AllowCorpnet.id + type: 'Microsoft.Network/networkSecurityGroups/securityRules' + properties: { + description: 'CSS Governance Security Rule. Allow Corpnet inbound. https://aka.ms/casg' + protocol: '*' + sourcePortRange: '*' + destinationPortRange: '*' + sourceAddressPrefix: 'CorpNetPublic' + destinationAddressPrefix: '*' + access: 'Allow' + priority: 2700 + direction: 'Inbound' + sourcePortRanges: [] + destinationPortRanges: [] + sourceAddressPrefixes: [] + destinationAddressPrefixes: [] + } + } + { + name: 'AllowSAW' + id: networkSecurityGroups_hub_vnet_default_nsg_australiaeast_name_AllowSAW.id + type: 'Microsoft.Network/networkSecurityGroups/securityRules' + properties: { + description: 'CSS Governance Security Rule. Allow SAW inbound. https://aka.ms/casg' + protocol: '*' + sourcePortRange: '*' + destinationPortRange: '*' + sourceAddressPrefix: 'CorpNetSaw' + destinationAddressPrefix: '*' + access: 'Allow' + priority: 2701 + direction: 'Inbound' + sourcePortRanges: [] + destinationPortRanges: [] + sourceAddressPrefixes: [] + destinationAddressPrefixes: [] + } + } + ] + } +} + +resource networkSecurityGroups_hub_vm_nsg_name_resource 'Microsoft.Network/networkSecurityGroups@2023-06-01' = { + name: networkSecurityGroups_hub_vm_nsg_name + location: 'australiaeast' + properties: { + securityRules: [] + } +} + +resource privateDnsZones_privatelink_api_azureml_ms_name_resource 'Microsoft.Network/privateDnsZones@2018-09-01' = { + name: privateDnsZones_privatelink_api_azureml_ms_name + location: 'global' + properties: { + maxNumberOfRecordSets: 25000 + maxNumberOfVirtualNetworkLinks: 1000 + maxNumberOfVirtualNetworkLinksWithRegistration: 100 + numberOfRecordSets: 4 + numberOfVirtualNetworkLinks: 1 + numberOfVirtualNetworkLinksWithRegistration: 0 + provisioningState: 'Succeeded' + } +} + +resource privateDnsZones_privatelink_blob_core_windows_net_name_resource 'Microsoft.Network/privateDnsZones@2018-09-01' = { + name: privateDnsZones_privatelink_blob_core_windows_net_name + location: 'global' + tags: { + pe_to_managedvnet_blobstorage: '' + } + properties: { + maxNumberOfRecordSets: 25000 + maxNumberOfVirtualNetworkLinks: 1000 + maxNumberOfVirtualNetworkLinksWithRegistration: 100 + numberOfRecordSets: 1 + numberOfVirtualNetworkLinks: 1 + numberOfVirtualNetworkLinksWithRegistration: 0 + provisioningState: 'Succeeded' + } +} + +resource privateDnsZones_privatelink_file_core_windows_net_name_resource 'Microsoft.Network/privateDnsZones@2018-09-01' = { + name: privateDnsZones_privatelink_file_core_windows_net_name + location: 'global' + tags: { + pe_to_managedvnet_filestorage: '' + } + properties: { + maxNumberOfRecordSets: 25000 + maxNumberOfVirtualNetworkLinks: 1000 + maxNumberOfVirtualNetworkLinksWithRegistration: 100 + numberOfRecordSets: 2 + numberOfVirtualNetworkLinks: 1 + numberOfVirtualNetworkLinksWithRegistration: 0 + provisioningState: 'Succeeded' + } +} + +resource privateDnsZones_privatelink_notebooks_azure_net_name_resource 'Microsoft.Network/privateDnsZones@2018-09-01' = { + name: privateDnsZones_privatelink_notebooks_azure_net_name + location: 'global' + properties: { + maxNumberOfRecordSets: 25000 + maxNumberOfVirtualNetworkLinks: 1000 + maxNumberOfVirtualNetworkLinksWithRegistration: 100 + numberOfRecordSets: 2 + numberOfVirtualNetworkLinks: 1 + numberOfVirtualNetworkLinksWithRegistration: 0 + provisioningState: 'Succeeded' + } +} + +resource publicIPAddresses_hub_vnet_bastion_name_resource 'Microsoft.Network/publicIPAddresses@2023-06-01' = { + name: publicIPAddresses_hub_vnet_bastion_name + location: 'australiaeast' + sku: { + name: 'Standard' + tier: 'Regional' + } + properties: { + ipAddress: '20.245.156.188' + publicIPAddressVersion: 'IPv4' + publicIPAllocationMethod: 'Static' + idleTimeoutInMinutes: 4 + ipTags: [] + ddosSettings: { + protectionMode: 'VirtualNetworkInherited' + } + } +} + +resource publicIPAddresses_hub_vm_ip_name_resource 'Microsoft.Network/publicIPAddresses@2023-06-01' = { + name: publicIPAddresses_hub_vm_ip_name + location: 'australiaeast' + sku: { + name: 'Standard' + tier: 'Regional' + } + properties: { + ipAddress: '104.45.212.204' + publicIPAddressVersion: 'IPv4' + publicIPAllocationMethod: 'Static' + idleTimeoutInMinutes: 4 + ipTags: [] + } +} + +resource virtualMachines_hub_vm_name_resource 'Microsoft.Compute/virtualMachines@2023-03-01' = { + name: virtualMachines_hub_vm_name + location: 'australiaeast' + tags: { + Version: '20230516' + } + properties: { + hardwareProfile: { + vmSize: 'Standard_D2s_v3' + } + additionalCapabilities: { + hibernationEnabled: false + } + storageProfile: { + imageReference: { + publisher: 'microsoftwindowsdesktop' + offer: 'windows-11' + sku: 'win11-22h2-pro' + version: 'latest' + } + osDisk: { + osType: 'Windows' + name: '${virtualMachines_hub_vm_name}_disk1_fb8371d362704d8e92a5376e19249090' + createOption: 'FromImage' + caching: 'ReadWrite' + managedDisk: { + id: resourceId('Microsoft.Compute/disks', '${virtualMachines_hub_vm_name}_disk1_fb8371d362704d8e92a5376e19249090') + } + deleteOption: 'Delete' + } + dataDisks: [] + diskControllerType: 'SCSI' + } + osProfile: { + computerName: virtualMachines_hub_vm_name + adminUsername: '${virtualMachines_hub_vm_name}-admin' + windowsConfiguration: { + provisionVMAgent: true + enableAutomaticUpdates: true + patchSettings: { + patchMode: 'AutomaticByOS' + assessmentMode: 'ImageDefault' + enableHotpatching: false + } + enableVMAgentPlatformUpdates: false + } + secrets: [] + allowExtensionOperations: true + requireGuestProvisionSignal: true + } + securityProfile: { + uefiSettings: { + secureBootEnabled: true + vTpmEnabled: true + } + securityType: 'TrustedLaunch' + } + networkProfile: { + networkInterfaces: [ + { + id: networkInterfaces_hub_vm_name_resource.id + properties: { + deleteOption: 'Delete' + } + } + ] + } + diagnosticsProfile: { + bootDiagnostics: { + enabled: true + } + } + licenseType: 'Windows_Client' + } +} + +resource schedules_shutdown_computevm_hub_vm_name_resource 'microsoft.devtestlab/schedules@2018-09-15' = { + name: schedules_shutdown_computevm_hub_vm_name + location: 'australiaeast' + properties: { + status: 'Enabled' + taskType: 'ComputeVmShutdownTask' + dailyRecurrence: { + time: '1900' + } + timeZoneId: 'UTC' + notificationSettings: { + status: 'Enabled' + timeInMinutes: 30 + emailRecipient: 'admin@MngEnvMCAP455457.onmicrosoft.com' + notificationLocale: 'en' + } + targetResourceId: virtualMachines_hub_vm_name_resource.id + } +} + +resource networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name_AllowAzureCloudOutbound 'Microsoft.Network/networkSecurityGroups/securityRules@2023-06-01' = { + name: '${networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name}/AllowAzureCloudOutbound' + properties: { + protocol: 'TCP' + sourcePortRange: '*' + destinationPortRange: '443' + sourceAddressPrefix: '*' + destinationAddressPrefix: 'AzureCloud' + access: 'Allow' + priority: 110 + direction: 'Outbound' + sourcePortRanges: [] + destinationPortRanges: [] + sourceAddressPrefixes: [] + destinationAddressPrefixes: [] + } + dependsOn: [ + networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name_resource + ] +} + +resource networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name_AllowCorpnet 'Microsoft.Network/networkSecurityGroups/securityRules@2023-06-01' = { + name: '${networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name}/AllowCorpnet' + properties: { + description: 'CSS Governance Security Rule. Allow Corpnet inbound. https://aka.ms/casg' + protocol: '*' + sourcePortRange: '*' + destinationPortRange: '*' + sourceAddressPrefix: 'CorpNetPublic' + destinationAddressPrefix: '*' + access: 'Allow' + priority: 2700 + direction: 'Inbound' + sourcePortRanges: [] + destinationPortRanges: [] + sourceAddressPrefixes: [] + destinationAddressPrefixes: [] + } + dependsOn: [ + networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name_resource + ] +} + +resource networkSecurityGroups_hub_vnet_default_nsg_australiaeast_name_AllowCorpnet 'Microsoft.Network/networkSecurityGroups/securityRules@2023-06-01' = { + name: '${networkSecurityGroups_hub_vnet_default_nsg_australiaeast_name}/AllowCorpnet' + properties: { + description: 'CSS Governance Security Rule. Allow Corpnet inbound. https://aka.ms/casg' + protocol: '*' + sourcePortRange: '*' + destinationPortRange: '*' + sourceAddressPrefix: 'CorpNetPublic' + destinationAddressPrefix: '*' + access: 'Allow' + priority: 2700 + direction: 'Inbound' + sourcePortRanges: [] + destinationPortRanges: [] + sourceAddressPrefixes: [] + destinationAddressPrefixes: [] + } + dependsOn: [ + networkSecurityGroups_hub_vnet_default_nsg_australiaeast_name_resource + ] +} + +resource networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name_AllowGatewayManager 'Microsoft.Network/networkSecurityGroups/securityRules@2023-06-01' = { + name: '${networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name}/AllowGatewayManager' + properties: { + description: 'Allow GatewayManager' + protocol: '*' + sourcePortRange: '*' + destinationPortRange: '443' + sourceAddressPrefix: 'GatewayManager' + destinationAddressPrefix: '*' + access: 'Allow' + priority: 2702 + direction: 'Inbound' + sourcePortRanges: [] + destinationPortRanges: [] + sourceAddressPrefixes: [] + destinationAddressPrefixes: [] + } + dependsOn: [ + networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name_resource + ] +} + +resource networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name_AllowHttpsInBound 'Microsoft.Network/networkSecurityGroups/securityRules@2023-06-01' = { + name: '${networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name}/AllowHttpsInBound' + properties: { + description: 'Allow HTTPs' + protocol: '*' + sourcePortRange: '*' + destinationPortRange: '443' + sourceAddressPrefix: 'Internet' + destinationAddressPrefix: '*' + access: 'Allow' + priority: 2703 + direction: 'Inbound' + sourcePortRanges: [] + destinationPortRanges: [] + sourceAddressPrefixes: [] + destinationAddressPrefixes: [] + } + dependsOn: [ + networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name_resource + ] +} + +resource networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name_AllowSAW 'Microsoft.Network/networkSecurityGroups/securityRules@2023-06-01' = { + name: '${networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name}/AllowSAW' + properties: { + description: 'CSS Governance Security Rule. Allow SAW inbound. https://aka.ms/casg' + protocol: '*' + sourcePortRange: '*' + destinationPortRange: '*' + sourceAddressPrefix: 'CorpNetSaw' + destinationAddressPrefix: '*' + access: 'Allow' + priority: 2701 + direction: 'Inbound' + sourcePortRanges: [] + destinationPortRanges: [] + sourceAddressPrefixes: [] + destinationAddressPrefixes: [] + } + dependsOn: [ + networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name_resource + ] +} + +resource networkSecurityGroups_hub_vnet_default_nsg_australiaeast_name_AllowSAW 'Microsoft.Network/networkSecurityGroups/securityRules@2023-06-01' = { + name: '${networkSecurityGroups_hub_vnet_default_nsg_australiaeast_name}/AllowSAW' + properties: { + description: 'CSS Governance Security Rule. Allow SAW inbound. https://aka.ms/casg' + protocol: '*' + sourcePortRange: '*' + destinationPortRange: '*' + sourceAddressPrefix: 'CorpNetSaw' + destinationAddressPrefix: '*' + access: 'Allow' + priority: 2701 + direction: 'Inbound' + sourcePortRanges: [] + destinationPortRanges: [] + sourceAddressPrefixes: [] + destinationAddressPrefixes: [] + } + dependsOn: [ + networkSecurityGroups_hub_vnet_default_nsg_australiaeast_name_resource + ] +} + +resource networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name_AllowSshRdpOutbound 'Microsoft.Network/networkSecurityGroups/securityRules@2023-06-01' = { + name: '${networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name}/AllowSshRdpOutbound' + properties: { + protocol: '*' + sourcePortRange: '*' + sourceAddressPrefix: '*' + destinationAddressPrefix: 'VirtualNetwork' + access: 'Allow' + priority: 100 + direction: 'Outbound' + sourcePortRanges: [] + destinationPortRanges: [ + '22' + '3389' + ] + sourceAddressPrefixes: [] + destinationAddressPrefixes: [] + } + dependsOn: [ + networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name_resource + ] +} + +resource privateDnsZones_privatelink_api_azureml_ms_name_419b3a2c_288c_4391_9f1e_236c0b6e471b_inference_australiaeast 'Microsoft.Network/privateDnsZones/A@2018-09-01' = { + parent: privateDnsZones_privatelink_api_azureml_ms_name_resource + name: '*.419b3a2c-288c-4391-9f1e-236c0b6e471b.inference.australiaeast' + properties: { + metadata: { + creator: 'created by private endpoint pe_to_managedvnet with resource guid 4963c503-c8dc-4933-854e-ad8aede94e27' + } + ttl: 10 + aRecords: [ + { + ipv4Address: '10.0.0.6' + } + ] + } +} + +resource privateDnsZones_privatelink_api_azureml_ms_name_419b3a2c_288c_4391_9f1e_236c0b6e471b_workspace_australiaeast 'Microsoft.Network/privateDnsZones/A@2018-09-01' = { + parent: privateDnsZones_privatelink_api_azureml_ms_name_resource + name: '419b3a2c-288c-4391-9f1e-236c0b6e471b.workspace.australiaeast' + properties: { + metadata: { + creator: 'created by private endpoint pe_to_managedvnet with resource guid 4963c503-c8dc-4933-854e-ad8aede94e27' + } + ttl: 10 + aRecords: [ + { + ipv4Address: '10.0.0.4' + } + ] + } +} + +resource privateDnsZones_privatelink_api_azureml_ms_name_419b3a2c_288c_4391_9f1e_236c0b6e471b_workspace_australiaeast_cert 'Microsoft.Network/privateDnsZones/A@2018-09-01' = { + parent: privateDnsZones_privatelink_api_azureml_ms_name_resource + name: '419b3a2c-288c-4391-9f1e-236c0b6e471b.workspace.australiaeast.cert' + properties: { + metadata: { + creator: 'created by private endpoint pe_to_managedvnet with resource guid 4963c503-c8dc-4933-854e-ad8aede94e27' + } + ttl: 10 + aRecords: [ + { + ipv4Address: '10.0.0.4' + } + ] + } +} + +resource privateDnsZones_privatelink_notebooks_azure_net_name_ml_mlwspoc_australiaeast_419b3a2c_288c_4391_9f1e_236c0b6e471b_australiaeast 'Microsoft.Network/privateDnsZones/A@2018-09-01' = { + parent: privateDnsZones_privatelink_notebooks_azure_net_name_resource + name: 'ml-mlwspoc-australiaeast-419b3a2c-288c-4391-9f1e-236c0b6e471b.australiaeast' + properties: { + metadata: { + creator: 'created by private endpoint pe_to_managedvnet with resource guid 4963c503-c8dc-4933-854e-ad8aede94e27' + } + ttl: 10 + aRecords: [ + { + ipv4Address: '10.0.0.5' + } + ] + } +} + +resource privateDnsZones_privatelink_file_core_windows_net_name_yogirensa 'Microsoft.Network/privateDnsZones/A@2018-09-01' = { + parent: privateDnsZones_privatelink_file_core_windows_net_name_resource + name: 'yogirensa' + properties: { + metadata: { + creator: 'created by private endpoint pe_managedvnet_storageaccount_file with resource guid 3d51d363-0b9a-45fa-b19a-bb20cb1f13ea' + } + ttl: 10 + aRecords: [ + { + ipv4Address: '10.0.0.8' + } + ] + } +} + +resource Microsoft_Network_privateDnsZones_SOA_privateDnsZones_privatelink_api_azureml_ms_name 'Microsoft.Network/privateDnsZones/SOA@2018-09-01' = { + parent: privateDnsZones_privatelink_api_azureml_ms_name_resource + name: '@' + properties: { + ttl: 3600 + soaRecord: { + email: 'azureprivatedns-host.microsoft.com' + expireTime: 2419200 + host: 'azureprivatedns.net' + minimumTtl: 10 + refreshTime: 3600 + retryTime: 300 + serialNumber: 1 + } + } +} + +resource Microsoft_Network_privateDnsZones_SOA_privateDnsZones_privatelink_blob_core_windows_net_name 'Microsoft.Network/privateDnsZones/SOA@2018-09-01' = { + parent: privateDnsZones_privatelink_blob_core_windows_net_name_resource + name: '@' + properties: { + ttl: 3600 + soaRecord: { + email: 'azureprivatedns-host.microsoft.com' + expireTime: 2419200 + host: 'azureprivatedns.net' + minimumTtl: 10 + refreshTime: 3600 + retryTime: 300 + serialNumber: 1 + } + } +} + +resource Microsoft_Network_privateDnsZones_SOA_privateDnsZones_privatelink_file_core_windows_net_name 'Microsoft.Network/privateDnsZones/SOA@2018-09-01' = { + parent: privateDnsZones_privatelink_file_core_windows_net_name_resource + name: '@' + properties: { + ttl: 3600 + soaRecord: { + email: 'azureprivatedns-host.microsoft.com' + expireTime: 2419200 + host: 'azureprivatedns.net' + minimumTtl: 10 + refreshTime: 3600 + retryTime: 300 + serialNumber: 1 + } + } +} + +resource Microsoft_Network_privateDnsZones_SOA_privateDnsZones_privatelink_notebooks_azure_net_name 'Microsoft.Network/privateDnsZones/SOA@2018-09-01' = { + parent: privateDnsZones_privatelink_notebooks_azure_net_name_resource + name: '@' + properties: { + ttl: 3600 + soaRecord: { + email: 'azureprivatedns-host.microsoft.com' + expireTime: 2419200 + host: 'azureprivatedns.net' + minimumTtl: 10 + refreshTime: 3600 + retryTime: 300 + serialNumber: 1 + } + } +} + +resource privateEndpoints_pe_managedvnet_storageaccount_file_name_resource 'Microsoft.Network/privateEndpoints@2023-06-01' = { + name: privateEndpoints_pe_managedvnet_storageaccount_file_name + location: 'australiaeast' + tags: { + pe_to_managedvnet_filestorage: '' + } + properties: { + privateLinkServiceConnections: [ + { + name: privateEndpoints_pe_managedvnet_storageaccount_file_name + id: '${privateEndpoints_pe_managedvnet_storageaccount_file_name_resource.id}/privateLinkServiceConnections/${privateEndpoints_pe_managedvnet_storageaccount_file_name}' + properties: { + privateLinkServiceId: storageAccounts_yogirensa_externalid + groupIds: [ + 'file' + ] + privateLinkServiceConnectionState: { + status: 'Approved' + description: 'Auto-Approved' + actionsRequired: 'None' + } + } + } + ] + manualPrivateLinkServiceConnections: [] + customNetworkInterfaceName: '${privateEndpoints_pe_managedvnet_storageaccount_file_name}-nic' + subnet: { + id: virtualNetworks_hub_vnet_name_default.id + } + ipConfigurations: [] + customDnsConfigs: [] + } +} + +resource privateEndpoints_pe_to_managedvnet_name_resource 'Microsoft.Network/privateEndpoints@2023-06-01' = { + name: privateEndpoints_pe_to_managedvnet_name + location: 'australiaeast' + properties: { + privateLinkServiceConnections: [ + { + name: privateEndpoints_pe_to_managedvnet_name + id: '${privateEndpoints_pe_to_managedvnet_name_resource.id}/privateLinkServiceConnections/${privateEndpoints_pe_to_managedvnet_name}' + properties: { + privateLinkServiceId: workspaces_yogirenws_externalid + groupIds: [ + 'amlworkspace' + ] + privateLinkServiceConnectionState: { + status: 'Approved' + description: 'Auto-Approved' + actionsRequired: 'None' + } + } + } + ] + manualPrivateLinkServiceConnections: [] + customNetworkInterfaceName: '${privateEndpoints_pe_to_managedvnet_name}-nic' + subnet: { + id: virtualNetworks_hub_vnet_name_default.id + } + ipConfigurations: [] + customDnsConfigs: [] + } +} + +resource bastionHosts_hub_vnet_Bastion_name_resource 'Microsoft.Network/bastionHosts@2023-06-01' = { + name: bastionHosts_hub_vnet_Bastion_name + location: 'australiaeast' + sku: { + name: 'Basic' + } + properties: { + dnsName: 'bst-55021bc8-81b0-49cf-a522-34f443c7290d.bastion.azure.com' + scaleUnits: 2 + ipConfigurations: [ + { + name: 'IpConf' + id: '${bastionHosts_hub_vnet_Bastion_name_resource.id}/bastionHostIpConfigurations/IpConf' + properties: { + privateIPAllocationMethod: 'Dynamic' + publicIPAddress: { + id: publicIPAddresses_hub_vnet_bastion_name_resource.id + } + subnet: { + id: virtualNetworks_hub_vnet_name_AzureBastionSubnet.id + } + } + } + ] + } +} + +resource privateDnsZones_privatelink_api_azureml_ms_name_346zkpdsdmsgk 'Microsoft.Network/privateDnsZones/virtualNetworkLinks@2018-09-01' = { + parent: privateDnsZones_privatelink_api_azureml_ms_name_resource + name: '346zkpdsdmsgk' + location: 'global' + properties: { + registrationEnabled: false + virtualNetwork: { + id: virtualNetworks_hub_vnet_name_resource.id + } + } +} + +resource privateDnsZones_privatelink_blob_core_windows_net_name_346zkpdsdmsgk 'Microsoft.Network/privateDnsZones/virtualNetworkLinks@2018-09-01' = { + parent: privateDnsZones_privatelink_blob_core_windows_net_name_resource + name: '346zkpdsdmsgk' + location: 'global' + properties: { + registrationEnabled: false + virtualNetwork: { + id: virtualNetworks_hub_vnet_name_resource.id + } + } +} + +resource privateDnsZones_privatelink_file_core_windows_net_name_346zkpdsdmsgk 'Microsoft.Network/privateDnsZones/virtualNetworkLinks@2018-09-01' = { + parent: privateDnsZones_privatelink_file_core_windows_net_name_resource + name: '346zkpdsdmsgk' + location: 'global' + properties: { + registrationEnabled: false + virtualNetwork: { + id: virtualNetworks_hub_vnet_name_resource.id + } + } +} + +resource privateDnsZones_privatelink_notebooks_azure_net_name_346zkpdsdmsgk 'Microsoft.Network/privateDnsZones/virtualNetworkLinks@2018-09-01' = { + parent: privateDnsZones_privatelink_notebooks_azure_net_name_resource + name: '346zkpdsdmsgk' + location: 'global' + properties: { + registrationEnabled: false + virtualNetwork: { + id: virtualNetworks_hub_vnet_name_resource.id + } + } +} + +resource privateEndpoints_pe_managedvnet_storageaccount_file_name_default 'Microsoft.Network/privateEndpoints/privateDnsZoneGroups@2023-06-01' = { + name: '${privateEndpoints_pe_managedvnet_storageaccount_file_name}/default' + properties: { + privateDnsZoneConfigs: [ + { + name: 'privatelink-file-core-windows-net' + properties: { + privateDnsZoneId: privateDnsZones_privatelink_file_core_windows_net_name_resource.id + } + } + ] + } + dependsOn: [ + privateEndpoints_pe_managedvnet_storageaccount_file_name_resource + + ] +} + +resource virtualNetworks_hub_vnet_name_resource 'Microsoft.Network/virtualNetworks@2023-06-01' = { + name: virtualNetworks_hub_vnet_name + location: 'australiaeast' + properties: { + addressSpace: { + addressPrefixes: [ + '10.0.0.0/16' + ] + } + encryption: { + enabled: false + enforcement: 'AllowUnencrypted' + } + dhcpOptions: { + dnsServers: [] + } + subnets: [ + { + name: 'default' + id: virtualNetworks_hub_vnet_name_default.id + properties: { + addressPrefix: '10.0.0.0/24' + networkSecurityGroup: { + id: networkSecurityGroups_hub_vnet_default_nsg_australiaeast_name_resource.id + } + serviceEndpoints: [] + delegations: [] + privateEndpointNetworkPolicies: 'Disabled' + privateLinkServiceNetworkPolicies: 'Enabled' + defaultOutboundAccess: true + } + type: 'Microsoft.Network/virtualNetworks/subnets' + } + { + name: 'AzureBastionSubnet' + id: virtualNetworks_hub_vnet_name_AzureBastionSubnet.id + properties: { + addressPrefix: '10.0.1.0/26' + networkSecurityGroup: { + id: networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name_resource.id + } + serviceEndpoints: [] + delegations: [] + privateEndpointNetworkPolicies: 'Disabled' + privateLinkServiceNetworkPolicies: 'Enabled' + defaultOutboundAccess: true + } + type: 'Microsoft.Network/virtualNetworks/subnets' + } + ] + virtualNetworkPeerings: [] + enableDdosProtection: false + } +} + +resource virtualNetworks_hub_vnet_name_AzureBastionSubnet 'Microsoft.Network/virtualNetworks/subnets@2023-06-01' = { + name: '${virtualNetworks_hub_vnet_name}/AzureBastionSubnet' + properties: { + addressPrefix: '10.0.1.0/26' + networkSecurityGroup: { + id: networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name_resource.id + } + serviceEndpoints: [] + delegations: [] + privateEndpointNetworkPolicies: 'Disabled' + privateLinkServiceNetworkPolicies: 'Enabled' + defaultOutboundAccess: true + } + dependsOn: [ + virtualNetworks_hub_vnet_name_resource + + ] +} + +resource virtualNetworks_hub_vnet_name_default 'Microsoft.Network/virtualNetworks/subnets@2023-06-01' = { + name: '${virtualNetworks_hub_vnet_name}/default' + properties: { + addressPrefix: '10.0.0.0/24' + networkSecurityGroup: { + id: networkSecurityGroups_hub_vnet_default_nsg_australiaeast_name_resource.id + } + serviceEndpoints: [] + delegations: [] + privateEndpointNetworkPolicies: 'Disabled' + privateLinkServiceNetworkPolicies: 'Enabled' + defaultOutboundAccess: true + } + dependsOn: [ + virtualNetworks_hub_vnet_name_resource + + ] +} + +resource networkInterfaces_hub_vm665_name_resource 'Microsoft.Network/networkInterfaces@2023-06-01' = { + name: networkInterfaces_hub_vm665_name + location: 'australiaeast' + kind: 'Regular' + properties: { + ipConfigurations: [ + { + name: 'ipconfig1' + id: '${networkInterfaces_hub_vm665_name_resource.id}/ipConfigurations/ipconfig1' + etag: 'W/"5d733dfe-5b2c-45d3-b530-590734769758"' + type: 'Microsoft.Network/networkInterfaces/ipConfigurations' + properties: { + provisioningState: 'Succeeded' + privateIPAddress: '10.0.0.7' + privateIPAllocationMethod: 'Dynamic' + publicIPAddress: { + id: publicIPAddresses_hub_vm_ip_name_resource.id + properties: { + deleteOption: 'Delete' + } + } + subnet: { + id: virtualNetworks_hub_vnet_name_default.id + } + primary: true + privateIPAddressVersion: 'IPv4' + } + } + ] + dnsSettings: { + dnsServers: [] + } + enableAcceleratedNetworking: true + enableIPForwarding: false + disableTcpStateTracking: false + networkSecurityGroup: { + id: networkSecurityGroups_hub_vm_nsg_name_resource.id + } + nicType: 'Standard' + auxiliaryMode: 'None' + auxiliarySku: 'None' + } +} + +resource privateEndpoints_pe_to_managedvnet_name_default 'Microsoft.Network/privateEndpoints/privateDnsZoneGroups@2023-06-01' = { + name: '${privateEndpoints_pe_to_managedvnet_name}/default' + properties: { + privateDnsZoneConfigs: [ + { + name: 'privatelink-api-azureml-ms' + properties: { + privateDnsZoneId: privateDnsZones_privatelink_api_azureml_ms_name_resource.id + } + } + { + name: 'privatelink-notebooks-azure-net' + properties: { + privateDnsZoneId: privateDnsZones_privatelink_notebooks_azure_net_name_resource.id + } + } + ] + } + dependsOn: [ + privateEndpoints_pe_to_managedvnet_name_resource + + ] +} diff --git a/src/az-aml-managed-vnet/deploy/bicep/hub_parameters.json b/src/az-aml-managed-vnet/deploy/bicep/hub_parameters.json new file mode 100644 index 0000000..af2c785 --- /dev/null +++ b/src/az-aml-managed-vnet/deploy/bicep/hub_parameters.json @@ -0,0 +1,60 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "virtualMachines_hub_vm_name": { + "value": "hub-vm" + }, + "virtualNetworks_hub_vnet_name": { + "value": "hub_vnet" + }, + "networkInterfaces_hub_vm_name": { + "value": "hub-vm-nic" + }, + "publicIPAddresses_hub_vm_ip_name": { + "value": "hub-vm-ip" + }, + "bastionHosts_hub_vnet_Bastion_name": { + "value": "hub_vnet-Bastion" + }, + "networkSecurityGroups_hub_vm_nsg_name": { + "value": "hub-vm-nsg" + }, + "privateEndpoints_pe_to_managedvnet_name": { + "value": "pe_to_managedvnet" + }, + "publicIPAddresses_hub_vnet_bastion_name": { + "value": "hub_vnet-bastion" + }, + "schedules_shutdown_computevm_hub_vm_name": { + "value": "shutdown-computevm-hub-vm" + }, + "privateDnsZones_privatelink_api_azureml_ms_name": { + "value": "privatelink.api.azureml.ms" + }, + "privateDnsZones_privatelink_notebooks_azure_net_name": { + "value": "privatelink.notebooks.azure.net" + }, + "networkSecurityGroups_hub_vnet_default_nsg_australiaeast_name": { + "value": "hub_vnet-default-nsg-australiaeast" + }, + "privateDnsZones_privatelink_blob_core_windows_net_name": { + "value": "privatelink.blob.core.windows.net" + }, + "privateDnsZones_privatelink_file_core_windows_net_name": { + "value": "privatelink.file.core.windows.net" + }, + "privateEndpoints_pe_managedvnet_storageaccount_file_name": { + "value": "pe_managedvnet_storageaccount_file" + }, + "networkSecurityGroups_hub_vnet_AzureBastionSubnet_nsg_australiaeast_name": { + "value": "hub_vnet-AzureBastionSubnet-nsg-australiaeast" + }, + "storageAccounts_yogirensa_externalid": { + "value": "/subscriptions/06600e5d-08f4-4cad-b7ba-2c397f811d11/resourceGroups/yogiren/providers/Microsoft.Storage/storageAccounts/yogirensa" + }, + "workspaces_yogirenws_externalid": { + "value": "/subscriptions/06600e5d-08f4-4cad-b7ba-2c397f811d11/resourceGroups/yogiren/providers/Microsoft.MachineLearningServices/workspaces/yogirenws" + } + } +} diff --git a/src/az-aml-managed-vnet/deploy/bicep/spoke_deploy.bicep b/src/az-aml-managed-vnet/deploy/bicep/spoke_deploy.bicep new file mode 100644 index 0000000..6df44e2 --- /dev/null +++ b/src/az-aml-managed-vnet/deploy/bicep/spoke_deploy.bicep @@ -0,0 +1,8148 @@ +param vaults_keyvault_name string +param workspaces_name string +param components_insights_name string +param storageAccounts_name string +param workspaces_logalyti_name string +param actionGroups_Application_Insights_Smart_Detection_name string +param smartdetectoralertrules_failure_anomalies_insights_name string + +@description('location') +param location string = 'australiaeast' + + +resource actionGroups_Application_Insights_Smart_Detection_name_resource 'microsoft.insights/actionGroups@2023-01-01' = { + name: actionGroups_Application_Insights_Smart_Detection_name + location: 'Global' + properties: { + groupShortName: 'SmartDetect' + enabled: true + emailReceivers: [] + smsReceivers: [] + webhookReceivers: [] + eventHubReceivers: [] + itsmReceivers: [] + azureAppPushReceivers: [] + automationRunbookReceivers: [] + voiceReceivers: [] + logicAppReceivers: [] + azureFunctionReceivers: [] + armRoleReceivers: [ + { + name: 'Monitoring Contributor' + roleId: '749f88d5-cbae-40b8-bcfc-e573ddc772fa' + useCommonAlertSchema: true + } + { + name: 'Monitoring Reader' + roleId: '43d0d8ad-25c7-4714-9337-8ba259a9fe05' + useCommonAlertSchema: true + } + ] + } +} + +resource vaults_keyvault_name_resource 'Microsoft.KeyVault/vaults@2023-07-01' = { + name: vaults_keyvault_name + location: resourceGroup().location + tags: { + createdByToolkit: 'cli-v2-1.12.0' + } + properties: { + sku: { + family: 'A' + name: 'standard' + } + tenantId: 'e7efedc6-8c5e-4c6a-ab6f-3e02c09e1c96' + networkAcls: { + bypass: 'AzureServices' + defaultAction: 'Deny' + ipRules: [] + virtualNetworkRules: [] + } + accessPolicies: [ + { + tenantId: 'e7efedc6-8c5e-4c6a-ab6f-3e02c09e1c96' + objectId: '39514c6c-026d-4718-8e2d-5973216f17fb' + permissions: { + keys: [ + 'Get' + 'List' + 'Update' + 'Create' + 'Import' + 'Delete' + 'Recover' + 'Backup' + 'Restore' + 'Decrypt' + 'Encrypt' + 'UnwrapKey' + 'WrapKey' + 'Verify' + 'Sign' + 'Release' + 'Rotate' + 'GetRotationPolicy' + 'SetRotationPolicy' + 'Get' + 'List' + 'Update' + 'Create' + 'Import' + 'Delete' + 'Recover' + 'Backup' + 'Restore' + 'Decrypt' + 'Encrypt' + 'UnwrapKey' + 'WrapKey' + 'Verify' + 'Sign' + 'Release' + 'Rotate' + 'GetRotationPolicy' + 'SetRotationPolicy' + ] + secrets: [ + 'Get' + 'List' + 'Set' + 'Delete' + 'Recover' + 'Backup' + 'Restore' + 'Get' + 'List' + 'Set' + 'Delete' + 'Recover' + 'Backup' + 'Restore' + ] + certificates: [ + 'Get' + 'List' + 'Update' + 'Create' + 'Import' + 'Delete' + 'Recover' + 'Backup' + 'Restore' + 'ManageContacts' + 'ManageIssuers' + 'GetIssuers' + 'ListIssuers' + 'SetIssuers' + 'DeleteIssuers' + 'Get' + 'List' + 'Update' + 'Create' + 'Import' + 'Delete' + 'Recover' + 'Backup' + 'Restore' + 'ManageContacts' + 'ManageIssuers' + 'GetIssuers' + 'ListIssuers' + 'SetIssuers' + 'DeleteIssuers' + ] + storage: [] + } + } + ] + enabledForDeployment: false + enabledForDiskEncryption: false + enabledForTemplateDeployment: false + enableSoftDelete: true + softDeleteRetentionInDays: 90 + enableRbacAuthorization: true + enablePurgeProtection: true + publicNetworkAccess: 'Disabled' + } +} +output vaults_keyvault_name_resourceUri string = vaults_keyvault_name_resource.id + +resource workspaces_logalyti_name_resource 'Microsoft.OperationalInsights/workspaces@2021-12-01-preview' = { + name: workspaces_logalyti_name + location: resourceGroup().location + tags: { + createdByToolkit: 'cli-v2-1.12.0' + } + properties: { + sku: { + name: 'PerGB2018' + } + retentionInDays: 30 + features: { + enableLogAccessUsingOnlyResourcePermissions: true + } + workspaceCapping: { + dailyQuotaGb: -1 + } + publicNetworkAccessForIngestion: 'Enabled' + publicNetworkAccessForQuery: 'Enabled' + } +} + +resource storageAccounts_name_resource 'Microsoft.Storage/storageAccounts@2023-01-01' = { + name: storageAccounts_name + location: location + tags: { + createdByToolkit: 'cli-v2-1.12.0' + } + sku: { + name: 'Standard_LRS' + } + kind: 'StorageV2' + properties: { + defaultToOAuthAuthentication: false + publicNetworkAccess: 'Disabled' + sasPolicy: { + sasExpirationPeriod: '30.00:00:00' + expirationAction: 'Log' + } + allowCrossTenantReplication: false + routingPreference: { + routingChoice: 'MicrosoftRouting' + publishMicrosoftEndpoints: true + publishInternetEndpoints: false + } + minimumTlsVersion: 'TLS1_2' + allowBlobPublicAccess: false + allowSharedKeyAccess: true + isHnsEnabled: false + networkAcls: { + resourceAccessRules: [] + bypass: 'AzureServices' + virtualNetworkRules: [] + ipRules: [] + defaultAction: 'Deny' + } + supportsHttpsTrafficOnly: true + encryption: { + services: { + file: { + keyType: 'Account' + enabled: true + } + blob: { + keyType: 'Account' + enabled: true + } + } + keySource: 'Microsoft.Storage' + } + accessTier: 'Hot' + } +} + +resource components_insights_name_resource 'microsoft.insights/components@2020-02-02' = { + name: components_insights_name + location: location + tags: { + createdByToolkit: 'cli-v2-1.12.0' + } + kind: 'web' + properties: { + Application_Type: 'web' + RetentionInDays: 90 + WorkspaceResourceId: workspaces_logalyti_name_resource.id + IngestionMode: 'LogAnalytics' + publicNetworkAccessForIngestion: 'Enabled' + publicNetworkAccessForQuery: 'Enabled' + } +} + +resource components_insights_name_degradationindependencyduration 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = { + parent: components_insights_name_resource + name: 'degradationindependencyduration' + + properties: { + RuleDefinitions: { + Name: 'degradationindependencyduration' + DisplayName: 'Degradation in dependency duration' + Description: 'Smart Detection rules notify you of performance anomaly issues.' + HelpUrl: 'https://docs.microsoft.com/en-us/azure/application-insights/app-insights-proactive-performance-diagnostics' + IsHidden: false + IsEnabledByDefault: true + IsInPreview: false + SupportsEmailNotifications: true + } + Enabled: true + SendEmailsToSubscriptionOwners: true + CustomEmails: [] + } +} + +resource components_insights_name_degradationinserverresponsetime 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = { + parent: components_insights_name_resource + name: 'degradationinserverresponsetime' + location: location + properties: { + RuleDefinitions: { + Name: 'degradationinserverresponsetime' + DisplayName: 'Degradation in server response time' + Description: 'Smart Detection rules notify you of performance anomaly issues.' + HelpUrl: 'https://docs.microsoft.com/en-us/azure/application-insights/app-insights-proactive-performance-diagnostics' + IsHidden: false + IsEnabledByDefault: true + IsInPreview: false + SupportsEmailNotifications: true + } + Enabled: true + SendEmailsToSubscriptionOwners: true + CustomEmails: [] + } +} + +resource components_insights_name_digestMailConfiguration 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = { + parent: components_insights_name_resource + name: 'digestMailConfiguration' + location: location + properties: { + RuleDefinitions: { + Name: 'digestMailConfiguration' + DisplayName: 'Digest Mail Configuration' + Description: 'This rule describes the digest mail preferences' + HelpUrl: 'www.homail.com' + IsHidden: true + IsEnabledByDefault: true + IsInPreview: false + SupportsEmailNotifications: true + } + Enabled: true + SendEmailsToSubscriptionOwners: true + CustomEmails: [] + } +} + +resource components_insights_name_extension_billingdatavolumedailyspikeextension 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = { + parent: components_insights_name_resource + name: 'extension_billingdatavolumedailyspikeextension' + location: location + properties: { + RuleDefinitions: { + Name: 'extension_billingdatavolumedailyspikeextension' + DisplayName: 'Abnormal rise in daily data volume (preview)' + Description: 'This detection rule automatically analyzes the billing data generated by your application, and can warn you about an unusual increase in your application\'s billing costs' + HelpUrl: 'https://github.com/Microsoft/ApplicationInsights-Home/tree/master/SmartDetection/billing-data-volume-daily-spike.md' + IsHidden: false + IsEnabledByDefault: true + IsInPreview: true + SupportsEmailNotifications: false + } + Enabled: true + SendEmailsToSubscriptionOwners: true + CustomEmails: [] + } +} + +resource components_insights_name_extension_canaryextension 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = { + parent: components_insights_name_resource + name: 'extension_canaryextension' + location: location + properties: { + RuleDefinitions: { + Name: 'extension_canaryextension' + DisplayName: 'Canary extension' + Description: 'Canary extension' + HelpUrl: 'https://github.com/Microsoft/ApplicationInsights-Home/blob/master/SmartDetection/' + IsHidden: true + IsEnabledByDefault: true + IsInPreview: true + SupportsEmailNotifications: false + } + Enabled: true + SendEmailsToSubscriptionOwners: true + CustomEmails: [] + } +} + +resource components_insights_name_extension_exceptionchangeextension 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = { + parent: components_insights_name_resource + name: 'extension_exceptionchangeextension' + location: location + properties: { + RuleDefinitions: { + Name: 'extension_exceptionchangeextension' + DisplayName: 'Abnormal rise in exception volume (preview)' + Description: 'This detection rule automatically analyzes the exceptions thrown in your application, and can warn you about unusual patterns in your exception telemetry.' + HelpUrl: 'https://github.com/Microsoft/ApplicationInsights-Home/blob/master/SmartDetection/abnormal-rise-in-exception-volume.md' + IsHidden: false + IsEnabledByDefault: true + IsInPreview: true + SupportsEmailNotifications: false + } + Enabled: true + SendEmailsToSubscriptionOwners: true + CustomEmails: [] + } +} + +resource components_insights_name_extension_memoryleakextension 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = { + parent: components_insights_name_resource + name: 'extension_memoryleakextension' + location: location + properties: { + RuleDefinitions: { + Name: 'extension_memoryleakextension' + DisplayName: 'Potential memory leak detected (preview)' + Description: 'This detection rule automatically analyzes the memory consumption of each process in your application, and can warn you about potential memory leaks or increased memory consumption.' + HelpUrl: 'https://github.com/Microsoft/ApplicationInsights-Home/tree/master/SmartDetection/memory-leak.md' + IsHidden: false + IsEnabledByDefault: true + IsInPreview: true + SupportsEmailNotifications: false + } + Enabled: true + SendEmailsToSubscriptionOwners: true + CustomEmails: [] + } +} + +resource components_insights_name_extension_securityextensionspackage 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = { + parent: components_insights_name_resource + name: 'extension_securityextensionspackage' + location: location + properties: { + RuleDefinitions: { + Name: 'extension_securityextensionspackage' + DisplayName: 'Potential security issue detected (preview)' + Description: 'This detection rule automatically analyzes the telemetry generated by your application and detects potential security issues.' + HelpUrl: 'https://github.com/Microsoft/ApplicationInsights-Home/blob/master/SmartDetection/application-security-detection-pack.md' + IsHidden: false + IsEnabledByDefault: true + IsInPreview: true + SupportsEmailNotifications: false + } + Enabled: true + SendEmailsToSubscriptionOwners: true + CustomEmails: [] + } +} + +resource components_insights_name_extension_traceseveritydetector 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = { + parent: components_insights_name_resource + name: 'extension_traceseveritydetector' + location: location + properties: { + RuleDefinitions: { + Name: 'extension_traceseveritydetector' + DisplayName: 'Degradation in trace severity ratio (preview)' + Description: 'This detection rule automatically analyzes the trace logs emitted from your application, and can warn you about unusual patterns in the severity of your trace telemetry.' + HelpUrl: 'https://github.com/Microsoft/ApplicationInsights-Home/blob/master/SmartDetection/degradation-in-trace-severity-ratio.md' + IsHidden: false + IsEnabledByDefault: true + IsInPreview: true + SupportsEmailNotifications: false + } + Enabled: true + SendEmailsToSubscriptionOwners: true + CustomEmails: [] + } +} + +resource components_insights_name_longdependencyduration 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = { + parent: components_insights_name_resource + name: 'longdependencyduration' + location: location + properties: { + RuleDefinitions: { + Name: 'longdependencyduration' + DisplayName: 'Long dependency duration' + Description: 'Smart Detection rules notify you of performance anomaly issues.' + HelpUrl: 'https://docs.microsoft.com/en-us/azure/application-insights/app-insights-proactive-performance-diagnostics' + IsHidden: false + IsEnabledByDefault: true + IsInPreview: false + SupportsEmailNotifications: true + } + Enabled: true + SendEmailsToSubscriptionOwners: true + CustomEmails: [] + } +} + +resource components_insights_name_migrationToAlertRulesCompleted 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = { + parent: components_insights_name_resource + name: 'migrationToAlertRulesCompleted' + location: location + properties: { + RuleDefinitions: { + Name: 'migrationToAlertRulesCompleted' + DisplayName: 'Migration To Alert Rules Completed' + Description: 'A configuration that controls the migration state of Smart Detection to Smart Alerts' + HelpUrl: 'https://docs.microsoft.com/en-us/azure/application-insights/app-insights-proactive-performance-diagnostics' + IsHidden: true + IsEnabledByDefault: false + IsInPreview: true + SupportsEmailNotifications: false + } + Enabled: false + SendEmailsToSubscriptionOwners: true + CustomEmails: [] + } +} + +resource components_insights_name_slowpageloadtime 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = { + parent: components_insights_name_resource + name: 'slowpageloadtime' + location: location + properties: { + RuleDefinitions: { + Name: 'slowpageloadtime' + DisplayName: 'Slow page load time' + Description: 'Smart Detection rules notify you of performance anomaly issues.' + HelpUrl: 'https://docs.microsoft.com/en-us/azure/application-insights/app-insights-proactive-performance-diagnostics' + IsHidden: false + IsEnabledByDefault: true + IsInPreview: false + SupportsEmailNotifications: true + } + Enabled: true + SendEmailsToSubscriptionOwners: true + CustomEmails: [] + } +} + +resource components_insights_name_slowserverresponsetime 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = { + parent: components_insights_name_resource + name: 'slowserverresponsetime' + location: location + properties: { + RuleDefinitions: { + Name: 'slowserverresponsetime' + DisplayName: 'Slow server response time' + Description: 'Smart Detection rules notify you of performance anomaly issues.' + HelpUrl: 'https://docs.microsoft.com/en-us/azure/application-insights/app-insights-proactive-performance-diagnostics' + IsHidden: false + IsEnabledByDefault: true + IsInPreview: false + SupportsEmailNotifications: true + } + Enabled: true + SendEmailsToSubscriptionOwners: true + CustomEmails: [] + } +} + +resource vaults_keyvault_name_plsc_vault 'Microsoft.KeyVault/vaults/privateEndpointConnections@2023-07-01' = { + parent: vaults_keyvault_name_resource + name: 'plsc_vault' + properties: { + privateEndpoint: {} + privateLinkServiceConnectionState: { + status: 'Approved' + description: 'Auto approved by Azure Machine Learning' + actionsRequired: 'None' + } + } +} + +resource vaults_keyvault_name_419b3a2c_288c_4391_9f1e_236c0b6e471b_0HHZAKwY580UqjjDpQG0xtxk5ig2c5XVRetMs7DW_bY 'Microsoft.KeyVault/vaults/secrets@2023-07-01' = { + parent: vaults_keyvault_name_resource + name: '419b3a2c-288c-4391-9f1e-236c0b6e471b-0HHZAKwY580UqjjDpQG0xtxk5ig2c5XVRetMs7DW-bY' + properties: { + contentType: 'application/vnd.ms-StorageAccountAccessKey' + attributes: { + enabled: true + exp: 1767533302 + } + } +} + +resource vaults_keyvault_name_419b3a2c_288c_4391_9f1e_236c0b6e471b_N4Lzk6MJug_5lmk8Cb5b4RMZWaviMHwcCmz_9LHdAHI 'Microsoft.KeyVault/vaults/secrets@2023-07-01' = { + parent: vaults_keyvault_name_resource + name: '419b3a2c-288c-4391-9f1e-236c0b6e471b-N4Lzk6MJug-5lmk8Cb5b4RMZWaviMHwcCmz-9LHdAHI' + properties: { + contentType: 'application/vnd.ms-StorageAccountAccessKey' + attributes: { + enabled: true + exp: 1767533302 + } + } +} + +resource vaults_keyvault_name_419b3a2c_288c_4391_9f1e_236c0b6e471b_yCwOI3PVB70bGiuzffQpdu6DTadeKVv04Y9IyFHPq7Q 'Microsoft.KeyVault/vaults/secrets@2023-07-01' = { + parent: vaults_keyvault_name_resource + name: '419b3a2c-288c-4391-9f1e-236c0b6e471b-yCwOI3PVB70bGiuzffQpdu6DTadeKVv04Y9IyFHPq7Q' + properties: { + contentType: 'application/vnd.ms-StorageAccountAccessKey' + attributes: { + enabled: true + exp: 1767533302 + } + } +} + +resource vaults_keyvault_name_419b3a2c_288c_4391_9f1e_236c0b6e471b_Z4kuS_kZ1tVLMYFJejfH_a7z58oNiJ5dk3RBHijC_rg 'Microsoft.KeyVault/vaults/secrets@2023-07-01' = { + parent: vaults_keyvault_name_resource + name: '419b3a2c-288c-4391-9f1e-236c0b6e471b-Z4kuS-kZ1tVLMYFJejfH-a7z58oNiJ5dk3RBHijC-rg' + location: location + properties: { + contentType: 'application/vnd.ms-StorageAccountAccessKey' + attributes: { + enabled: true + exp: 1767533302 + } + } +} + +@description('workspace artifact store') +resource workspaces_name_workspaceartifactstore 'Microsoft.MachineLearningServices/workspaces/datastores@2023-10-01' = { + name: '${workspaces_name}/workspaceartifactstore' + properties: { + credentials: { + credentialsType: 'AccountKey' + secrets: {} + } + datastoreType: 'AzureBlob' + } +} + + +resource workspaces_name_workspaceblobstore 'Microsoft.MachineLearningServices/workspaces/datastores@2023-10-01' = { + name: '${workspaces_name}/workspaceblobstore' + properties: { + credentials: { + credentialsType: 'AccountKey' + secrets: {} + } + datastoreType: 'AzureBlob' + } +} + + +resource workspaces_name_workspacefilestore 'Microsoft.MachineLearningServices/workspaces/datastores@2023-10-01' = { + name: '${workspaces_name}/workspacefilestore' + properties: { + credentials: { + credentialsType: 'AccountKey' + secrets: {} + } + datastoreType: 'AzureFile' + } +} + + +resource workspaces_name_workspaceworkingdirectory 'Microsoft.MachineLearningServices/workspaces/datastores@2023-10-01' = { + name: '${workspaces_name}/workspaceworkingdirectory' + properties: { + credentials: { + credentialsType: 'AccountKey' + secrets: {} + } + type: 'AzureBlobStorage' + } +} + +resource workspaces_name_workspaces_name_176c0759_a1b4_412d_af12_13ed6dca820e 'Microsoft.MachineLearningServices/workspaces/privateEndpointConnections@2023-10-01' = { + name: '${workspaces_name}/${workspaces_name}.176c0759-a1b4-412d-af12-13ed6dca820e' + properties: { + privateEndpoint: {} + privateLinkServiceConnectionState: { + status: 'Approved' + description: 'Auto approved by Azure Machine Learning' + actionsRequired: 'None' + } + } +} + +resource workspaces_name_workspaces_name_d175c474_5795_486a_b588_fbd0e18059de 'Microsoft.MachineLearningServices/workspaces/privateEndpointConnections@2023-10-01' = { + name: '${workspaces_name}/${workspaces_name}.d175c474-5795-486a-b588-fbd0e18059de' + properties: { + privateEndpoint: {} + privateLinkServiceConnectionState: { + status: 'Approved' + description: 'Auto-Approved' + actionsRequired: 'None' + } + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_General_AlphabeticallySortedComputers 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_General|AlphabeticallySortedComputers' + properties: { + displayName: 'All Computers with their most recent data' + category: 'General Exploration' + query: 'search not(ObjectName == "Advisor Metrics" or ObjectName == "ManagedSpace") | summarize AggregatedValue = max(TimeGenerated) by Computer | limit 500000 | sort by Computer asc\r\n// Oql: NOT(ObjectName="Advisor Metrics" OR ObjectName=ManagedSpace) | measure max(TimeGenerated) by Computer | top 500000 | Sort Computer // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PTT: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_General_dataPointsPerManagementGroup 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_General|dataPointsPerManagementGroup' + properties: { + displayName: 'Which Management Group is generating the most data points?' + category: 'General Exploration' + query: 'search * | summarize AggregatedValue = count() by ManagementGroupName\r\n// Oql: * | Measure count() by ManagementGroupName // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PTT: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_General_dataTypeDistribution 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_General|dataTypeDistribution' + properties: { + displayName: 'Distribution of data Types' + category: 'General Exploration' + query: 'search * | extend Type = $table | summarize AggregatedValue = count() by Type\r\n// Oql: * | Measure count() by Type // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PTT: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_General_StaleComputers 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_General|StaleComputers' + properties: { + displayName: 'Stale Computers (data older than 24 hours)' + category: 'General Exploration' + query: 'search