From 22f6169ead6132e09ed02008131e852e56244ff0 Mon Sep 17 00:00:00 2001 From: Alexander Sehr Date: Sun, 27 Aug 2023 21:07:02 +0200 Subject: [PATCH] [Modules] Update DiagnosticSettings (#3721) * Removed retention policy object * Removed retention param * Removed further references * Added test to storage common * Updated test * Regenerated all bicep templates * Regen docs * Removed add. references --- .../Compute/virtualMachinesMultiple/README.md | 1 - .../virtualMachinesMultiple/main.bicep | 8 +- docs/wiki/The library - Module design.md | 16 -- .../.test/common/main.test.bicep | 1 - modules/aad/domain-service/README.md | 5 - modules/aad/domain-service/main.bicep | 13 -- modules/aad/domain-service/main.json | 19 +-- .../server/.test/common/main.test.bicep | 1 - .../server/.test/max/main.test.bicep | 1 - modules/analysis-services/server/README.md | 9 -- modules/analysis-services/server/main.bicep | 17 --- modules/analysis-services/server/main.json | 25 +--- .../service/.test/max/main.test.bicep | 1 - modules/api-management/service/README.md | 5 - modules/api-management/service/main.bicep | 17 --- modules/api-management/service/main.json | 25 +--- .../.test/common/main.test.bicep | 1 - .../configuration-store/README.md | 5 - .../configuration-store/main.bicep | 17 --- .../configuration-store/main.json | 25 +--- .../.test/common/main.test.bicep | 1 - .../automation/automation-account/README.md | 5 - .../automation/automation-account/main.bicep | 17 --- .../automation/automation-account/main.json | 25 +--- .../.test/common/main.test.bicep | 1 - modules/batch/batch-account/README.md | 5 - modules/batch/batch-account/main.bicep | 17 --- modules/batch/batch-account/main.json | 25 +--- .../cache/redis/.test/common/main.test.bicep | 1 - modules/cache/redis/README.md | 5 - modules/cache/redis/main.bicep | 17 --- modules/cache/redis/main.json | 25 +--- .../account/.test/common/main.test.bicep | 1 - modules/cognitive-services/account/README.md | 5 - modules/cognitive-services/account/main.bicep | 17 --- modules/cognitive-services/account/main.json | 25 +--- .../.test/linux/main.test.bicep | 1 - .../.test/windows/main.test.bicep | 1 - .../virtual-machine-scale-set/README.md | 9 -- .../virtual-machine-scale-set/main.bicep | 9 -- .../virtual-machine-scale-set/main.json | 17 +-- .../.bicep/nested_networkInterface.bicep | 3 - .../.test/linux/main.test.bicep | 1 - .../.test/windows/main.test.bicep | 1 - modules/compute/virtual-machine/README.md | 9 -- modules/compute/virtual-machine/main.bicep | 6 - modules/compute/virtual-machine/main.json | 67 +-------- .../registry/.test/common/main.test.bicep | 1 - modules/container-registry/registry/README.md | 5 - .../container-registry/registry/main.bicep | 17 --- modules/container-registry/registry/main.json | 25 +--- .../.test/azure/main.test.bicep | 1 - .../.test/kubenet/main.test.bicep | 1 - .../.test/priv/main.test.bicep | 1 - .../managed-cluster/README.md | 13 -- .../managed-cluster/main.bicep | 17 --- .../managed-cluster/main.json | 25 +--- .../factory/.test/common/main.test.bicep | 1 - modules/data-factory/factory/README.md | 5 - modules/data-factory/factory/main.bicep | 17 --- modules/data-factory/factory/main.json | 25 +--- .../workspace/.test/common/main.test.bicep | 1 - modules/databricks/workspace/README.md | 5 - modules/databricks/workspace/main.bicep | 13 -- modules/databricks/workspace/main.json | 19 +-- .../.test/private/main.test.bicep | 1 - .../.test/public/main.test.bicep | 1 - .../db-for-my-sql/flexible-server/README.md | 9 -- .../db-for-my-sql/flexible-server/main.bicep | 17 --- .../db-for-my-sql/flexible-server/main.json | 25 +--- .../.test/private/main.test.bicep | 1 - .../.test/public/main.test.bicep | 1 - .../flexible-server/README.md | 9 -- .../flexible-server/main.bicep | 17 --- .../flexible-server/main.json | 25 +--- .../.test/common/main.test.bicep | 1 - .../application-group/README.md | 5 - .../application-group/main.bicep | 13 -- .../application-group/main.json | 19 +-- .../host-pool/.test/common/main.test.bicep | 1 - .../host-pool/README.md | 5 - .../host-pool/main.bicep | 14 -- .../host-pool/main.json | 19 +-- .../scaling-plan/.test/common/main.test.bicep | 1 - .../scaling-plan/README.md | 5 - .../scaling-plan/main.bicep | 13 -- .../scaling-plan/main.json | 19 +-- .../workspace/.test/common/main.test.bicep | 1 - .../workspace/README.md | 5 - .../workspace/main.bicep | 13 -- .../workspace/main.json | 19 +-- .../.test/common/main.test.bicep | 1 - .../digital-twins-instance/README.md | 5 - .../digital-twins-instance/main.bicep | 17 --- .../digital-twins-instance/main.json | 25 +--- .../.test/gremlindb/main.test.bicep | 1 - .../.test/mongodb/main.test.bicep | 1 - .../.test/plain/main.test.bicep | 1 - .../.test/sqldb/main.test.bicep | 1 - .../document-db/database-account/README.md | 17 --- .../document-db/database-account/main.bicep | 17 --- .../document-db/database-account/main.json | 25 +--- .../domain/.test/common/main.test.bicep | 1 - modules/event-grid/domain/README.md | 5 - modules/event-grid/domain/main.bicep | 17 --- modules/event-grid/domain/main.json | 25 +--- .../system-topic/.test/common/main.test.bicep | 1 - modules/event-grid/system-topic/README.md | 5 - modules/event-grid/system-topic/main.bicep | 17 --- modules/event-grid/system-topic/main.json | 25 +--- .../topic/.test/common/main.test.bicep | 1 - modules/event-grid/topic/README.md | 5 - modules/event-grid/topic/main.bicep | 17 --- modules/event-grid/topic/main.json | 25 +--- .../namespace/.test/common/main.test.bicep | 1 - modules/event-hub/namespace/README.md | 5 - modules/event-hub/namespace/main.bicep | 17 --- modules/event-hub/namespace/main.json | 25 +--- .../workspace/.test/common/main.test.bicep | 2 - modules/healthcare-apis/workspace/README.md | 10 -- .../workspace/dicomservice/README.md | 1 - .../workspace/dicomservice/main.bicep | 9 -- .../workspace/dicomservice/main.json | 17 +-- .../workspace/fhirservice/README.md | 1 - .../workspace/fhirservice/main.bicep | 13 -- .../workspace/fhirservice/main.json | 23 +-- .../workspace/iotconnector/README.md | 1 - .../workspace/iotconnector/main.bicep | 13 -- .../workspace/iotconnector/main.json | 23 +-- modules/healthcare-apis/workspace/main.bicep | 3 - modules/healthcare-apis/workspace/main.json | 68 ++------- .../component/.test/common/main.test.bicep | 1 - modules/insights/component/README.md | 5 - modules/insights/component/main.bicep | 17 --- modules/insights/component/main.json | 25 +--- .../.test/common/main.test.bicep | 1 - modules/insights/diagnostic-setting/README.md | 5 - .../insights/diagnostic-setting/main.bicep | 13 -- modules/insights/diagnostic-setting/main.json | 19 +-- .../vault/.test/common/main.test.bicep | 1 - modules/key-vault/vault/README.md | 5 - modules/key-vault/vault/main.bicep | 17 --- modules/key-vault/vault/main.json | 25 +--- .../workflow/.test/common/main.test.bicep | 1 - modules/logic/workflow/README.md | 5 - modules/logic/workflow/main.bicep | 17 --- modules/logic/workflow/main.json | 25 +--- .../workspace/.test/common/main.test.bicep | 1 - .../workspace/README.md | 5 - .../workspace/main.bicep | 17 --- .../workspace/main.json | 25 +--- .../.test/common/main.test.bicep | 1 - modules/network/application-gateway/README.md | 5 - .../network/application-gateway/main.bicep | 17 --- modules/network/application-gateway/main.json | 25 +--- .../.test/common/main.test.bicep | 1 - modules/network/azure-firewall/README.md | 5 - modules/network/azure-firewall/main.bicep | 19 --- modules/network/azure-firewall/main.json | 81 ++-------- .../bastion-host/.test/common/main.test.bicep | 1 - modules/network/bastion-host/README.md | 5 - modules/network/bastion-host/main.bicep | 14 -- modules/network/bastion-host/main.json | 47 +----- .../.test/common/main.test.bicep | 1 - .../network/express-route-circuit/README.md | 5 - .../network/express-route-circuit/main.bicep | 17 --- .../network/express-route-circuit/main.json | 25 +--- modules/network/front-door/README.md | 1 - modules/network/front-door/main.bicep | 17 --- modules/network/front-door/main.json | 25 +--- .../.test/common/main.test.bicep | 1 - .../.test/internal/main.test.bicep | 1 - modules/network/load-balancer/README.md | 9 -- modules/network/load-balancer/main.bicep | 9 -- modules/network/load-balancer/main.json | 17 +-- .../nat-gateway/.test/common/main.test.bicep | 1 - modules/network/nat-gateway/README.md | 5 - modules/network/nat-gateway/main.bicep | 6 - modules/network/nat-gateway/main.json | 39 +---- .../.test/common/main.test.bicep | 1 - modules/network/network-interface/README.md | 5 - modules/network/network-interface/main.bicep | 9 -- modules/network/network-interface/main.json | 17 +-- .../.test/common/main.test.bicep | 1 - .../network/network-security-group/README.md | 5 - .../network/network-security-group/main.bicep | 13 -- .../network/network-security-group/main.json | 19 +-- .../.test/common/main.test.bicep | 1 - modules/network/public-ip-address/README.md | 5 - modules/network/public-ip-address/main.bicep | 17 --- modules/network/public-ip-address/main.json | 25 +--- .../.test/common/main.test.bicep | 1 - .../network/trafficmanagerprofile/README.md | 5 - .../network/trafficmanagerprofile/main.bicep | 17 --- .../network/trafficmanagerprofile/main.json | 25 +--- .../.test/expressRoute/main.test.bicep | 1 - .../.test/vpn/main.test.bicep | 1 - .../network/virtual-network-gateway/README.md | 9 -- .../virtual-network-gateway/main.bicep | 17 --- .../network/virtual-network-gateway/main.json | 50 +------ .../.test/common/main.test.bicep | 1 - modules/network/virtual-network/README.md | 5 - modules/network/virtual-network/main.bicep | 17 --- modules/network/virtual-network/main.json | 25 +--- .../workspace/.test/adv/main.test.bicep | 1 - .../workspace/.test/common/main.test.bicep | 1 - .../operational-insights/workspace/README.md | 9 -- .../operational-insights/workspace/main.bicep | 17 --- .../operational-insights/workspace/main.json | 25 +--- .../account/.test/common/main.test.bicep | 1 - modules/purview/account/README.md | 5 - modules/purview/account/main.bicep | 17 --- modules/purview/account/main.json | 25 +--- .../vault/.test/common/main.test.bicep | 1 - modules/recovery-services/vault/README.md | 5 - modules/recovery-services/vault/main.bicep | 17 --- modules/recovery-services/vault/main.json | 25 +--- .../namespace/.test/common/main.test.bicep | 1 - modules/relay/namespace/README.md | 5 - modules/relay/namespace/main.bicep | 17 --- modules/relay/namespace/main.json | 25 +--- .../namespace/.test/common/main.test.bicep | 1 - modules/service-bus/namespace/README.md | 5 - modules/service-bus/namespace/main.bicep | 17 --- modules/service-bus/namespace/main.json | 25 +--- .../.test/common/main.test.bicep | 1 - modules/sql/managed-instance/README.md | 5 - .../sql/managed-instance/database/README.md | 1 - .../sql/managed-instance/database/main.bicep | 13 -- .../sql/managed-instance/database/main.json | 19 +-- modules/sql/managed-instance/main.bicep | 18 --- modules/sql/managed-instance/main.json | 45 +----- .../sql/server/.test/common/main.test.bicep | 1 - modules/sql/server/README.md | 2 - modules/sql/server/database/README.md | 1 - modules/sql/server/database/main.bicep | 17 --- modules/sql/server/database/main.json | 25 +--- modules/sql/server/main.bicep | 1 - modules/sql/server/main.json | 28 +--- .../.test/common/main.test.bicep | 40 ++++- .../storage-account/.test/nfs/main.test.bicep | 1 - modules/storage/storage-account/README.md | 93 +++++++++--- .../storage-account/blob-service/README.md | 3 +- .../storage-account/blob-service/main.bicep | 25 +--- .../storage-account/blob-service/main.json | 33 +---- .../storage-account/file-service/README.md | 1 - .../storage-account/file-service/main.bicep | 17 --- .../storage-account/file-service/main.json | 25 +--- modules/storage/storage-account/main.bicep | 18 +-- modules/storage/storage-account/main.json | 138 ++++-------------- .../management-policy/README.md | 2 +- .../management-policy/main.bicep | 4 +- .../management-policy/main.json | 4 +- .../storage-account/queue-service/README.md | 1 - .../storage-account/queue-service/main.bicep | 17 --- .../storage-account/queue-service/main.json | 25 +--- .../storage-account/table-service/README.md | 1 - .../storage-account/table-service/main.bicep | 17 --- .../storage-account/table-service/main.json | 25 +--- .../workspace/.test/common/main.test.bicep | 1 - modules/synapse/workspace/README.md | 5 - modules/synapse/workspace/main.bicep | 13 -- modules/synapse/workspace/main.json | 19 +-- .../.test/asev2/main.test.bicep | 1 - .../.test/asev3/main.test.bicep | 1 - modules/web/hosting-environment/README.md | 9 -- modules/web/hosting-environment/main.bicep | 13 -- modules/web/hosting-environment/main.json | 19 +-- .../serverfarm/.test/common/main.test.bicep | 1 - modules/web/serverfarm/README.md | 5 - modules/web/serverfarm/main.bicep | 9 -- modules/web/serverfarm/main.json | 17 +-- .../.test/functionAppCommon/main.test.bicep | 1 - .../site/.test/webAppCommon/main.test.bicep | 2 - modules/web/site/README.md | 11 -- modules/web/site/main.bicep | 17 --- modules/web/site/main.json | 49 +------ modules/web/site/slot/README.md | 1 - modules/web/site/slot/main.bicep | 12 -- modules/web/site/slot/main.json | 23 +-- utilities/tools/Set-ModuleReadMe.ps1 | 9 +- 281 files changed, 429 insertions(+), 3109 deletions(-) diff --git a/constructs/Compute/virtualMachinesMultiple/README.md b/constructs/Compute/virtualMachinesMultiple/README.md index 19266955b9..81b6f034e7 100644 --- a/constructs/Compute/virtualMachinesMultiple/README.md +++ b/constructs/Compute/virtualMachinesMultiple/README.md @@ -67,7 +67,6 @@ This module deploys one or multiple Virtual Machines. | `dedicatedHostId` | string | `''` | | Specifies resource ID about the dedicated host that the virtual machine resides in. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | | `disablePasswordAuthentication` | bool | `False` | | Specifies whether password authentication should be disabled. | diff --git a/constructs/Compute/virtualMachinesMultiple/main.bicep b/constructs/Compute/virtualMachinesMultiple/main.bicep index 42e9527e8a..9fc00d6f9e 100644 --- a/constructs/Compute/virtualMachinesMultiple/main.bicep +++ b/constructs/Compute/virtualMachinesMultiple/main.bicep @@ -230,11 +230,6 @@ param extensionCustomScriptProtectedSetting object = {} @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -301,7 +296,7 @@ var vmNamesToApply = !empty(vmNames) ? vmNames : vmGeneratedNames var enableReferencedModulesTelemetry = false -module virtualMachine '../../../modules/Compute/virtualMachines/main.bicep' = [for (vmName, index) in vmNamesToApply: { +module virtualMachine '../../../modules/compute/virtual-machine/main.bicep' = [for (vmName, index) in vmNamesToApply: { name: '${deployment().name}-vm-${index}' params: { name: vmName @@ -328,7 +323,6 @@ module virtualMachine '../../../modules/Compute/virtualMachines/main.bicep' = [f dedicatedHostId: dedicatedHostId diagnosticEventHubAuthorizationRuleId: diagnosticEventHubAuthorizationRuleId diagnosticEventHubName: diagnosticEventHubName - diagnosticLogsRetentionInDays: diagnosticLogsRetentionInDays diagnosticStorageAccountId: diagnosticStorageAccountId diagnosticWorkspaceId: diagnosticWorkspaceId disablePasswordAuthentication: disablePasswordAuthentication diff --git a/docs/wiki/The library - Module design.md b/docs/wiki/The library - Module design.md index 8be0455ffb..b1ad89c38c 100644 --- a/docs/wiki/The library - Module design.md +++ b/docs/wiki/The library - Module design.md @@ -295,10 +295,6 @@ The diagnostic settings may differ slightly, from resource to resource. Most not Details ```bicep -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -336,20 +332,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -357,10 +345,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] resource _diagnosticSettings 'Microsoft.Insights/diagnosticsettings@2021-05-01-preview' = if (!empty(diagnosticStorageAccountId) || !empty(diagnosticWorkspaceId) || !empty(diagnosticEventHubAuthorizationRuleId) || !empty(diagnosticEventHubName)) { diff --git a/modules/aad/domain-service/.test/common/main.test.bicep b/modules/aad/domain-service/.test/common/main.test.bicep index d75646823c..39ebef747d 100644 --- a/modules/aad/domain-service/.test/common/main.test.bicep +++ b/modules/aad/domain-service/.test/common/main.test.bicep @@ -75,7 +75,6 @@ module testDeployment '../../main.bicep' = { additionalRecipients: [ '${namePrefix}@noreply.github.com' ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/aad/domain-service/README.md b/modules/aad/domain-service/README.md index 5f254cf354..14813acc04 100644 --- a/modules/aad/domain-service/README.md +++ b/modules/aad/domain-service/README.md @@ -43,7 +43,6 @@ This module deploys an Azure Active Directory Domain Services (AADDS). | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', AccountLogon, AccountManagement, allLogs, DetailTracking, DirectoryServiceAccess, LogonLogoff, ObjectAccess, PolicyChange, PrivilegeUse, SystemSecurity]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | | `domainConfigurationType` | string | `'FullySynced'` | `[FullySynced, ResourceTrusting]` | The value is to provide domain configuration type. | @@ -238,7 +237,6 @@ module domainService './aad/domain-service/main.bicep' = { ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -289,9 +287,6 @@ module domainService './aad/domain-service/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/aad/domain-service/main.bicep b/modules/aad/domain-service/main.bicep index 8e33c8f9b0..e8aa4ad471 100644 --- a/modules/aad/domain-service/main.bicep +++ b/modules/aad/domain-service/main.bicep @@ -130,11 +130,6 @@ param diagnosticEventHubName string = '' @description('Optional. Tags of the resource.') param tags object = {} -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true @@ -170,20 +165,12 @@ param diagnosticLogCategoriesToEnable array = [ var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified diff --git a/modules/aad/domain-service/main.json b/modules/aad/domain-service/main.json index c312c1d420..d7c212e90c 100644 --- a/modules/aad/domain-service/main.json +++ b/modules/aad/domain-service/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "12721378436248791893" + "templateHash": "11963708843565725905" }, "name": "Azure Active Directory Domain Services", "description": "This module deploys an Azure Active Directory Domain Services (AADDS).", @@ -235,15 +235,6 @@ "description": "Optional. Tags of the resource." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "enableDefaultTelemetry": { "type": "bool", "defaultValue": true, @@ -300,15 +291,11 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" }, "resources": [ { diff --git a/modules/analysis-services/server/.test/common/main.test.bicep b/modules/analysis-services/server/.test/common/main.test.bicep index b5ad65e147..ad76d1af43 100644 --- a/modules/analysis-services/server/.test/common/main.test.bicep +++ b/modules/analysis-services/server/.test/common/main.test.bicep @@ -74,7 +74,6 @@ module testDeployment '../../main.bicep' = { principalType: 'ServicePrincipal' } ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/analysis-services/server/.test/max/main.test.bicep b/modules/analysis-services/server/.test/max/main.test.bicep index a0448bdaa0..582c804860 100644 --- a/modules/analysis-services/server/.test/max/main.test.bicep +++ b/modules/analysis-services/server/.test/max/main.test.bicep @@ -85,7 +85,6 @@ module testDeployment '../../main.bicep' = { principalType: 'ServicePrincipal' } ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/analysis-services/server/README.md b/modules/analysis-services/server/README.md index 320ede300c..b01b46f8b3 100644 --- a/modules/analysis-services/server/README.md +++ b/modules/analysis-services/server/README.md @@ -34,7 +34,6 @@ This module deploys an Analysis Services Server. