Fix Log analytics workspace removal (#841)

* change st ins config default name

* law & order

* output

* purge law

* Update utilities/pipelines/resourceRemoval/helper/Invoke-ResourcePostRemoval.ps1

Co-authored-by: Alexander Sehr <ASehr@hotmail.de>

* add check purge

* add break

* remove if

Co-authored-by: Erika Gressi <erikag.microsoft.com>
Co-authored-by: Alexander Sehr <ASehr@hotmail.de>

arm/Microsoft.OperationalInsights/workspaces/deploy.bicep

@@ -251,7 +251,7 @@ module logAnalyticsWorkspace_rbac '.bicep/nested_rbac.bicep' = [for (roleAssignm
 @description('The resource ID of the deployed log analytics workspace')
 output logAnalyticsResourceId string = logAnalyticsWorkspace.id
 
-@description('The resource group where the log analytics will be deployed')
+@description('The resource group of the deployed log analytics workspace')
 output logAnalyticsResourceGroup string = resourceGroup().name
 
 @description('The name of the deployed log analytics workspace')

arm/Microsoft.OperationalInsights/workspaces/readme.md

@@ -123,18 +123,18 @@ Tag names and tag values can be provided as needed. A tag can be left without a
 | Output Name | Type | Description |
 | :-- | :-- | :-- |
 | `logAnalyticsName` | string | The name of the deployed log analytics workspace |
-| `logAnalyticsResourceGroup` | string | The resource group where the log analytics will be deployed |
+| `logAnalyticsResourceGroup` | string | The resource group of the deployed log analytics workspace |
 | `logAnalyticsResourceId` | string | The resource ID of the deployed log analytics workspace |
 | `logAnalyticsWorkspaceId` | string | The ID associated with the workspace |
 
 ## Template references
 
+- [Diagnosticsettings](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings)
 - [Locks](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2016-09-01/locks)
 - [Roleassignments](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2020-04-01-preview/roleAssignments)
-- [Diagnosticsettings](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings)
+- [Solutions](https://docs.microsoft.com/en-us/azure/templates/Microsoft.OperationsManagement/2015-11-01-preview/solutions)
 - [Workspaces](https://docs.microsoft.com/en-us/azure/templates/Microsoft.OperationalInsights/2020-08-01/workspaces)
 - [Workspaces/Datasources](https://docs.microsoft.com/en-us/azure/templates/Microsoft.OperationalInsights/2020-08-01/workspaces/dataSources)
 - [Workspaces/Linkedservices](https://docs.microsoft.com/en-us/azure/templates/Microsoft.OperationalInsights/2020-08-01/workspaces/linkedServices)
 - [Workspaces/Savedsearches](https://docs.microsoft.com/en-us/azure/templates/Microsoft.OperationalInsights/2020-08-01/workspaces/savedSearches)
 - [Workspaces/Storageinsightconfigs](https://docs.microsoft.com/en-us/azure/templates/Microsoft.OperationalInsights/2020-08-01/workspaces/storageInsightConfigs)
-- [Solutions](https://docs.microsoft.com/en-us/azure/templates/Microsoft.OperationsManagement/2015-11-01-preview/solutions)

arm/Microsoft.OperationalInsights/workspaces/storageInsightConfigs/deploy.bicep

@@ -2,7 +2,7 @@
 param logAnalyticsWorkspaceName string
 
 @description('Optional. The name of the storage insights config')
-param name string = last(split(storageAccountId, '/'))
+param name string = '${last(split(storageAccountId, '/'))}-stinsconfig'
 