not(ObjectName == "Advisor Metrics" or ObjectName == "ManagedSpace") | summarize lastdata = max(TimeGenerated) by Computer | limit 500000 | where lastdata < ago(24h)\r\n// Oql: NOT(ObjectName="Advisor Metrics" OR ObjectName=ManagedSpace) | measure max(TimeGenerated) as lastdata by Computer | top 500000 | where lastdata < NOW-24HOURS // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PTT: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_AllEvents 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|AllEvents' + properties: { + displayName: 'All Events' + category: 'Log Management' + query: 'Event | sort by TimeGenerated desc\r\n// Oql: Type=Event // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PTT: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_AllSyslog 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|AllSyslog' + properties: { + displayName: 'All Syslogs' + category: 'Log Management' + query: 'Syslog | sort by TimeGenerated desc\r\n// Oql: Type=Syslog // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PTT: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_AllSyslogByFacility 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|AllSyslogByFacility' + properties: { + displayName: 'All Syslog Records grouped by Facility' + category: 'Log Management' + query: 'Syslog | summarize AggregatedValue = count() by Facility\r\n// Oql: Type=Syslog | Measure count() by Facility // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PTT: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_AllSyslogByProcess 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|AllSyslogByProcessName' + properties: { + displayName: 'All Syslog Records grouped by ProcessName' + category: 'Log Management' + query: 'Syslog | summarize AggregatedValue = count() by ProcessName\r\n// Oql: Type=Syslog | Measure count() by ProcessName // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PTT: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_AllSyslogsWithErrors 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|AllSyslogsWithErrors' + properties: { + displayName: 'All Syslog Records with Errors' + category: 'Log Management' + query: 'Syslog | where SeverityLevel == "error" | sort by TimeGenerated desc\r\n// Oql: Type=Syslog SeverityLevel=error // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PTT: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_AverageHTTPRequestTimeByClientIPAddress 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|AverageHTTPRequestTimeByClientIPAddress' + properties: { + displayName: 'Average HTTP Request time by Client IP Address' + category: 'Log Management' + query: 'search * | extend Type = $table | where Type == W3CIISLog | summarize AggregatedValue = avg(TimeTaken) by cIP\r\n// Oql: Type=W3CIISLog | Measure Avg(TimeTaken) by cIP // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PEF: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_AverageHTTPRequestTimeHTTPMethod 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|AverageHTTPRequestTimeHTTPMethod' + properties: { + displayName: 'Average HTTP Request time by HTTP Method' + category: 'Log Management' + query: 'search * | extend Type = $table | where Type == W3CIISLog | summarize AggregatedValue = avg(TimeTaken) by csMethod\r\n// Oql: Type=W3CIISLog | Measure Avg(TimeTaken) by csMethod // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PEF: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_CountIISLogEntriesClientIPAddress 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|CountIISLogEntriesClientIPAddress' + properties: { + displayName: 'Count of IIS Log Entries by Client IP Address' + category: 'Log Management' + query: 'search * | extend Type = $table | where Type == W3CIISLog | summarize AggregatedValue = count() by cIP\r\n// Oql: Type=W3CIISLog | Measure count() by cIP // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PEF: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_CountIISLogEntriesHTTPRequestMethod 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|CountIISLogEntriesHTTPRequestMethod' + properties: { + displayName: 'Count of IIS Log Entries by HTTP Request Method' + category: 'Log Management' + query: 'search * | extend Type = $table | where Type == W3CIISLog | summarize AggregatedValue = count() by csMethod\r\n// Oql: Type=W3CIISLog | Measure count() by csMethod // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PEF: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_CountIISLogEntriesHTTPUserAgent 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|CountIISLogEntriesHTTPUserAgent' + properties: { + displayName: 'Count of IIS Log Entries by HTTP User Agent' + category: 'Log Management' + query: 'search * | extend Type = $table | where Type == W3CIISLog | summarize AggregatedValue = count() by csUserAgent\r\n// Oql: Type=W3CIISLog | Measure count() by csUserAgent // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PEF: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_CountOfIISLogEntriesByHostRequestedByClient 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|CountOfIISLogEntriesByHostRequestedByClient' + properties: { + displayName: 'Count of IIS Log Entries by Host requested by client' + category: 'Log Management' + query: 'search * | extend Type = $table | where Type == W3CIISLog | summarize AggregatedValue = count() by csHost\r\n// Oql: Type=W3CIISLog | Measure count() by csHost // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PEF: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_CountOfIISLogEntriesByURLForHost 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|CountOfIISLogEntriesByURLForHost' + properties: { + displayName: 'Count of IIS Log Entries by URL for the host "www.contoso.com" (replace with your own)' + category: 'Log Management' + query: 'search csHost == "www.contoso.com" | extend Type = $table | where Type == W3CIISLog | summarize AggregatedValue = count() by csUriStem\r\n// Oql: Type=W3CIISLog csHost="www.contoso.com" | Measure count() by csUriStem // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PEF: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_CountOfIISLogEntriesByURLRequestedByClient 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|CountOfIISLogEntriesByURLRequestedByClient' + properties: { + displayName: 'Count of IIS Log Entries by URL requested by client (without query strings)' + category: 'Log Management' + query: 'search * | extend Type = $table | where Type == W3CIISLog | summarize AggregatedValue = count() by csUriStem\r\n// Oql: Type=W3CIISLog | Measure count() by csUriStem // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PEF: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_CountOfWarningEvents 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|CountOfWarningEvents' + properties: { + displayName: 'Count of Events with level "Warning" grouped by Event ID' + category: 'Log Management' + query: 'Event | where EventLevelName == "warning" | summarize AggregatedValue = count() by EventID\r\n// Oql: Type=Event EventLevelName=warning | Measure count() by EventID // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PTT: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_DisplayBreakdownRespondCodes 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|DisplayBreakdownRespondCodes' + properties: { + displayName: 'Shows breakdown of response codes' + category: 'Log Management' + query: 'search * | extend Type = $table | where Type == W3CIISLog | summarize AggregatedValue = count() by scStatus\r\n// Oql: Type=W3CIISLog | Measure count() by scStatus // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PEF: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_EventsByEventLog 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|EventsByEventLog' + properties: { + displayName: 'Count of Events grouped by Event Log' + category: 'Log Management' + query: 'Event | summarize AggregatedValue = count() by EventLog\r\n// Oql: Type=Event | Measure count() by EventLog // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PTT: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_EventsByEventsID 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|EventsByEventsID' + properties: { + displayName: 'Count of Events grouped by Event ID' + category: 'Log Management' + query: 'Event | summarize AggregatedValue = count() by EventID\r\n// Oql: Type=Event | Measure count() by EventID // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PTT: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_EventsByEventSource 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|EventsByEventSource' + properties: { + displayName: 'Count of Events grouped by Event Source' + category: 'Log Management' + query: 'Event | summarize AggregatedValue = count() by Source\r\n// Oql: Type=Event | Measure count() by Source // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PTT: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_EventsInOMBetween2000to3000 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|EventsInOMBetween2000to3000' + properties: { + displayName: 'Events in the Operations Manager Event Log whose Event ID is in the range between 2000 and 3000' + category: 'Log Management' + query: 'Event | where EventLog == "Operations Manager" and EventID >= 2000 and EventID <= 3000 | sort by TimeGenerated desc\r\n// Oql: Type=Event EventLog="Operations Manager" EventID:[2000..3000] // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PTT: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_EventsWithStartedinEventID 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|EventsWithStartedinEventID' + properties: { + displayName: 'Count of Events containing the word "started" grouped by EventID' + category: 'Log Management' + query: 'search in (Event) "started" | summarize AggregatedValue = count() by EventID\r\n// Oql: Type=Event "started" | Measure count() by EventID // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PTT: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_FindMaximumTimeTakenForEachPage 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|FindMaximumTimeTakenForEachPage' + properties: { + displayName: 'Find the maximum time taken for each page' + category: 'Log Management' + query: 'search * | extend Type = $table | where Type == W3CIISLog | summarize AggregatedValue = max(TimeTaken) by csUriStem\r\n// Oql: Type=W3CIISLog | Measure Max(TimeTaken) by csUriStem // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PEF: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_IISLogEntriesForClientIP 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|IISLogEntriesForClientIP' + properties: { + displayName: 'IIS Log Entries for a specific client IP Address (replace with your own)' + category: 'Log Management' + query: 'search cIP == "192.168.0.1" | extend Type = $table | where Type == W3CIISLog | sort by TimeGenerated desc | project csUriStem, scBytes, csBytes, TimeTaken, scStatus\r\n// Oql: Type=W3CIISLog cIP="192.168.0.1" | Select csUriStem,scBytes,csBytes,TimeTaken,scStatus // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PEF: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_ListAllIISLogEntries 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|ListAllIISLogEntries' + properties: { + displayName: 'All IIS Log Entries' + category: 'Log Management' + query: 'search * | extend Type = $table | where Type == W3CIISLog | sort by TimeGenerated desc\r\n// Oql: Type=W3CIISLog // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PEF: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_NoOfConnectionsToOMSDKService 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|NoOfConnectionsToOMSDKService' + properties: { + displayName: 'How many connections to Operations Manager\'s SDK service by day' + category: 'Log Management' + query: 'Event | where EventID == 26328 and EventLog == "Operations Manager" | summarize AggregatedValue = count() by bin(TimeGenerated, 1d) | sort by TimeGenerated desc\r\n// Oql: Type=Event EventID=26328 EventLog="Operations Manager" | Measure count() interval 1DAY // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PTT: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_ServerRestartTime 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|ServerRestartTime' + properties: { + displayName: 'When did my servers initiate restart?' + category: 'Log Management' + query: 'search in (Event) "shutdown" and EventLog == "System" and Source == "User32" and EventID == 1074 | sort by TimeGenerated desc | project TimeGenerated, Computer\r\n// Oql: shutdown Type=Event EventLog=System Source=User32 EventID=1074 | Select TimeGenerated,Computer // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PTT: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_Show404PagesList 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|Show404PagesList' + properties: { + displayName: 'Shows which pages people are getting a 404 for' + category: 'Log Management' + query: 'search scStatus == 404 | extend Type = $table | where Type == W3CIISLog | summarize AggregatedValue = count() by csUriStem\r\n// Oql: Type=W3CIISLog scStatus=404 | Measure count() by csUriStem // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PEF: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_ShowServersThrowingInternalServerError 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|ShowServersThrowingInternalServerError' + properties: { + displayName: 'Shows servers that are throwing internal server error' + category: 'Log Management' + query: 'search scStatus == 500 | extend Type = $table | where Type == W3CIISLog | summarize AggregatedValue = count() by sComputerName\r\n// Oql: Type=W3CIISLog scStatus=500 | Measure count() by sComputerName // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PEF: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_TotalBytesReceivedByEachAzureRoleInstance 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|TotalBytesReceivedByEachAzureRoleInstance' + properties: { + displayName: 'Total Bytes received by each Azure Role Instance' + category: 'Log Management' + query: 'search * | extend Type = $table | where Type == W3CIISLog | summarize AggregatedValue = sum(csBytes) by RoleInstance\r\n// Oql: Type=W3CIISLog | Measure Sum(csBytes) by RoleInstance // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PEF: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_TotalBytesReceivedByEachIISComputer 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|TotalBytesReceivedByEachIISComputer' + properties: { + displayName: 'Total Bytes received by each IIS Computer' + category: 'Log Management' + query: 'search * | extend Type = $table | where Type == W3CIISLog | summarize AggregatedValue = sum(csBytes) by Computer | limit 500000\r\n// Oql: Type=W3CIISLog | Measure Sum(csBytes) by Computer | top 500000 // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PEF: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_TotalBytesRespondedToClientsByClientIPAddress 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|TotalBytesRespondedToClientsByClientIPAddress' + properties: { + displayName: 'Total Bytes responded back to clients by Client IP Address' + category: 'Log Management' + query: 'search * | extend Type = $table | where Type == W3CIISLog | summarize AggregatedValue = sum(scBytes) by cIP\r\n// Oql: Type=W3CIISLog | Measure Sum(scBytes) by cIP // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PEF: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_TotalBytesRespondedToClientsByEachIISServerIPAddress 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|TotalBytesRespondedToClientsByEachIISServerIPAddress' + properties: { + displayName: 'Total Bytes responded back to clients by each IIS ServerIP Address' + category: 'Log Management' + query: 'search * | extend Type = $table | where Type == W3CIISLog | summarize AggregatedValue = sum(scBytes) by sIP\r\n// Oql: Type=W3CIISLog | Measure Sum(scBytes) by sIP // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PEF: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_TotalBytesSentByClientIPAddress 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|TotalBytesSentByClientIPAddress' + properties: { + displayName: 'Total Bytes sent by Client IP Address' + category: 'Log Management' + query: 'search * | extend Type = $table | where Type == W3CIISLog | summarize AggregatedValue = sum(csBytes) by cIP\r\n// Oql: Type=W3CIISLog | Measure Sum(csBytes) by cIP // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PEF: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_WarningEvents 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|WarningEvents' + properties: { + displayName: 'All Events with level "Warning"' + category: 'Log Management' + query: 'Event | where EventLevelName == "warning" | sort by TimeGenerated desc\r\n// Oql: Type=Event EventLevelName=warning // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PTT: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_WindowsFireawallPolicySettingsChanged 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|WindowsFireawallPolicySettingsChanged' + properties: { + displayName: 'Windows Firewall Policy settings have changed' + category: 'Log Management' + query: 'Event | where EventLog == "Microsoft-Windows-Windows Firewall With Advanced Security/Firewall" and EventID == 2008 | sort by TimeGenerated desc\r\n// Oql: Type=Event EventLog="Microsoft-Windows-Windows Firewall With Advanced Security/Firewall" EventID=2008 // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PTT: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_LogManagement_workspaces_logalyti_name_LogManagement_WindowsFireawallPolicySettingsChangedByMachines 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = { + parent: workspaces_logalyti_name_resource + name: 'LogManagement(${workspaces_logalyti_name})_LogManagement|WindowsFireawallPolicySettingsChangedByMachines' + properties: { + displayName: 'On which machines and how many times have Windows Firewall Policy settings changed' + category: 'Log Management' + query: 'Event | where EventLog == "Microsoft-Windows-Windows Firewall With Advanced Security/Firewall" and EventID == 2008 | summarize AggregatedValue = count() by Computer | limit 500000\r\n// Oql: Type=Event EventLog="Microsoft-Windows-Windows Firewall With Advanced Security/Firewall" EventID=2008 | measure count() by Computer | top 500000 // Args: {OQ: True; WorkspaceId: 00000000-0000-0000-0000-000000000000} // Settings: {PTT: True; SortI: True; SortF: True} // Version: 0.1.122' + version: 2 + } +} + +resource workspaces_logalyti_name_AACAudit 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AACAudit' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AACAudit' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AACHttpRequest 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AACHttpRequest' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AACHttpRequest' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AADB2CRequestLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AADB2CRequestLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AADB2CRequestLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AADCustomSecurityAttributeAuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AADCustomSecurityAttributeAuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AADCustomSecurityAttributeAuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AADDomainServicesAccountLogon 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AADDomainServicesAccountLogon' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AADDomainServicesAccountLogon' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AADDomainServicesAccountManagement 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AADDomainServicesAccountManagement' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AADDomainServicesAccountManagement' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AADDomainServicesDirectoryServiceAccess 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AADDomainServicesDirectoryServiceAccess' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AADDomainServicesDirectoryServiceAccess' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AADDomainServicesDNSAuditsDynamicUpdates 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AADDomainServicesDNSAuditsDynamicUpdates' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AADDomainServicesDNSAuditsDynamicUpdates' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AADDomainServicesDNSAuditsGeneral 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AADDomainServicesDNSAuditsGeneral' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AADDomainServicesDNSAuditsGeneral' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AADDomainServicesLogonLogoff 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AADDomainServicesLogonLogoff' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AADDomainServicesLogonLogoff' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AADDomainServicesPolicyChange 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AADDomainServicesPolicyChange' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AADDomainServicesPolicyChange' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AADDomainServicesPrivilegeUse 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AADDomainServicesPrivilegeUse' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AADDomainServicesPrivilegeUse' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AADDomainServicesSystemSecurity 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AADDomainServicesSystemSecurity' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AADDomainServicesSystemSecurity' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AADManagedIdentitySignInLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AADManagedIdentitySignInLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AADManagedIdentitySignInLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AADNonInteractiveUserSignInLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AADNonInteractiveUserSignInLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AADNonInteractiveUserSignInLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AADProvisioningLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AADProvisioningLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AADProvisioningLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AADRiskyServicePrincipals 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AADRiskyServicePrincipals' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AADRiskyServicePrincipals' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AADRiskyUsers 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AADRiskyUsers' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AADRiskyUsers' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AADServicePrincipalRiskEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AADServicePrincipalRiskEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AADServicePrincipalRiskEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AADServicePrincipalSignInLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AADServicePrincipalSignInLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AADServicePrincipalSignInLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AADUserRiskEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AADUserRiskEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AADUserRiskEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ABSBotRequests 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ABSBotRequests' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ABSBotRequests' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ABSChannelToBotRequests 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ABSChannelToBotRequests' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ABSChannelToBotRequests' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ABSDependenciesRequests 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ABSDependenciesRequests' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ABSDependenciesRequests' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ACICollaborationAudit 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ACICollaborationAudit' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ACICollaborationAudit' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ACRConnectedClientList 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ACRConnectedClientList' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ACRConnectedClientList' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ACSAuthIncomingOperations 