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, Engine, Service]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -184,7 +183,6 @@ module server './analysis-services/server/main.bicep' = { // Non-required parameters diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -230,9 +228,6 @@ module server './analysis-services/server/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, @@ -291,7 +286,6 @@ module server './analysis-services/server/main.bicep' = { 'Engine' 'Service' ] - diagnosticLogsRetentionInDays: 7 diagnosticMetricsToEnable: [ 'AllMetrics' ] @@ -353,9 +347,6 @@ module server './analysis-services/server/main.bicep' = { "Service" ] }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticMetricsToEnable": { "value": [ "AllMetrics" diff --git a/modules/analysis-services/server/main.bicep b/modules/analysis-services/server/main.bicep index 178798e9db..0b0ca98d44 100644 --- a/modules/analysis-services/server/main.bicep +++ b/modules/analysis-services/server/main.bicep @@ -26,11 +26,6 @@ param firewallSettings object = { @description('Optional. Location for all Resources.') param location string = resourceGroup().location -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -85,20 +80,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -106,10 +93,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) { diff --git a/modules/analysis-services/server/main.json b/modules/analysis-services/server/main.json index be5e134680..034f53242c 100644 --- a/modules/analysis-services/server/main.json +++ b/modules/analysis-services/server/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "430189201191579276" + "templateHash": "10064223785329368726" }, "name": "Analysis Services Servers", "description": "This module deploys an Analysis Services Server.", @@ -55,15 +55,6 @@ "description": "Optional. Location for all Resources." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -167,11 +158,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -180,15 +167,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" }, "resources": [ { diff --git a/modules/api-management/service/.test/max/main.test.bicep b/modules/api-management/service/.test/max/main.test.bicep index 0ffbd7d57d..daf0f7f8ad 100644 --- a/modules/api-management/service/.test/max/main.test.bicep +++ b/modules/api-management/service/.test/max/main.test.bicep @@ -117,7 +117,6 @@ module testDeployment '../../main.bicep' = { useFromLocation: 'westeurope' } ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/api-management/service/README.md b/modules/api-management/service/README.md index 5a6a3c57a6..0aa2f605e6 100644 --- a/modules/api-management/service/README.md +++ b/modules/api-management/service/README.md @@ -59,7 +59,6 @@ This module deploys an API Management Service. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, GatewayLogs]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -484,7 +483,6 @@ module service './api-management/service/main.bicep' = { ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -653,9 +651,6 @@ module service './api-management/service/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/api-management/service/main.bicep b/modules/api-management/service/main.bicep index 3d7e8e488c..cdc0d4c0d6 100644 --- a/modules/api-management/service/main.bicep +++ b/modules/api-management/service/main.bicep @@ -18,11 +18,6 @@ param enableDefaultTelemetry bool = true @description('Optional. Custom properties of the API Management service.') param customProperties object = {} -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -177,20 +172,12 @@ var authorizationServerList = !empty(authorizationServers) ? authorizationServer var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -198,10 +185,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var identityType = systemAssignedIdentity ? (!empty(userAssignedIdentities) ? 'SystemAssigned,UserAssigned' : 'SystemAssigned') : (!empty(userAssignedIdentities) ? 'UserAssigned' : 'None') diff --git a/modules/api-management/service/main.json b/modules/api-management/service/main.json index f6c8a70c9a..466bded3f4 100644 --- a/modules/api-management/service/main.json +++ b/modules/api-management/service/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "14244041467276346330" + "templateHash": "11924576523256910990" }, "name": "API Management Services", "description": "This module deploys an API Management Service.", @@ -47,15 +47,6 @@ "description": "Optional. Custom properties of the API Management service." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -361,11 +352,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -374,17 +361,13 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], "enableReferencedModulesTelemetry": false, "authorizationServerList": "[if(not(empty(parameters('authorizationServers'))), parameters('authorizationServers').secureList, createArray())]", - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned,UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]", "identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]" }, diff --git a/modules/app-configuration/configuration-store/.test/common/main.test.bicep b/modules/app-configuration/configuration-store/.test/common/main.test.bicep index 10563eb418..46047d29bc 100644 --- a/modules/app-configuration/configuration-store/.test/common/main.test.bicep +++ b/modules/app-configuration/configuration-store/.test/common/main.test.bicep @@ -64,7 +64,6 @@ module testDeployment '../../main.bicep' = { enableDefaultTelemetry: enableDefaultTelemetry name: '${namePrefix}${serviceShort}001' createMode: 'Default' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/app-configuration/configuration-store/README.md b/modules/app-configuration/configuration-store/README.md index c4169483c2..23edaceeaf 100644 --- a/modules/app-configuration/configuration-store/README.md +++ b/modules/app-configuration/configuration-store/README.md @@ -38,7 +38,6 @@ This module deploys an App Configuration Store. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, Audit, HttpRequest]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -333,7 +332,6 @@ module configurationStore './app-configuration/configuration-store/main.bicep' = createMode: 'Default' diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' disableLocalAuth: false @@ -401,9 +399,6 @@ module configurationStore './app-configuration/configuration-store/main.bicep' = "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/app-configuration/configuration-store/main.bicep b/modules/app-configuration/configuration-store/main.bicep index fe242a7844..f3943eb2ba 100644 --- a/modules/app-configuration/configuration-store/main.bicep +++ b/modules/app-configuration/configuration-store/main.bicep @@ -50,11 +50,6 @@ param softDeleteRetentionInDays int = 1 @description('Optional. All Key / Values to create.') param keyValues array = [] -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -114,20 +109,12 @@ var enableReferencedModulesTelemetry = false var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -135,10 +122,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var identityType = systemAssignedIdentity ? 'SystemAssigned' : !empty(userAssignedIdentities) ? 'UserAssigned' : 'None' diff --git a/modules/app-configuration/configuration-store/main.json b/modules/app-configuration/configuration-store/main.json index f8b7c51280..84bf22d70e 100644 --- a/modules/app-configuration/configuration-store/main.json +++ b/modules/app-configuration/configuration-store/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "9490352980552121351" + "templateHash": "10371162736830551365" }, "name": "App Configuration Stores", "description": "This module deploys an App Configuration Store.", @@ -103,15 +103,6 @@ "description": "Optional. All Key / Values to create." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -222,11 +213,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -235,16 +222,12 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], "enableReferencedModulesTelemetry": false, - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "identityType": "[if(parameters('systemAssignedIdentity'), 'SystemAssigned', if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]", "identity": { "type": "[variables('identityType')]", diff --git a/modules/automation/automation-account/.test/common/main.test.bicep b/modules/automation/automation-account/.test/common/main.test.bicep index 0637bd5fad..461dfed416 100644 --- a/modules/automation/automation-account/.test/common/main.test.bicep +++ b/modules/automation/automation-account/.test/common/main.test.bicep @@ -65,7 +65,6 @@ module testDeployment '../../main.bicep' = { params: { enableDefaultTelemetry: enableDefaultTelemetry name: '${namePrefix}${serviceShort}001' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/automation/automation-account/README.md b/modules/automation/automation-account/README.md index 8db593560c..896c504721 100644 --- a/modules/automation/automation-account/README.md +++ b/modules/automation/automation-account/README.md @@ -53,7 +53,6 @@ This module deploys an Azure Automation Account. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, DscNodeStatus, JobLogs, JobStreams]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -409,7 +408,6 @@ module automationAccount './automation/automation-account/main.bicep' = { // Non-required parameters diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' disableLocalAuth: true @@ -613,9 +611,6 @@ module automationAccount './automation/automation-account/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/automation/automation-account/main.bicep b/modules/automation/automation-account/main.bicep index b94b53b0d4..8f03f5f404 100644 --- a/modules/automation/automation-account/main.bicep +++ b/modules/automation/automation-account/main.bicep @@ -65,11 +65,6 @@ param disableLocalAuth bool = true @description('Optional. Configuration details for private endpoints. For security reasons, it is recommended to use private endpoints whenever possible.') param privateEndpoints array = [] -@minValue(0) -@maxValue(365) -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -133,20 +128,12 @@ var enableReferencedModulesTelemetry = false var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -154,10 +141,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var identityType = systemAssignedIdentity ? (!empty(userAssignedIdentities) ? 'SystemAssigned,UserAssigned' : 'SystemAssigned') : (!empty(userAssignedIdentities) ? 