 @description('Required. The Azure Resource Manager ID of the storage account resource.')
 param storageAccountId string

utilities/pipelines/resourceRemoval/Initialize-DeploymentRemoval.ps1

@@ -72,6 +72,13 @@ function Initialize-DeploymentRemoval {
                     )
                     break
                 }
+                'workspaces' {
+                    $removalSequence += @(
+                        'Microsoft.OperationsManagement/solutions',
+                        'Microsoft.OperationalInsights/workspaces/linkedServices'
+                    )
+                    break
+                }
                 ### CODE LOCATION: Add custom removal sequence here
             }
 

utilities/pipelines/resourceRemoval/helper/Invoke-ResourcePostRemoval.ps1

@@ -38,6 +38,7 @@ function Invoke-ResourcePostRemoval {
                     $null = Remove-AzKeyVault -ResourceId $matchingKeyVault.Id -InRemovedState -Force -Location $matchingKeyVault.Location
                 }
             }
+            break
         }
         'Microsoft.CognitiveServices/accounts' {
             $resourceGroupName = $resourceId.Split('/')[4]
@@ -49,6 +50,7 @@ function Invoke-ResourcePostRemoval {
                     $null = Remove-AzCognitiveServicesAccount -InRemovedState -Force -Location $matchingAccount.Location -ResourceGroupName $resourceGroupName -Name $matchingAccount.AccountName
                 }
             }
+            break
         }
         'Microsoft.ApiManagement/service' {
             $subscriptionId = $resourceId.Split('/')[2]
@@ -73,6 +75,31 @@ function Invoke-ResourcePostRemoval {
                     $null = Invoke-AzRestMethod @purgeRequestInputObject
                 }
             }
+            break
+        }
+        'Microsoft.OperationalInsights/workspaces' {
+            $subscriptionId = $resourceId.Split('/')[2]
+            $resourceGroupName = $resourceId.Split('/')[4]
+            $resourceName = Split-Path $ResourceId -Leaf
+            # Fetch service in soft-delete state
+            $getPath = '/subscriptions/{0}/providers/Microsoft.OperationalInsights/deletedWorkspaces?api-version=2020-03-01-preview' -f $subscriptionId
+            $getRequestInputObject = @{
+                Method = 'GET'
+                Path   = $getPath
+            }
+            $softDeletedService = ((Invoke-AzRestMethod @getRequestInputObject).Content | ConvertFrom-Json).value | Where-Object { $_.id -eq $resourceId -and $_.name -eq $resourceName }
+            if ($softDeletedService) {
+                # Recover service
+                $location = $softDeletedService.location
+                if ($PSCmdlet.ShouldProcess(('Log analytics workspace [{0}]' -f $resourceId), 'Recover')) {
+                    $recoveredWorkspace = New-AzOperationalInsightsWorkspace -ResourceGroupName $resourceGroupName -Name $resourceName -Location $location
+                }
+                # Purge service
+                if ($PSCmdlet.ShouldProcess(('Log analytics workspace with ID [{0}]' -f $resourceId), 'Purge')) {
+                    $recoveredWorkspace | Remove-AzOperationalInsightsWorkspace -ForceDelete -Force
+                }
+            }
+            break
         }
         'Microsoft.RecoveryServices/vaults/backupFabrics/protectionContainers/protectedItems' {
             # Remove protected VM
@@ -108,6 +135,7 @@ function Invoke-ResourcePostRemoval {
 
             # Undo a potential soft delete state change
             $null = Set-AzRecoveryServicesVaultProperty -VaultId $vaultId -SoftDeleteFeatureState $softDeleteStatus.TrimEnd('d')
+            break
         }
         ### CODE LOCATION: Add custom post-removal operation here
     }

utilities/pipelines/resourceRemoval/helper/Invoke-ResourceRemoval.ps1

@@ -94,6 +94,7 @@ function Invoke-ResourceRemoval {
             # Actual removal
             # --------------
             $null = Remove-AzResource -ResourceId $resourceId -Force -ErrorAction 'Stop'
+            break
         }
         ### CODE LOCATION: Add custom removal action here
         Default {

utilities/pipelines/sharedScripts/Set-EnvironmentOnAgent.ps1

@@ -106,6 +106,7 @@ function Set-EnvironmentOnAgent {
             @{ Name = 'Az.RecoveryServices' },
             @{ Name = 'Az.Monitor' },
             @{ Name = 'Az.CognitiveServices' },
+            @{ Name = 'Az.OperationalInsights' },
             @{ Name = 'Pester'; Version = '5.3.0' }
         )
     )