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ACSAuthIncomingOperations' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ACSAuthIncomingOperations' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ACSBillingUsage 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ACSBillingUsage' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ACSBillingUsage' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ACSCallAutomationIncomingOperations 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ACSCallAutomationIncomingOperations' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ACSCallAutomationIncomingOperations' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ACSCallAutomationMediaSummary 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ACSCallAutomationMediaSummary' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ACSCallAutomationMediaSummary' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ACSCallClientMediaStatsTimeSeries 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ACSCallClientMediaStatsTimeSeries' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ACSCallClientMediaStatsTimeSeries' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ACSCallClientOperations 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ACSCallClientOperations' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ACSCallClientOperations' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ACSCallDiagnostics 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ACSCallDiagnostics' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ACSCallDiagnostics' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ACSCallRecordingIncomingOperations 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ACSCallRecordingIncomingOperations' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ACSCallRecordingIncomingOperations' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ACSCallRecordingSummary 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ACSCallRecordingSummary' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ACSCallRecordingSummary' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ACSCallSummary 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ACSCallSummary' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ACSCallSummary' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ACSCallSurvey 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ACSCallSurvey' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ACSCallSurvey' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ACSChatIncomingOperations 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ACSChatIncomingOperations' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ACSChatIncomingOperations' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ACSEmailSendMailOperational 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ACSEmailSendMailOperational' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ACSEmailSendMailOperational' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ACSEmailStatusUpdateOperational 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ACSEmailStatusUpdateOperational' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ACSEmailStatusUpdateOperational' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ACSEmailUserEngagementOperational 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ACSEmailUserEngagementOperational' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ACSEmailUserEngagementOperational' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ACSJobRouterIncomingOperations 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ACSJobRouterIncomingOperations' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ACSJobRouterIncomingOperations' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ACSNetworkTraversalDiagnostics 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ACSNetworkTraversalDiagnostics' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ACSNetworkTraversalDiagnostics' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ACSNetworkTraversalIncomingOperations 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ACSNetworkTraversalIncomingOperations' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ACSNetworkTraversalIncomingOperations' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ACSRoomsIncomingOperations 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ACSRoomsIncomingOperations' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ACSRoomsIncomingOperations' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ACSSMSIncomingOperations 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ACSSMSIncomingOperations' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ACSSMSIncomingOperations' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADAssessmentRecommendation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADAssessmentRecommendation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADAssessmentRecommendation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AddonAzureBackupAlerts 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AddonAzureBackupAlerts' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AddonAzureBackupAlerts' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AddonAzureBackupJobs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AddonAzureBackupJobs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AddonAzureBackupJobs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AddonAzureBackupPolicy 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AddonAzureBackupPolicy' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AddonAzureBackupPolicy' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AddonAzureBackupProtectedInstance 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AddonAzureBackupProtectedInstance' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AddonAzureBackupProtectedInstance' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AddonAzureBackupStorage 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AddonAzureBackupStorage' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AddonAzureBackupStorage' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADFActivityRun 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADFActivityRun' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADFActivityRun' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADFAirflowSchedulerLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADFAirflowSchedulerLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADFAirflowSchedulerLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADFAirflowTaskLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADFAirflowTaskLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADFAirflowTaskLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADFAirflowWebLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADFAirflowWebLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADFAirflowWebLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADFAirflowWorkerLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADFAirflowWorkerLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADFAirflowWorkerLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADFPipelineRun 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADFPipelineRun' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADFPipelineRun' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADFSandboxActivityRun 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADFSandboxActivityRun' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADFSandboxActivityRun' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADFSandboxPipelineRun 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADFSandboxPipelineRun' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADFSandboxPipelineRun' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADFSSignInLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADFSSignInLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADFSSignInLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADFSSISIntegrationRuntimeLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADFSSISIntegrationRuntimeLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADFSSISIntegrationRuntimeLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADFSSISPackageEventMessageContext 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADFSSISPackageEventMessageContext' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADFSSISPackageEventMessageContext' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADFSSISPackageEventMessages 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADFSSISPackageEventMessages' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADFSSISPackageEventMessages' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADFSSISPackageExecutableStatistics 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADFSSISPackageExecutableStatistics' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADFSSISPackageExecutableStatistics' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADFSSISPackageExecutionComponentPhases 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADFSSISPackageExecutionComponentPhases' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADFSSISPackageExecutionComponentPhases' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADFSSISPackageExecutionDataStatistics 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADFSSISPackageExecutionDataStatistics' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADFSSISPackageExecutionDataStatistics' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADFTriggerRun 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADFTriggerRun' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADFTriggerRun' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADPAudit 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADPAudit' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADPAudit' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADPDiagnostics 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADPDiagnostics' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADPDiagnostics' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADPRequests 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADPRequests' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADPRequests' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADSecurityAssessmentRecommendation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADSecurityAssessmentRecommendation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADSecurityAssessmentRecommendation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADTDataHistoryOperation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADTDataHistoryOperation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADTDataHistoryOperation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADTDigitalTwinsOperation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADTDigitalTwinsOperation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADTDigitalTwinsOperation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADTEventRoutesOperation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADTEventRoutesOperation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADTEventRoutesOperation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADTModelsOperation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADTModelsOperation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADTModelsOperation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADTQueryOperation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADTQueryOperation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADTQueryOperation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADXCommand 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADXCommand' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADXCommand' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADXIngestionBatching 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADXIngestionBatching' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADXIngestionBatching' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADXJournal 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADXJournal' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADXJournal' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADXQuery 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADXQuery' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADXQuery' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADXTableDetails 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADXTableDetails' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADXTableDetails' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ADXTableUsageStatistics 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ADXTableUsageStatistics' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ADXTableUsageStatistics' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AegDataPlaneRequests 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AegDataPlaneRequests' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AegDataPlaneRequests' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AegDeliveryFailureLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AegDeliveryFailureLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AegDeliveryFailureLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AegPublishFailureLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AegPublishFailureLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AegPublishFailureLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AEWAssignmentBlobLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AEWAssignmentBlobLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AEWAssignmentBlobLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AEWAuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AEWAuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AEWAuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AEWComputePipelinesLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AEWComputePipelinesLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AEWComputePipelinesLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AFSAuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AFSAuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AFSAuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AGCAccessLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AGCAccessLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AGCAccessLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AgriFoodApplicationAuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AgriFoodApplicationAuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AgriFoodApplicationAuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AgriFoodFarmManagementLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AgriFoodFarmManagementLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AgriFoodFarmManagementLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AgriFoodFarmOperationLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AgriFoodFarmOperationLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AgriFoodFarmOperationLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AgriFoodInsightLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AgriFoodInsightLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AgriFoodInsightLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AgriFoodJobProcessedLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AgriFoodJobProcessedLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AgriFoodJobProcessedLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AgriFoodModelInferenceLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AgriFoodModelInferenceLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AgriFoodModelInferenceLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AgriFoodProviderAuthLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AgriFoodProviderAuthLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AgriFoodProviderAuthLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AgriFoodSatelliteLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AgriFoodSatelliteLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AgriFoodSatelliteLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AgriFoodSensorManagementLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AgriFoodSensorManagementLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AgriFoodSensorManagementLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AgriFoodWeatherLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AgriFoodWeatherLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AgriFoodWeatherLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AGSGrafanaLoginEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AGSGrafanaLoginEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AGSGrafanaLoginEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AGWAccessLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AGWAccessLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AGWAccessLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AGWFirewallLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AGWFirewallLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AGWFirewallLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AGWPerformanceLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AGWPerformanceLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AGWPerformanceLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AHDSDicomAuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AHDSDicomAuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AHDSDicomAuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AHDSDicomDiagnosticLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AHDSDicomDiagnosticLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AHDSDicomDiagnosticLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AHDSMedTechDiagnosticLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AHDSMedTechDiagnosticLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AHDSMedTechDiagnosticLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AirflowDagProcessingLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AirflowDagProcessingLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AirflowDagProcessingLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AKSAudit 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AKSAudit' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AKSAudit' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AKSAuditAdmin 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AKSAuditAdmin' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AKSAuditAdmin' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AKSControlPlane 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AKSControlPlane' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AKSControlPlane' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_Alert 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'Alert' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'Alert' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AmlComputeClusterEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AmlComputeClusterEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AmlComputeClusterEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AmlComputeClusterNodeEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AmlComputeClusterNodeEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AmlComputeClusterNodeEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AmlComputeCpuGpuUtilization 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AmlComputeCpuGpuUtilization' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AmlComputeCpuGpuUtilization' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AmlComputeInstanceEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AmlComputeInstanceEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AmlComputeInstanceEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AmlComputeJobEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AmlComputeJobEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AmlComputeJobEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AmlDataLabelEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AmlDataLabelEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AmlDataLabelEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AmlDataSetEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AmlDataSetEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AmlDataSetEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AmlDataStoreEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AmlDataStoreEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AmlDataStoreEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AmlDeploymentEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AmlDeploymentEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AmlDeploymentEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AmlEnvironmentEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AmlEnvironmentEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AmlEnvironmentEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AmlInferencingEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AmlInferencingEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AmlInferencingEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AmlModelsEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AmlModelsEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AmlModelsEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AmlOnlineEndpointConsoleLog 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AmlOnlineEndpointConsoleLog' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AmlOnlineEndpointConsoleLog' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AmlOnlineEndpointEventLog 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AmlOnlineEndpointEventLog' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AmlOnlineEndpointEventLog' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AmlOnlineEndpointTrafficLog 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AmlOnlineEndpointTrafficLog' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AmlOnlineEndpointTrafficLog' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AmlPipelineEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AmlPipelineEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AmlPipelineEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AmlRegistryReadEventsLog 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AmlRegistryReadEventsLog' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AmlRegistryReadEventsLog' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AmlRegistryWriteEventsLog 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AmlRegistryWriteEventsLog' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AmlRegistryWriteEventsLog' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AmlRunEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AmlRunEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AmlRunEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AmlRunStatusChangedEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AmlRunStatusChangedEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AmlRunStatusChangedEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AMSKeyDeliveryRequests 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AMSKeyDeliveryRequests' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AMSKeyDeliveryRequests' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AMSLiveEventOperations 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AMSLiveEventOperations' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AMSLiveEventOperations' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AMSMediaAccountHealth 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AMSMediaAccountHealth' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AMSMediaAccountHealth' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AMSStreamingEndpointRequests 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AMSStreamingEndpointRequests' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AMSStreamingEndpointRequests' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ANFFileAccess 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ANFFileAccess' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ANFFileAccess' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AOIDatabaseQuery 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AOIDatabaseQuery' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AOIDatabaseQuery' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AOIDigestion 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AOIDigestion' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AOIDigestion' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AOIStorage 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AOIStorage' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AOIStorage' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ApiManagementGatewayLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ApiManagementGatewayLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ApiManagementGatewayLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ApiManagementWebSocketConnectionLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ApiManagementWebSocketConnectionLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ApiManagementWebSocketConnectionLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AppAvailabilityResults 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppAvailabilityResults' + properties: { + totalRetentionInDays: 90 + plan: 'Analytics' + schema: { + name: 'AppAvailabilityResults' + } + retentionInDays: 90 + } +} + +resource workspaces_logalyti_name_AppBrowserTimings 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppBrowserTimings' + properties: { + totalRetentionInDays: 90 + plan: 'Analytics' + schema: { + name: 'AppBrowserTimings' + } + retentionInDays: 90 + } +} + +resource workspaces_logalyti_name_AppCenterError 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppCenterError' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AppCenterError' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AppDependencies 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppDependencies' + properties: { + totalRetentionInDays: 90 + plan: 'Analytics' + schema: { + name: 'AppDependencies' + } + retentionInDays: 90 + } +} + +resource workspaces_logalyti_name_AppEnvSpringAppConsoleLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppEnvSpringAppConsoleLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AppEnvSpringAppConsoleLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AppEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppEvents' + properties: { + totalRetentionInDays: 90 + plan: 'Analytics' + schema: { + name: 'AppEvents' + } + retentionInDays: 90 + } +} + +resource workspaces_logalyti_name_AppExceptions 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppExceptions' + properties: { + totalRetentionInDays: 90 + plan: 'Analytics' + schema: { + name: 'AppExceptions' + } + retentionInDays: 90 + } +} + +resource workspaces_logalyti_name_AppMetrics 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppMetrics' + properties: { + totalRetentionInDays: 90 + plan: 'Analytics' + schema: { + name: 'AppMetrics' + } + retentionInDays: 90 + } +} + +resource workspaces_logalyti_name_AppPageViews 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppPageViews' + properties: { + totalRetentionInDays: 90 + plan: 'Analytics' + schema: { + name: 'AppPageViews' + } + retentionInDays: 90 + } +} + +resource workspaces_logalyti_name_AppPerformanceCounters 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppPerformanceCounters' + properties: { + totalRetentionInDays: 90 + plan: 'Analytics' + schema: { + name: 'AppPerformanceCounters' + } + retentionInDays: 90 + } +} + +resource workspaces_logalyti_name_AppPlatformBuildLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppPlatformBuildLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AppPlatformBuildLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AppPlatformContainerEventLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppPlatformContainerEventLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AppPlatformContainerEventLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AppPlatformIngressLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppPlatformIngressLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AppPlatformIngressLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AppPlatformLogsforSpring 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppPlatformLogsforSpring' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AppPlatformLogsforSpring' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AppPlatformSystemLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppPlatformSystemLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AppPlatformSystemLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AppRequests 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppRequests' + properties: { + totalRetentionInDays: 90 + plan: 'Analytics' + schema: { + name: 'AppRequests' + } + retentionInDays: 90 + } +} + +resource workspaces_logalyti_name_AppServiceAntivirusScanAuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppServiceAntivirusScanAuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AppServiceAntivirusScanAuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AppServiceAppLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppServiceAppLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AppServiceAppLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AppServiceAuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppServiceAuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AppServiceAuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AppServiceAuthenticationLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppServiceAuthenticationLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AppServiceAuthenticationLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AppServiceConsoleLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppServiceConsoleLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AppServiceConsoleLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AppServiceEnvironmentPlatformLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppServiceEnvironmentPlatformLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AppServiceEnvironmentPlatformLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AppServiceFileAuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppServiceFileAuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AppServiceFileAuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AppServiceHTTPLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppServiceHTTPLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AppServiceHTTPLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AppServiceIPSecAuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppServiceIPSecAuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AppServiceIPSecAuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AppServicePlatformLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppServicePlatformLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AppServicePlatformLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AppServiceServerlessSecurityPluginData 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppServiceServerlessSecurityPluginData' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AppServiceServerlessSecurityPluginData' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AppSystemEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppSystemEvents' + properties: { + totalRetentionInDays: 90 + plan: 'Analytics' + schema: { + name: 'AppSystemEvents' + } + retentionInDays: 90 + } +} + +resource workspaces_logalyti_name_AppTraces 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AppTraces' + properties: { + totalRetentionInDays: 90 + plan: 'Analytics' + schema: { + name: 'AppTraces' + } + retentionInDays: 90 + } +} + +resource workspaces_logalyti_name_ArcK8sAudit 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ArcK8sAudit' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ArcK8sAudit' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ArcK8sAuditAdmin 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ArcK8sAuditAdmin' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ArcK8sAuditAdmin' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ArcK8sControlPlane 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ArcK8sControlPlane' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ArcK8sControlPlane' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ASCAuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ASCAuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ASCAuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ASCDeviceEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ASCDeviceEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ASCDeviceEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ASRJobs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ASRJobs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ASRJobs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ASRReplicatedItems 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ASRReplicatedItems' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ASRReplicatedItems' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ATCExpressRouteCircuitIpfix 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ATCExpressRouteCircuitIpfix' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ATCExpressRouteCircuitIpfix' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AUIEventsAudit 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AUIEventsAudit' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AUIEventsAudit' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AUIEventsOperational 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AUIEventsOperational' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AUIEventsOperational' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AutoscaleEvaluationsLog 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AutoscaleEvaluationsLog' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AutoscaleEvaluationsLog' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AutoscaleScaleActionsLog 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AutoscaleScaleActionsLog' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AutoscaleScaleActionsLog' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AVNMConnectivityConfigurationChange 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AVNMConnectivityConfigurationChange' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AVNMConnectivityConfigurationChange' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AVNMIPAMPoolAllocationChange 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AVNMIPAMPoolAllocationChange' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AVNMIPAMPoolAllocationChange' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AVNMNetworkGroupMembershipChange 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AVNMNetworkGroupMembershipChange' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AVNMNetworkGroupMembershipChange' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AVNMRuleCollectionChange 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AVNMRuleCollectionChange' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AVNMRuleCollectionChange' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AVSSyslog 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AVSSyslog' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AVSSyslog' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZFWApplicationRule 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZFWApplicationRule' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZFWApplicationRule' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZFWApplicationRuleAggregation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZFWApplicationRuleAggregation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZFWApplicationRuleAggregation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZFWDnsQuery 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZFWDnsQuery' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZFWDnsQuery' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZFWFatFlow 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZFWFatFlow' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZFWFatFlow' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZFWFlowTrace 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZFWFlowTrace' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZFWFlowTrace' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZFWIdpsSignature 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZFWIdpsSignature' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZFWIdpsSignature' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZFWInternalFqdnResolutionFailure 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZFWInternalFqdnResolutionFailure' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZFWInternalFqdnResolutionFailure' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZFWNatRule 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZFWNatRule' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZFWNatRule' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZFWNatRuleAggregation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZFWNatRuleAggregation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZFWNatRuleAggregation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZFWNetworkRule 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZFWNetworkRule' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZFWNetworkRule' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZFWNetworkRuleAggregation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZFWNetworkRuleAggregation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZFWNetworkRuleAggregation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZFWThreatIntel 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZFWThreatIntel' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZFWThreatIntel' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZKVAuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZKVAuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZKVAuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZKVPolicyEvaluationDetailsLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZKVPolicyEvaluationDetailsLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZKVPolicyEvaluationDetailsLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZMSApplicationMetricLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZMSApplicationMetricLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZMSApplicationMetricLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZMSArchiveLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZMSArchiveLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZMSArchiveLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZMSAutoscaleLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZMSAutoscaleLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZMSAutoscaleLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZMSCustomerManagedKeyUserLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZMSCustomerManagedKeyUserLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZMSCustomerManagedKeyUserLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZMSHybridConnectionsEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZMSHybridConnectionsEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZMSHybridConnectionsEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZMSKafkaCoordinatorLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZMSKafkaCoordinatorLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZMSKafkaCoordinatorLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZMSKafkaUserErrorLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZMSKafkaUserErrorLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZMSKafkaUserErrorLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZMSOperationalLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZMSOperationalLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZMSOperationalLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZMSRunTimeAuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZMSRunTimeAuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZMSRunTimeAuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AZMSVnetConnectionEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AZMSVnetConnectionEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AZMSVnetConnectionEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AzureActivity 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AzureActivity' + properties: { + totalRetentionInDays: 90 + plan: 'Analytics' + schema: { + name: 'AzureActivity' + } + retentionInDays: 90 + } +} + +resource workspaces_logalyti_name_AzureActivityV2 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AzureActivityV2' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AzureActivityV2' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AzureAssessmentRecommendation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AzureAssessmentRecommendation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AzureAssessmentRecommendation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AzureAttestationDiagnostics 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AzureAttestationDiagnostics' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AzureAttestationDiagnostics' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AzureBackupOperations 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AzureBackupOperations' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AzureBackupOperations' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AzureCloudHsmAuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AzureCloudHsmAuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AzureCloudHsmAuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AzureDevOpsAuditing 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AzureDevOpsAuditing' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AzureDevOpsAuditing' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AzureLoadTestingOperation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AzureLoadTestingOperation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AzureLoadTestingOperation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AzureMetrics 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AzureMetrics' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AzureMetrics' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_AzureMetricsV2 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'AzureMetricsV2' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'AzureMetricsV2' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_BaiClusterEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'BaiClusterEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'BaiClusterEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_BaiClusterNodeEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'BaiClusterNodeEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'BaiClusterNodeEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_BaiJobEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'BaiJobEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'BaiJobEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_BlockchainApplicationLog 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'BlockchainApplicationLog' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'BlockchainApplicationLog' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_BlockchainProxyLog 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'BlockchainProxyLog' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'BlockchainProxyLog' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_CassandraAudit 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'CassandraAudit' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'CassandraAudit' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_CassandraLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'CassandraLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'CassandraLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_CCFApplicationLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'CCFApplicationLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'CCFApplicationLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_CDBCassandraRequests 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'CDBCassandraRequests' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'CDBCassandraRequests' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_CDBControlPlaneRequests 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'CDBControlPlaneRequests' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'CDBControlPlaneRequests' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_CDBDataPlaneRequests 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'CDBDataPlaneRequests' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'CDBDataPlaneRequests' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_CDBGremlinRequests 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'CDBGremlinRequests' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'CDBGremlinRequests' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_CDBMongoRequests 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'CDBMongoRequests' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'CDBMongoRequests' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_CDBPartitionKeyRUConsumption 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'CDBPartitionKeyRUConsumption' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'CDBPartitionKeyRUConsumption' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_CDBPartitionKeyStatistics 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'CDBPartitionKeyStatistics' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'CDBPartitionKeyStatistics' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_CDBQueryRuntimeStatistics 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'CDBQueryRuntimeStatistics' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'CDBQueryRuntimeStatistics' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ChaosStudioExperimentEventLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ChaosStudioExperimentEventLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ChaosStudioExperimentEventLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_CHSMManagementAuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'CHSMManagementAuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'CHSMManagementAuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_CIEventsAudit 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'CIEventsAudit' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'CIEventsAudit' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_CIEventsOperational 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'CIEventsOperational' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'CIEventsOperational' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ComputerGroup 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ComputerGroup' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ComputerGroup' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ContainerAppConsoleLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ContainerAppConsoleLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ContainerAppConsoleLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ContainerAppSystemLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ContainerAppSystemLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ContainerAppSystemLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ContainerEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ContainerEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ContainerEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ContainerImageInventory 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ContainerImageInventory' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ContainerImageInventory' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ContainerInstanceLog 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ContainerInstanceLog' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ContainerInstanceLog' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ContainerInventory 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ContainerInventory' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ContainerInventory' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ContainerLog 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ContainerLog' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ContainerLog' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ContainerLogV2 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ContainerLogV2' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ContainerLogV2' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ContainerNodeInventory 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ContainerNodeInventory' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ContainerNodeInventory' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ContainerRegistryLoginEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ContainerRegistryLoginEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ContainerRegistryLoginEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ContainerRegistryRepositoryEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ContainerRegistryRepositoryEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ContainerRegistryRepositoryEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ContainerServiceLog 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ContainerServiceLog' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ContainerServiceLog' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_CoreAzureBackup 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'CoreAzureBackup' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'CoreAzureBackup' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksAccounts 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksAccounts' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksAccounts' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksCapsule8Dataplane 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksCapsule8Dataplane' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksCapsule8Dataplane' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksClamAVScan 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksClamAVScan' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksClamAVScan' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksClusterLibraries 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksClusterLibraries' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksClusterLibraries' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksClusters 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksClusters' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksClusters' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksDatabricksSQL 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksDatabricksSQL' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksDatabricksSQL' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksDBFS 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksDBFS' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksDBFS' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksDeltaPipelines 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksDeltaPipelines' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksDeltaPipelines' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksFeatureStore 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksFeatureStore' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksFeatureStore' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksGenie 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksGenie' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksGenie' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksGitCredentials 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksGitCredentials' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksGitCredentials' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksGlobalInitScripts 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksGlobalInitScripts' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksGlobalInitScripts' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksIAMRole 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksIAMRole' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksIAMRole' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksInstancePools 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksInstancePools' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksInstancePools' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksJobs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksJobs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksJobs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksMLflowAcledArtifact 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksMLflowAcledArtifact' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksMLflowAcledArtifact' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksMLflowExperiment 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksMLflowExperiment' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksMLflowExperiment' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksModelRegistry 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksModelRegistry' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksModelRegistry' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksNotebook 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksNotebook' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksNotebook' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksPartnerHub 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksPartnerHub' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksPartnerHub' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksRemoteHistoryService 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksRemoteHistoryService' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksRemoteHistoryService' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksRepos 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksRepos' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksRepos' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksSecrets 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksSecrets' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksSecrets' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksServerlessRealTimeInference 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksServerlessRealTimeInference' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksServerlessRealTimeInference' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksSQL 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksSQL' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksSQL' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksSQLPermissions 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksSQLPermissions' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksSQLPermissions' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksSSH 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksSSH' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksSSH' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksTables 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksTables' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksTables' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksUnityCatalog 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksUnityCatalog' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksUnityCatalog' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksWebTerminal 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksWebTerminal' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksWebTerminal' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DatabricksWorkspace 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DatabricksWorkspace' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DatabricksWorkspace' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DataTransferOperations 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DataTransferOperations' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DataTransferOperations' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DCRLogErrors 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DCRLogErrors' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DCRLogErrors' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DCRLogTroubleshooting 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DCRLogTroubleshooting' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DCRLogTroubleshooting' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DevCenterBillingEventLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DevCenterBillingEventLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DevCenterBillingEventLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DevCenterDiagnosticLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DevCenterDiagnosticLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DevCenterDiagnosticLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DevCenterResourceOperationLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DevCenterResourceOperationLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DevCenterResourceOperationLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DNSQueryLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DNSQueryLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DNSQueryLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DSMAzureBlobStorageLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DSMAzureBlobStorageLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DSMAzureBlobStorageLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DSMDataClassificationLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DSMDataClassificationLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DSMDataClassificationLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_DSMDataLabelingLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'DSMDataLabelingLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'DSMDataLabelingLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_EGNFailedMqttConnections 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'EGNFailedMqttConnections' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'EGNFailedMqttConnections' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_EGNFailedMqttPublishedMessages 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'EGNFailedMqttPublishedMessages' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'EGNFailedMqttPublishedMessages' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_EGNFailedMqttSubscriptions 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'EGNFailedMqttSubscriptions' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'EGNFailedMqttSubscriptions' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_EGNMqttDisconnections 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'EGNMqttDisconnections' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'EGNMqttDisconnections' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_EGNSuccessfulMqttConnections 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'EGNSuccessfulMqttConnections' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'EGNSuccessfulMqttConnections' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_EnrichedMicrosoft365AuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'EnrichedMicrosoft365AuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'EnrichedMicrosoft365AuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ETWEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ETWEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ETWEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_Event 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'Event' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'Event' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ExchangeAssessmentRecommendation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ExchangeAssessmentRecommendation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ExchangeAssessmentRecommendation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ExchangeOnlineAssessmentRecommendation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ExchangeOnlineAssessmentRecommendation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ExchangeOnlineAssessmentRecommendation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_FailedIngestion 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'FailedIngestion' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'FailedIngestion' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_FunctionAppLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'FunctionAppLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'FunctionAppLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightAmbariClusterAlerts 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightAmbariClusterAlerts' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightAmbariClusterAlerts' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightAmbariSystemMetrics 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightAmbariSystemMetrics' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightAmbariSystemMetrics' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightGatewayAuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightGatewayAuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightGatewayAuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightHadoopAndYarnLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightHadoopAndYarnLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightHadoopAndYarnLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightHadoopAndYarnMetrics 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightHadoopAndYarnMetrics' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightHadoopAndYarnMetrics' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightHBaseLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightHBaseLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightHBaseLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightHBaseMetrics 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightHBaseMetrics' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightHBaseMetrics' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightHiveAndLLAPLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightHiveAndLLAPLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightHiveAndLLAPLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightHiveAndLLAPMetrics 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightHiveAndLLAPMetrics' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightHiveAndLLAPMetrics' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightHiveQueryAppStats 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightHiveQueryAppStats' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightHiveQueryAppStats' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightHiveTezAppStats 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightHiveTezAppStats' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightHiveTezAppStats' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightJupyterNotebookEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightJupyterNotebookEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightJupyterNotebookEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightKafkaLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightKafkaLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightKafkaLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightKafkaMetrics 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightKafkaMetrics' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightKafkaMetrics' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightKafkaServerLog 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightKafkaServerLog' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightKafkaServerLog' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightOozieLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightOozieLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightOozieLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightRangerAuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightRangerAuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightRangerAuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightSecurityLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightSecurityLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightSecurityLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightSparkApplicationEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightSparkApplicationEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightSparkApplicationEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightSparkBlockManagerEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightSparkBlockManagerEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightSparkBlockManagerEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightSparkEnvironmentEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightSparkEnvironmentEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightSparkEnvironmentEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightSparkExecutorEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightSparkExecutorEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightSparkExecutorEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightSparkExtraEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightSparkExtraEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightSparkExtraEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightSparkJobEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightSparkJobEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightSparkJobEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightSparkLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightSparkLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightSparkLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightSparkSQLExecutionEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightSparkSQLExecutionEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightSparkSQLExecutionEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightSparkStageEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightSparkStageEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightSparkStageEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightSparkStageTaskAccumulables 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightSparkStageTaskAccumulables' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightSparkStageTaskAccumulables' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightSparkTaskEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightSparkTaskEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightSparkTaskEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightStormLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightStormLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightStormLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightStormMetrics 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightStormMetrics' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightStormMetrics' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HDInsightStormTopologyMetrics 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HDInsightStormTopologyMetrics' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HDInsightStormTopologyMetrics' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_HealthStateChangeEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'HealthStateChangeEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'HealthStateChangeEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_Heartbeat 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'Heartbeat' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'Heartbeat' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_InsightsMetrics 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'InsightsMetrics' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'InsightsMetrics' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_IntuneAuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'IntuneAuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'IntuneAuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_IntuneDeviceComplianceOrg 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'IntuneDeviceComplianceOrg' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'IntuneDeviceComplianceOrg' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_IntuneDevices 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'IntuneDevices' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'IntuneDevices' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_IntuneOperationalLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'IntuneOperationalLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'IntuneOperationalLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_IoTHubDistributedTracing 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'IoTHubDistributedTracing' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'IoTHubDistributedTracing' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_KubeEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'KubeEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'KubeEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_KubeHealth 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'KubeHealth' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'KubeHealth' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_KubeMonAgentEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'KubeMonAgentEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'KubeMonAgentEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_KubeNodeInventory 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'KubeNodeInventory' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'KubeNodeInventory' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_KubePodInventory 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'KubePodInventory' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'KubePodInventory' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_KubePVInventory 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'KubePVInventory' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'KubePVInventory' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_KubeServices 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'KubeServices' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'KubeServices' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_LAQueryLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'LAQueryLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'LAQueryLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_LASummaryLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'LASummaryLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'LASummaryLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_LogicAppWorkflowRuntime 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'LogicAppWorkflowRuntime' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'LogicAppWorkflowRuntime' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_MCCEventLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'MCCEventLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'MCCEventLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_MCVPAuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'MCVPAuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'MCVPAuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_MCVPOperationLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'MCVPOperationLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'MCVPOperationLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_MicrosoftAzureBastionAuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'MicrosoftAzureBastionAuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'MicrosoftAzureBastionAuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_MicrosoftDataShareReceivedSnapshotLog 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'MicrosoftDataShareReceivedSnapshotLog' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'MicrosoftDataShareReceivedSnapshotLog' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_MicrosoftDataShareSentSnapshotLog 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'MicrosoftDataShareSentSnapshotLog' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'MicrosoftDataShareSentSnapshotLog' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_MicrosoftDataShareShareLog 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'MicrosoftDataShareShareLog' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'MicrosoftDataShareShareLog' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_MicrosoftDynamicsTelemetryPerformanceLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'MicrosoftDynamicsTelemetryPerformanceLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'MicrosoftDynamicsTelemetryPerformanceLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_MicrosoftDynamicsTelemetrySystemMetricsLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'MicrosoftDynamicsTelemetrySystemMetricsLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'MicrosoftDynamicsTelemetrySystemMetricsLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_MicrosoftGraphActivityLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'MicrosoftGraphActivityLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'MicrosoftGraphActivityLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_MicrosoftHealthcareApisAuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'MicrosoftHealthcareApisAuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'MicrosoftHealthcareApisAuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_MNFDeviceUpdates 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'MNFDeviceUpdates' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'MNFDeviceUpdates' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_MNFSystemStateMessageUpdates 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'MNFSystemStateMessageUpdates' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'MNFSystemStateMessageUpdates' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_NCBMSecurityLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'NCBMSecurityLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'NCBMSecurityLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_NCBMSystemLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'NCBMSystemLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'NCBMSystemLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_NCCKubernetesLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'NCCKubernetesLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'NCCKubernetesLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_NCCVMOrchestrationLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'NCCVMOrchestrationLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'NCCVMOrchestrationLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_NCSStorageAlerts 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'NCSStorageAlerts' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'NCSStorageAlerts' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_NCSStorageLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'NCSStorageLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'NCSStorageLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_NetworkAccessTraffic 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'NetworkAccessTraffic' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'NetworkAccessTraffic' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_NSPAccessLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'NSPAccessLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'NSPAccessLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_NTAIpDetails 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'NTAIpDetails' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'NTAIpDetails' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_NTANetAnalytics 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'NTANetAnalytics' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'NTANetAnalytics' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_NTATopologyDetails 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'NTATopologyDetails' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'NTATopologyDetails' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_NWConnectionMonitorDestinationListenerResult 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'NWConnectionMonitorDestinationListenerResult' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'NWConnectionMonitorDestinationListenerResult' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_NWConnectionMonitorDNSResult 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'NWConnectionMonitorDNSResult' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'NWConnectionMonitorDNSResult' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_NWConnectionMonitorPathResult 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'NWConnectionMonitorPathResult' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'NWConnectionMonitorPathResult' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_NWConnectionMonitorTestResult 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'NWConnectionMonitorTestResult' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'NWConnectionMonitorTestResult' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_OEPAirFlowTask 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'OEPAirFlowTask' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'OEPAirFlowTask' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_OEPAuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'OEPAuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'OEPAuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_OEPDataplaneLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'OEPDataplaneLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'OEPDataplaneLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_OEPElasticOperator 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'OEPElasticOperator' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'OEPElasticOperator' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_OEPElasticsearch 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'OEPElasticsearch' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'OEPElasticsearch' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_OLPSupplyChainEntityOperations 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'OLPSupplyChainEntityOperations' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'OLPSupplyChainEntityOperations' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_OLPSupplyChainEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'OLPSupplyChainEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'OLPSupplyChainEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_Operation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'Operation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'Operation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_Perf 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'Perf' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'Perf' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_PFTitleAuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'PFTitleAuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'PFTitleAuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_PowerBIAuditTenant 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'PowerBIAuditTenant' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'PowerBIAuditTenant' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_PowerBIDatasetsTenant 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'PowerBIDatasetsTenant' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'PowerBIDatasetsTenant' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_PowerBIDatasetsTenantPreview 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'PowerBIDatasetsTenantPreview' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'PowerBIDatasetsTenantPreview' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_PowerBIDatasetsWorkspace 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'PowerBIDatasetsWorkspace' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'PowerBIDatasetsWorkspace' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_PowerBIDatasetsWorkspacePreview 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'PowerBIDatasetsWorkspacePreview' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'PowerBIDatasetsWorkspacePreview' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_PowerBIReportUsageTenant 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'PowerBIReportUsageTenant' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'PowerBIReportUsageTenant' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_PowerBIReportUsageWorkspace 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'PowerBIReportUsageWorkspace' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'PowerBIReportUsageWorkspace' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_PurviewDataSensitivityLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'PurviewDataSensitivityLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'PurviewDataSensitivityLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_PurviewScanStatusLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'PurviewScanStatusLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'PurviewScanStatusLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_PurviewSecurityLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'PurviewSecurityLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'PurviewSecurityLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_REDConnectionEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'REDConnectionEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'REDConnectionEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ResourceManagementPublicAccessLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ResourceManagementPublicAccessLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ResourceManagementPublicAccessLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SCCMAssessmentRecommendation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SCCMAssessmentRecommendation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SCCMAssessmentRecommendation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SCOMAssessmentRecommendation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SCOMAssessmentRecommendation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SCOMAssessmentRecommendation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ServiceFabricOperationalEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ServiceFabricOperationalEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ServiceFabricOperationalEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ServiceFabricReliableActorEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ServiceFabricReliableActorEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ServiceFabricReliableActorEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_ServiceFabricReliableServiceEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'ServiceFabricReliableServiceEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'ServiceFabricReliableServiceEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SfBAssessmentRecommendation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SfBAssessmentRecommendation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SfBAssessmentRecommendation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SfBOnlineAssessmentRecommendation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SfBOnlineAssessmentRecommendation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SfBOnlineAssessmentRecommendation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SharePointOnlineAssessmentRecommendation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SharePointOnlineAssessmentRecommendation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SharePointOnlineAssessmentRecommendation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SignalRServiceDiagnosticLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SignalRServiceDiagnosticLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SignalRServiceDiagnosticLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SigninLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SigninLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SigninLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SPAssessmentRecommendation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SPAssessmentRecommendation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SPAssessmentRecommendation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SQLAssessmentRecommendation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SQLAssessmentRecommendation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SQLAssessmentRecommendation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SQLSecurityAuditEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SQLSecurityAuditEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SQLSecurityAuditEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_StorageAntimalwareScanResults 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'StorageAntimalwareScanResults' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'StorageAntimalwareScanResults' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_StorageBlobLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'StorageBlobLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'StorageBlobLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_StorageCacheOperationEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'StorageCacheOperationEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'StorageCacheOperationEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_StorageCacheUpgradeEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'StorageCacheUpgradeEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'StorageCacheUpgradeEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_StorageCacheWarningEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'StorageCacheWarningEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'StorageCacheWarningEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_StorageFileLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'StorageFileLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'StorageFileLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_StorageMalwareScanningResults 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'StorageMalwareScanningResults' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'StorageMalwareScanningResults' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_StorageMoverCopyLogsFailed 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'StorageMoverCopyLogsFailed' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'StorageMoverCopyLogsFailed' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_StorageMoverCopyLogsTransferred 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'StorageMoverCopyLogsTransferred' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'StorageMoverCopyLogsTransferred' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_StorageMoverJobRunLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'StorageMoverJobRunLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'StorageMoverJobRunLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_StorageQueueLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'StorageQueueLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'StorageQueueLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_StorageTableLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'StorageTableLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'StorageTableLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SucceededIngestion 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SucceededIngestion' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SucceededIngestion' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseBigDataPoolApplicationsEnded 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseBigDataPoolApplicationsEnded' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseBigDataPoolApplicationsEnded' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseBuiltinSqlPoolRequestsEnded 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseBuiltinSqlPoolRequestsEnded' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseBuiltinSqlPoolRequestsEnded' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseDXCommand 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseDXCommand' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseDXCommand' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseDXFailedIngestion 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseDXFailedIngestion' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseDXFailedIngestion' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseDXIngestionBatching 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseDXIngestionBatching' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseDXIngestionBatching' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseDXQuery 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseDXQuery' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseDXQuery' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseDXSucceededIngestion 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseDXSucceededIngestion' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseDXSucceededIngestion' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseDXTableDetails 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseDXTableDetails' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseDXTableDetails' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseDXTableUsageStatistics 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseDXTableUsageStatistics' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseDXTableUsageStatistics' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseGatewayApiRequests 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseGatewayApiRequests' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseGatewayApiRequests' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseGatewayEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseGatewayEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseGatewayEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseIntegrationActivityRuns 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseIntegrationActivityRuns' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseIntegrationActivityRuns' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseIntegrationActivityRunsEnded 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseIntegrationActivityRunsEnded' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseIntegrationActivityRunsEnded' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseIntegrationPipelineRuns 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseIntegrationPipelineRuns' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseIntegrationPipelineRuns' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseIntegrationPipelineRunsEnded 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseIntegrationPipelineRunsEnded' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseIntegrationPipelineRunsEnded' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseIntegrationTriggerRuns 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseIntegrationTriggerRuns' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseIntegrationTriggerRuns' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseIntegrationTriggerRunsEnded 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseIntegrationTriggerRunsEnded' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseIntegrationTriggerRunsEnded' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseLinkEvent 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseLinkEvent' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseLinkEvent' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseRBACEvents 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseRBACEvents' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseRBACEvents' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseRbacOperations 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseRbacOperations' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseRbacOperations' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseScopePoolScopeJobsEnded 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseScopePoolScopeJobsEnded' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseScopePoolScopeJobsEnded' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseScopePoolScopeJobsStateChange 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseScopePoolScopeJobsStateChange' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseScopePoolScopeJobsStateChange' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseSqlPoolDmsWorkers 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseSqlPoolDmsWorkers' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseSqlPoolDmsWorkers' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseSqlPoolExecRequests 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseSqlPoolExecRequests' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseSqlPoolExecRequests' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseSqlPoolRequestSteps 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseSqlPoolRequestSteps' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseSqlPoolRequestSteps' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseSqlPoolSqlRequests 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseSqlPoolSqlRequests' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseSqlPoolSqlRequests' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_SynapseSqlPoolWaits 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'SynapseSqlPoolWaits' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'SynapseSqlPoolWaits' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_Syslog 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'Syslog' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'Syslog' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_TSIIngress 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'TSIIngress' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'TSIIngress' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_UCClient 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'UCClient' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'UCClient' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_UCClientReadinessStatus 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'UCClientReadinessStatus' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'UCClientReadinessStatus' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_UCClientUpdateStatus 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'UCClientUpdateStatus' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'UCClientUpdateStatus' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_UCDeviceAlert 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'UCDeviceAlert' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'UCDeviceAlert' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_UCDOAggregatedStatus 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'UCDOAggregatedStatus' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'UCDOAggregatedStatus' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_UCDOStatus 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'UCDOStatus' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'UCDOStatus' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_UCServiceUpdateStatus 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'UCServiceUpdateStatus' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'UCServiceUpdateStatus' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_UCUpdateAlert 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'UCUpdateAlert' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'UCUpdateAlert' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_Usage 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'Usage' + properties: { + totalRetentionInDays: 90 + plan: 'Analytics' + schema: { + name: 'Usage' + } + retentionInDays: 90 + } +} + +resource workspaces_logalyti_name_VCoreMongoRequests 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'VCoreMongoRequests' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'VCoreMongoRequests' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_VIAudit 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'VIAudit' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'VIAudit' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_VIIndexing 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'VIIndexing' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'VIIndexing' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_VMBoundPort 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'VMBoundPort' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'VMBoundPort' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_VMComputer 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'VMComputer' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'VMComputer' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_VMConnection 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'VMConnection' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'VMConnection' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_VMProcess 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'VMProcess' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'VMProcess' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_W3CIISLog 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'W3CIISLog' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'W3CIISLog' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_WebPubSubConnectivity 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'WebPubSubConnectivity' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'WebPubSubConnectivity' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_WebPubSubHttpRequest 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'WebPubSubHttpRequest' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'WebPubSubHttpRequest' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_WebPubSubMessaging 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'WebPubSubMessaging' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'WebPubSubMessaging' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_Windows365AuditLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'Windows365AuditLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'Windows365AuditLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_WindowsClientAssessmentRecommendation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'WindowsClientAssessmentRecommendation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'WindowsClientAssessmentRecommendation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_WindowsServerAssessmentRecommendation 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'WindowsServerAssessmentRecommendation' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'WindowsServerAssessmentRecommendation' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_WorkloadDiagnosticLogs 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'WorkloadDiagnosticLogs' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'WorkloadDiagnosticLogs' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_WVDAgentHealthStatus 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'WVDAgentHealthStatus' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'WVDAgentHealthStatus' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_WVDAutoscaleEvaluationPooled 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'WVDAutoscaleEvaluationPooled' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'WVDAutoscaleEvaluationPooled' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_WVDCheckpoints 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'WVDCheckpoints' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'WVDCheckpoints' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_WVDConnectionGraphicsDataPreview 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'WVDConnectionGraphicsDataPreview' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'WVDConnectionGraphicsDataPreview' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_WVDConnectionNetworkData 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'WVDConnectionNetworkData' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'WVDConnectionNetworkData' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_WVDConnections 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'WVDConnections' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'WVDConnections' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_WVDErrors 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'WVDErrors' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'WVDErrors' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_WVDFeeds 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'WVDFeeds' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'WVDFeeds' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_WVDHostRegistrations 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'WVDHostRegistrations' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'WVDHostRegistrations' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_WVDManagement 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'WVDManagement' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'WVDManagement' + } + retentionInDays: 30 + } +} + +resource workspaces_logalyti_name_WVDSessionHostManagement 'Microsoft.OperationalInsights/workspaces/tables@2021-12-01-preview' = { + parent: workspaces_logalyti_name_resource + name: 'WVDSessionHostManagement' + properties: { + totalRetentionInDays: 30 + plan: 'Analytics' + schema: { + name: 'WVDSessionHostManagement' + } + retentionInDays: 30 + } +} + +resource storageAccounts_name_default 'Microsoft.Storage/storageAccounts/blobServices@2023-01-01' = { + parent: storageAccounts_name_resource + name: 'default' + sku: { name: 'Standard_LRS' } + properties: { + cors: { + corsRules: [ + { + allowedOrigins: [ + 'https://mlworkspace.azure.ai' + 'https://ml.azure.com' + 'https://*.ml.azure.com' + 'https://ai.azure.com' + 'https://*.ai.azure.com' + ] + allowedMethods: [ + 'GET' + 'HEAD' + 'POST' + 'PUT' + 'DELETE' + 'OPTIONS' + 'PATCH' + ] + maxAgeInSeconds: 1800 + exposedHeaders: [ + '*' + ] + allowedHeaders: [ + '*' + ] + } + ] + } + deleteRetentionPolicy: { + allowPermanentDelete: false + enabled: false + } + } +} + +resource Microsoft_Storage_storageAccounts_fileServices_storageAccounts_name_default 'Microsoft.Storage/storageAccounts/fileServices@2023-01-01' = { + parent: storageAccounts_name_resource + name: 'default' + sku: { + name: 'Standard_LRS' + } + properties: { + protocolSettings: { + smb: {} + } + cors: { + corsRules: [] + } + shareDeleteRetentionPolicy: { + enabled: true + days: 7 + } + } +} + +resource storageAccounts_name_storageAccounts_name_313c91b4_8924_456a_af0f_a528cb988c4a 'Microsoft.Storage/storageAccounts/privateEndpointConnections@2023-01-01' = { + parent: storageAccounts_name_resource + name: '${storageAccounts_name}.313c91b4-8924-456a-af0f-a528cb988c4a' + properties: { + privateEndpoint: {} + privateLinkServiceConnectionState: { + status: 'Approved' + description: 'Auto approved by Azure Machine Learning' + actionRequired: 'None' + } + } +} + +resource storageAccounts_name_storageAccounts_name_50a0f929_657b_4449_b358_ddefb44aae6f 'Microsoft.Storage/storageAccounts/privateEndpointConnections@2023-01-01' = { + parent: storageAccounts_name_resource + name: '${storageAccounts_name}.50a0f929-657b-4449-b358-ddefb44aae6f' + properties: { + privateEndpoint: {} + privateLinkServiceConnectionState: { + status: 'Approved' + description: 'Auto approved by Azure Machine Learning' + actionRequired: 'None' + } + } +} + +resource storageAccounts_name_storageAccounts_name_8cd3527b_27a5_472f_b91a_20198b3cc600 'Microsoft.Storage/storageAccounts/privateEndpointConnections@2023-01-01' = { + parent: storageAccounts_name_resource + name: '${storageAccounts_name}.8cd3527b-27a5-472f-b91a-20198b3cc600' + properties: { + privateEndpoint: {} + privateLinkServiceConnectionState: { + status: 'Approved' + description: 'Auto approved by Azure Machine Learning' + actionRequired: 'None' + } + } +} + +resource storageAccounts_name_storageAccounts_name_b1a0b60c_163c_4119_946c_6207ae859d6c 'Microsoft.Storage/storageAccounts/privateEndpointConnections@2023-01-01' = { + parent: storageAccounts_name_resource + name: '${storageAccounts_name}.b1a0b60c-163c-4119-946c-6207ae859d6c' + properties: { + privateEndpoint: {} + privateLinkServiceConnectionState: { + status: 'Approved' + description: 'Auto approved by Azure Machine Learning' + actionRequired: 'None' + } + } +} + +resource storageAccounts_name_storageAccounts_name_f798854b_3961_4a92_90fa_bed30e20745e 'Microsoft.Storage/storageAccounts/privateEndpointConnections@2023-01-01' = { + parent: storageAccounts_name_resource + name: '${storageAccounts_name}.f798854b-3961-4a92-90fa-bed30e20745e' + properties: { + privateEndpoint: {} + privateLinkServiceConnectionState: { + status: 'Approved' + description: 'Auto-Approved' + actionRequired: 'None' + } + } +} + +resource Microsoft_Storage_storageAccounts_queueServices_storageAccounts_name_default 'Microsoft.Storage/storageAccounts/queueServices@2023-01-01' = { + parent: storageAccounts_name_resource + name: 'default' + properties: { + cors: { + corsRules: [] + } + } +} + +resource Microsoft_Storage_storageAccounts_tableServices_storageAccounts_name_default 'Microsoft.Storage/storageAccounts/tableServices@2023-01-01' = { + parent: storageAccounts_name_resource + name: 'default' + properties: { + cors: { + corsRules: [] + } + } +} + +resource smartdetectoralertrules_failure_anomalies_insights_name_resource 'microsoft.alertsmanagement/smartdetectoralertrules@2021-04-01' = { + name: smartdetectoralertrules_failure_anomalies_insights_name + location: 'global' + properties: { + description: 'Failure Anomalies notifies you of an unusual rise in the rate of failed HTTP requests or dependency calls.' + state: 'Enabled' + severity: 'Sev3' + frequency: 'PT1M' + detector: { + id: 'FailureAnomaliesDetector' + } + scope: [ + components_insights_name_resource.id + ] + actionGroups: { + groupIds: [ + actionGroups_Application_Insights_Smart_Detection_name_resource.id + ] + } + } +} + +resource storageAccounts_name_default_azureml 'Microsoft.Storage/storageAccounts/blobServices/containers@2023-01-01' = { + parent: storageAccounts_name_default + name: 'azureml' + properties: { + immutableStorageWithVersioning: { + enabled: false + } + defaultEncryptionScope: '$account-encryption-key' + denyEncryptionScopeOverride: false + publicAccess: 'None' + } +} + +resource storageAccounts_name_default_azureml_blobstore_419b3a2c_288c_4391_9f1e_236c0b6e471b 'Microsoft.Storage/storageAccounts/blobServices/containers@2023-01-01' = { + parent: storageAccounts_name_default + name: 'azureml-blobstore-419b3a2c-288c-4391-9f1e-236c0b6e471b' + properties: { + immutableStorageWithVersioning: { + enabled: false + } + defaultEncryptionScope: '$account-encryption-key' + denyEncryptionScopeOverride: false + publicAccess: 'None' + } +} + +resource storageAccounts_name_default_azureml_filestore_419b3a2c_288c_4391_9f1e_236c0b6e471b 'Microsoft.Storage/storageAccounts/fileServices/shares@2023-01-01' = { + parent: Microsoft_Storage_storageAccounts_fileServices_storageAccounts_name_default + name: 'azureml-filestore-419b3a2c-288c-4391-9f1e-236c0b6e471b' + properties: { + accessTier: 'TransactionOptimized' + shareQuota: 5120 + enabledProtocols: 'SMB' + } +} + +resource storageAccounts_name_default_code_391ff5ac_6576_460f_ba4d_7e03433c68b6 'Microsoft.Storage/storageAccounts/fileServices/shares@2023-01-01' = { + parent: Microsoft_Storage_storageAccounts_fileServices_storageAccounts_name_default + name: 'code-391ff5ac-6576-460f-ba4d-7e03433c68b6' + properties: { + accessTier: 'TransactionOptimized' + shareQuota: 5120 + enabledProtocols: 'SMB' + } +} + +resource workspaces_name_resource 'Microsoft.MachineLearningServices/workspaces@2023-10-01' = { + name: workspaces_name + location: location + tags: { + createdByToolkit: 'cli-v2-1.12.0' + 'managed-vnet workspace': 'managed-vnet-workspace' + } + sku: { + name: 'Basic' + } + kind: 'Default' + identity: { + type: 'SystemAssigned' + } + properties: { + friendlyName: workspaces_name + description: workspaces_name + storageAccount: storageAccounts_name_resource.id + keyVault: vaults_keyvault_name_resource.id + applicationInsights: components_insights_name_resource.id + hbiWorkspace: false + imageBuildCompute: '${workspaces_name}_compute' + managedNetwork: { + isolationMode: 'AllowOnlyApprovedOutbound' + outboundRules: { + 'added-servicetagrule': { + type: 'ServiceTag' + destination: { + serviceTag: 'DataFactory' + protocol: 'TCP' + portRanges: '80, 8080' + action: 'Allow' + } + status: 'Active' + category: 'UserDefined' + } + 'add-fqdnrule': { + type: 'FQDN' + destination: 'pypi.org' + status: 'Active' + category: 'UserDefined' + } + 'added-perule': { + type: 'PrivateEndpoint' + destination: { + serviceResourceId: storageAccounts_name_resource.id + subresourceTarget: 'blob' + sparkEnabled: true + sparkStatus: 'Inactive' + } + status: 'Inactive' + category: 'UserDefined' + } + 'add-fqdn-anaconda': { + type: 'FQDN' + destination: '*.anaconda.com' + status: 'Active' + category: 'UserDefined' + } + 'code-vscode-fqdn': { + type: 'FQDN' + destination: 'code.visualstudio.com' + status: 'Active' + category: 'UserDefined' + } + 'default-exp-tas-com': { + type: 'FQDN' + destination: 'default.exp-tas.com' + status: 'Active' + category: 'UserDefined' + } + gallerycdn_fqdn: { + type: 'FQDN' + destination: '*.gallerycdn.vsassets.io' + status: 'Active' + category: 'UserDefined' + } + 'marketplace-visualstudio-com': { + type: 'FQDN' + destination: 'marketplace.visualstudio.com' + status: 'Active' + category: 'UserDefined' + } + pytorch_fqdn: { + type: 'FQDN' + destination: '*.pytorch.org' + status: 'Active' + category: 'UserDefined' + } + queue: { + type: 'PrivateEndpoint' + destination: { + serviceResourceId: storageAccounts_name_resource.id + subresourceTarget: 'queue' + sparkEnabled: false + sparkStatus: 'Inactive' + } + status: 'Active' + category: 'UserDefined' + } + rawgithub_fqdn: { + type: 'FQDN' + destination: 'raw.githubusercontent.com' + status: 'Active' + category: 'UserDefined' + } + table: { + type: 'PrivateEndpoint' + destination: { + serviceResourceId: storageAccounts_name_resource.id + subresourceTarget: 'table' + sparkEnabled: false + sparkStatus: 'Inactive' + } + status: 'Active' + category: 'UserDefined' + } + tensorflow_fqdn: { + type: 'FQDN' + destination: '*.tensorflow.org' + status: 'Active' + category: 'UserDefined' + } + 'updatecode-vscode-fqdn': { + type: 'FQDN' + destination: 'update.code.visualstudio.com' + status: 'Active' + category: 'UserDefined' + } + 'vomsecnd-fqdn': { + type: 'FQDN' + destination: '*.vo.msecnd.net' + status: 'Active' + category: 'UserDefined' + } + vs_code_blob: { + type: 'FQDN' + destination: '' + status: 'Active' + category: 'UserDefined' + } + vscode_cdn: { + type: 'FQDN' + destination: '*.vscode-cdn.net' + status: 'Active' + category: 'UserDefined' + } + vscode_fqdn: { + type: 'FQDN' + destination: '*.vscode.dev' + status: 'Active' + category: 'UserDefined' + } + vscode_unpkg_fqdn: { + type: 'FQDN' + destination: '*.vscode-unpkg.net' + status: 'Active' + category: 'UserDefined' + } + 'vscodeexperiments-azureedge-net': { + type: 'FQDN' + destination: '*.vscodeexperiments.azureedge.net' + status: 'Active' + category: 'UserDefined' + } + '__SYS_ST_AzureFrontDoor.FirstParty': { + type: 'ServiceTag' + destination: { + serviceTag: 'AzureFrontDoor.FirstParty' + protocol: '*' + portRanges: '*' + action: 'Allow' + } + status: 'Active' + category: 'Required' + } + __SYS_PE_yogirenws_amlworkspace: { + type: 'PrivateEndpoint' + destination: { + serviceResourceId: workspaces_name + subresourceTarget: 'amlworkspace' + sparkEnabled: true + sparkStatus: 'Active' + } + status: 'Active' + category: 'Required' + } + __SYS_PE_mlwspocstoraged4813c4856_file: { + type: 'PrivateEndpoint' + destination: { + serviceResourceId: storageAccounts_name_resource.id + subresourceTarget: 'file' + sparkEnabled: true + sparkStatus: 'Active' + } + status: 'Active' + category: 'Required' + } + __SYS_ST_VirtualNetwork: { + type: 'ServiceTag' + destination: { + serviceTag: 'VirtualNetwork' + protocol: '*' + portRanges: '*' + action: 'Allow' + } + status: 'Active' + category: 'Required' + } + __SYS_ST_AzureMonitor_TCP: { + type: 'ServiceTag' + destination: { + serviceTag: 'AzureMonitor' + protocol: 'TCP' + portRanges: '443' + action: 'Allow' + } + status: 'Active' + category: 'Required' + } + __SYS_ST_AzureMachineLearning_TCP: { + type: 'ServiceTag' + destination: { + serviceTag: 'AzureMachineLearning' + protocol: 'TCP' + portRanges: '443' + action: 'Allow' + } + status: 'Active' + category: 'Required' + } + + __SYS_PE_mlwspockeyvault87fdea5cb_vault: { + type: 'PrivateEndpoint' + destination: { + serviceResourceId: vaults_keyvault_name_resource.id + subresourceTarget: 'vault' + sparkEnabled: false + sparkStatus: 'Inactive' + } + status: 'Active' + category: 'Required' + } + __SYS_PE_mlwspocstoraged4813c4856_blob: { + type: 'PrivateEndpoint' + destination: { + serviceResourceId: storageAccounts_name_resource.id + subresourceTarget: 'blob' + sparkEnabled: true + sparkStatus: 'Active' + } + status: 'Active' + category: 'Required' + } + __SYS_ST_AzureMachineLearning_UDP: { + type: 'ServiceTag' + destination: { + serviceTag: 'AzureMachineLearning' + protocol: 'UDP' + portRanges: '5831' + action: 'Allow' + } + status: 'Active' + category: 'Required' + } + __SYS_ST_AzureActiveDirectory_TCP: { + type: 'ServiceTag' + destination: { + serviceTag: 'AzureActiveDirectory' + protocol: 'TCP' + portRanges: '80, 443' + action: 'Allow' + } + status: 'Active' + category: 'Required' + } + __SYS_ST_BatchNodeManagement_TCP: { + type: 'ServiceTag' + destination: { + serviceTag: 'BatchNodeManagement' + protocol: 'TCP' + portRanges: '443' + action: 'Allow' + } + status: 'Active' + category: 'Required' + } + '__SYS_ST_MicrosoftContainerRegistry.westus_TCP': { + type: 'ServiceTag' + destination: { + serviceTag: 'MicrosoftContainerRegistry.westus' + protocol: 'TCP' + portRanges: '443' + action: 'Allow' + } + status: 'Active' + category: 'Required' + } + __SYS_ST_AzureResourceManager_TCP: { + type: 'ServiceTag' + destination: { + serviceTag: 'AzureResourceManager' + protocol: 'TCP' + portRanges: '443' + action: 'Allow' + } + status: 'Active' + category: 'Required' + } + } + status: { + status: 'Active' + sparkReady: false + } + } + + v1LegacyMode: false + publicNetworkAccess: 'Disabled' + discoveryUrl: 'https://419b3a2c-288c-4391-9f1e-236c0b6e471b.workspace.westus.api.azureml.ms/discovery/workspaces/419b3a2c-288c-4391-9f1e-236c0b6e471b' + serverlessComputeSettings: { + serverlessComputeNoPublicIP: false + } + } +} diff --git a/src/az-aml-managed-vnet/deploy/bicep/virtual-network-integration-recipes b/src/az-aml-managed-vnet/deploy/bicep/virtual-network-integration-recipes new file mode 160000 index 0000000..b037612 --- /dev/null +++ b/src/az-aml-managed-vnet/deploy/bicep/virtual-network-integration-recipes @@ -0,0 +1 @@ +Subproject commit b037612a30f76667f249d8030958a2c0cd0eb59b diff --git a/src/az-aml-managed-vnet/deploy/bicep/workspace_outbound_rules.yaml b/src/az-aml-managed-vnet/deploy/bicep/workspace_outbound_rules.yaml new file mode 100644 index 0000000..6455f75 --- /dev/null +++ b/src/az-aml-managed-vnet/deploy/bicep/workspace_outbound_rules.yaml @@ -0,0 +1,98 @@ +name: mlws_poc +location: WESTUS +managed_network: + isolation_mode: allow_only_approved_outbound + outbound_rules: + - name: added-servicetagrule + destination: + port_ranges: 80, 8080 + protocol: TCP + service_tag: DataFactory + type: service_tag + - name: pypi-fqdn + destination: 'pypi.org' + type: fqdn + - name: ananconda-fqdn + destination: 'anaconda.com' + type: fqdn + - name: all-anaconda-fqdn + destination: '*.anaconda.org' + type: fqdn + - name: pytorch-fqdn + destination: '*.pytorch.org' + type: fqdn + - name: tensorflow-fqdn + destination: '*.tensorflow.org' + type: fqdn + - name: code-vscode-fqdn + destination: code.visualstudio.com + type: fqdn + - name: default-exp-tas-com + destination: default.exp-tas.com + type: fqdn + - name: gallerycdn_fqdn + destination: *.gallerycdn.vassets.io + type: fqdn + - name: marketplace-visualstudio-com + destination: marketplace.visualstudio.com + type: fqdn + - name: rawgithub_fqdn + destination: raw.githubusercontent.com + type: fqdn + - name: updatecode-vscode-fqdn + destination: update.code.visualstudio.com + type: fqdn + - name: vomsecnd-fqdn + destination: *.vo.msecnd.net + type: fqdn + - name: vs_code_blob + destination: vscode.blob.core.windows.net + type: fqdn + - name: vscode_cdn + destination: *.vscode-cdn.net + type: fqdn + - name: vscode_fqdn + destination: *.vscode.dev + type: fqdn + - name: vscode_unpkg_fqdn + destination: *.vscode-unpkg.net + type: fqdn + - name: vscodeexperiments-azureedge-net + destination: *.vscodeexperiments.azureedge.net + type: fqdn + - name: queue_batch_endpoints + destination: + service_resource_id: + spark_enabled: false + subresource_target: queue + type: private_endpoint + - name: table_batch_endpoints + destination: + service_resource_id: + spark_enabled: false + subresource_target: table + type: private_endpoint + - name: docker.io + destination: dockerio-fqdn + type: fqdn + - name: alldocker-io-fqdn + destination: *.docker.io + type: fqdn + - name: docker-com-fqdn + destination: *.docker.com + type: fqdn + - name: prod-cloudflare-docker-fqdn + destination: production.cloudfare.docker.com + type: fqdn + - name: cdn-auth0-com-fqdn + destination: cdn.auth0.com + type: fqdn + - name: cdn-lfs-huggingface-co-fqdn + destination: cdn-lfs.huggingface.co + type: fqdn + - name: added-perule + destination: + service_resource_id: /subscriptions/06600e5d-08f4-4cad-b7ba-2c397f811d11/resourceGroups/rg_poc/providers/Microsoft.Storage/storageAccounts/mlwspocstoraged4813c4856 + spark_enabled: true + subresource_target: blob + type: private_endpoint diff --git a/src/az-aml-managed-vnet/deploy/shell_script/az_script.sh b/src/az-aml-managed-vnet/deploy/shell_script/az_script.sh new file mode 100644 index 0000000..bdf467e --- /dev/null +++ b/src/az-aml-managed-vnet/deploy/shell_script/az_script.sh @@ -0,0 +1,37 @@ +#!/bin/bash + +# Azure CLI commands to execute +az_login() { + # Log in to Azure (interactive login) + az login +} + +az_list_resource_groups() { + # List all resource groups in the current subscription + az group list --output table +} + +az_create_resource_group() { + # Create a new resource group + resource_group_name="MyResourceGroup" + location="East US" + + az group create --name $resource_group_name --location $location +} + +# Execute Azure CLI commands +echo "Logging in to Azure..." +az_login + +echo "Listing resource groups..." +az_list_resource_groups + +echo "Creating a new resource group..." +az_create_resource_group + +echo "Listing resource groups after creation..." +az_list_resource_groups + +# Additional Azure CLI commands can be added as needed + +# Note: It's important to handle errors and edge cases appropriately in a production script. diff --git a/src/az-aml-managed-vnet/media/AML_ManagedVNet_Secure_Architecture.png b/src/az-aml-managed-vnet/media/AML_ManagedVNet_Secure_Architecture.png new file mode 100644 index 0000000..2d392fe Binary files /dev/null and b/src/az-aml-managed-vnet/media/AML_ManagedVNet_Secure_Architecture.png differ diff --git a/src/az-aml-managed-vnet/media/AML_ManagedVNet_Secure_Architecture.vsdx b/src/az-aml-managed-vnet/media/AML_ManagedVNet_Secure_Architecture.vsdx new file mode 100644 index 0000000..d53baf1 Binary files /dev/null and b/src/az-aml-managed-vnet/media/AML_ManagedVNet_Secure_Architecture.vsdx differ diff --git a/src/az-aml-managed-vnet/media/connectivity_via_bridge_network.png b/src/az-aml-managed-vnet/media/connectivity_via_bridge_network.png new file mode 100644 index 0000000..3b03e82 Binary files /dev/null and b/src/az-aml-managed-vnet/media/connectivity_via_bridge_network.png differ diff --git a/src/az-aml-managed-vnet/media/curl_terraform_windows.png b/src/az-aml-managed-vnet/media/curl_terraform_windows.png new file mode 100644 index 0000000..5f27822 Binary files /dev/null and b/src/az-aml-managed-vnet/media/curl_terraform_windows.png differ diff --git a/src/az-aml-managed-vnet/media/gitbash_azaccountshow.png b/src/az-aml-managed-vnet/media/gitbash_azaccountshow.png new file mode 100644 index 0000000..eecec2d Binary files /dev/null and b/src/az-aml-managed-vnet/media/gitbash_azaccountshow.png differ diff --git a/src/az-aml-managed-vnet/media/gitbash_pwd.png b/src/az-aml-managed-vnet/media/gitbash_pwd.png new file mode 100644 index 0000000..78a5f7d Binary files /dev/null and b/src/az-aml-managed-vnet/media/gitbash_pwd.png differ diff --git a/src/az-aml-managed-vnet/media/terraform_outofdate.png b/src/az-aml-managed-vnet/media/terraform_outofdate.png new file mode 100644 index 0000000..500f44e Binary files /dev/null and b/src/az-aml-managed-vnet/media/terraform_outofdate.png differ diff --git a/src/az-aml-managed-vnet/media/unzip_terraform.png b/src/az-aml-managed-vnet/media/unzip_terraform.png new file mode 100644 index 0000000..58fc0da Binary files /dev/null and b/src/az-aml-managed-vnet/media/unzip_terraform.png differ