'UserAssigned' : 'None') diff --git a/modules/automation/automation-account/main.json b/modules/automation/automation-account/main.json index 5190a537aa..bac8c5b284 100644 --- a/modules/automation/automation-account/main.json +++ b/modules/automation/automation-account/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "12601553929742094465" + "templateHash": "16595917199403663446" }, "name": "Automation Accounts", "description": "This module deploys an Azure Automation Account.", @@ -146,15 +146,6 @@ "description": "Optional. Configuration details for private endpoints. For security reasons, it is recommended to use private endpoints whenever possible." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -273,11 +264,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -286,16 +273,12 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], "enableReferencedModulesTelemetry": false, - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned,UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]", "identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]" }, diff --git a/modules/batch/batch-account/.test/common/main.test.bicep b/modules/batch/batch-account/.test/common/main.test.bicep index f4fab0de97..b2fa9e7a62 100644 --- a/modules/batch/batch-account/.test/common/main.test.bicep +++ b/modules/batch/batch-account/.test/common/main.test.bicep @@ -66,7 +66,6 @@ module testDeployment '../../main.bicep' = { enableDefaultTelemetry: enableDefaultTelemetry name: '${namePrefix}${serviceShort}001' storageAccountId: nestedDependencies.outputs.storageAccountResourceId - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/batch/batch-account/README.md b/modules/batch/batch-account/README.md index f1fffea321..85dcc30c05 100644 --- a/modules/batch/batch-account/README.md +++ b/modules/batch/batch-account/README.md @@ -47,7 +47,6 @@ This module deploys a Batch Account. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, ServiceLog]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -281,7 +280,6 @@ module batchAccount './batch/batch-account/main.bicep' = { // Non-required parameters diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -348,9 +346,6 @@ module batchAccount './batch/batch-account/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/batch/batch-account/main.bicep b/modules/batch/batch-account/main.bicep index 6c1bbcb34e..092005e322 100644 --- a/modules/batch/batch-account/main.bicep +++ b/modules/batch/batch-account/main.bicep @@ -58,11 +58,6 @@ param networkProfileDefaultAction string = 'Deny' @description('Optional. Array of IP ranges to filter client IP address. It is only applicable when publicNetworkAccess is not explicitly disabled.') param networkProfileAllowedIpRanges array = [] -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -130,20 +125,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -151,10 +138,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var identityType = systemAssignedIdentity ? 'SystemAssigned' : !empty(userAssignedIdentities) ? 'UserAssigned' : 'None' diff --git a/modules/batch/batch-account/main.json b/modules/batch/batch-account/main.json index 882013e165..b2ff4246cc 100644 --- a/modules/batch/batch-account/main.json +++ b/modules/batch/batch-account/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "7332956406118760498" + "templateHash": "10210928254812932351" }, "name": "Batch Accounts", "description": "This module deploys a Batch Account.", @@ -118,15 +118,6 @@ "description": "Optional. Array of IP ranges to filter client IP address. It is only applicable when publicNetworkAccess is not explicitly disabled." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -255,11 +246,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -268,11 +255,7 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -284,7 +267,7 @@ } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "identityType": "[if(parameters('systemAssignedIdentity'), 'SystemAssigned', if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]", "identity": { "type": "[variables('identityType')]", diff --git a/modules/cache/redis/.test/common/main.test.bicep b/modules/cache/redis/.test/common/main.test.bicep index 8ad4bad1cc..bc976f33b7 100644 --- a/modules/cache/redis/.test/common/main.test.bicep +++ b/modules/cache/redis/.test/common/main.test.bicep @@ -64,7 +64,6 @@ module testDeployment '../../main.bicep' = { enableDefaultTelemetry: enableDefaultTelemetry name: '${namePrefix}${serviceShort}001' capacity: 2 - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/cache/redis/README.md b/modules/cache/redis/README.md index bd0f43531d..b005689a95 100644 --- a/modules/cache/redis/README.md +++ b/modules/cache/redis/README.md @@ -37,7 +37,6 @@ This module deploys a Redis Cache. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, ConnectedClientList]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | @@ -375,7 +374,6 @@ module redis './cache/redis/main.bicep' = { capacity: 2 diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticSettingsName: 'redisdiagnostics' diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' @@ -441,9 +439,6 @@ module redis './cache/redis/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticSettingsName": { "value": "redisdiagnostics" }, diff --git a/modules/cache/redis/main.bicep b/modules/cache/redis/main.bicep index af50133fca..172c38fa44 100644 --- a/modules/cache/redis/main.bicep +++ b/modules/cache/redis/main.bicep @@ -110,11 +110,6 @@ param privateEndpoints array = [] @description('Optional. The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings".') param diagnosticSettingsName string = '' -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticStorageAccountId string = '' @@ -153,20 +148,12 @@ var availabilityZones = skuName == 'Premium' ? zoneRedundant ? !empty(zones) ? z var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -174,10 +161,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var identityType = systemAssignedIdentity ? 'SystemAssigned' : !empty(userAssignedIdentities) ? 'UserAssigned' : 'None' diff --git a/modules/cache/redis/main.json b/modules/cache/redis/main.json index 714388b5d7..3545e1c592 100644 --- a/modules/cache/redis/main.json +++ b/modules/cache/redis/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "18012960546079116650" + "templateHash": "16190276129118056203" }, "name": "Redis Cache", "description": "This module deploys a Redis Cache.", @@ -215,15 +215,6 @@ "description": "Optional. The name of the diagnostic setting, if deployed. If left empty, it defaults to \"-diagnosticSettings\"." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -293,11 +284,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -306,16 +293,12 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], "availabilityZones": "[if(equals(parameters('skuName'), 'Premium'), if(parameters('zoneRedundant'), if(not(empty(parameters('zones'))), parameters('zones'), pickZones('Microsoft.Cache', 'redis', parameters('location'), 3)), createArray()), createArray())]", - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "identityType": "[if(parameters('systemAssignedIdentity'), 'SystemAssigned', if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]", "identity": { "type": "[variables('identityType')]", diff --git a/modules/cognitive-services/account/.test/common/main.test.bicep b/modules/cognitive-services/account/.test/common/main.test.bicep index 556ce7e70f..7a61062ca0 100644 --- a/modules/cognitive-services/account/.test/common/main.test.bicep +++ b/modules/cognitive-services/account/.test/common/main.test.bicep @@ -66,7 +66,6 @@ module testDeployment '../../main.bicep' = { name: '${namePrefix}${serviceShort}001' kind: 'Face' customSubDomainName: '${namePrefix}xdomain' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/cognitive-services/account/README.md b/modules/cognitive-services/account/README.md index 254afa3940..ce8fb6197a 100644 --- a/modules/cognitive-services/account/README.md +++ b/modules/cognitive-services/account/README.md @@ -51,7 +51,6 @@ This module deploys a Cognitive Service. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, Audit, RequestResponse]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -464,7 +463,6 @@ module account './cognitive-services/account/main.bicep' = { customSubDomainName: 'xdomain' diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -549,9 +547,6 @@ module account './cognitive-services/account/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/cognitive-services/account/main.bicep b/modules/cognitive-services/account/main.bicep index ffa145e7f9..a91549ef74 100644 --- a/modules/cognitive-services/account/main.bicep +++ b/modules/cognitive-services/account/main.bicep @@ -57,11 +57,6 @@ param sku string = 'S0' @description('Optional. Location for all Resources.') param location string = resourceGroup().location -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -175,20 +170,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -196,10 +183,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var enableReferencedModulesTelemetry = false diff --git a/modules/cognitive-services/account/main.json b/modules/cognitive-services/account/main.json index 5cb00062d1..ab8819f327 100644 --- a/modules/cognitive-services/account/main.json +++ b/modules/cognitive-services/account/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "16050279937194906672" + "templateHash": "3690928226777613324" }, "name": "Cognitive Services", "description": "This module deploys a Cognitive Service.", @@ -81,15 +81,6 @@ "description": "Optional. Location for all Resources." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -324,11 +315,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -337,15 +324,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "enableReferencedModulesTelemetry": false, "identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned,UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]", "identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]" diff --git a/modules/compute/virtual-machine-scale-set/.test/linux/main.test.bicep b/modules/compute/virtual-machine-scale-set/.test/linux/main.test.bicep index d119ea7240..08c5931815 100644 --- a/modules/compute/virtual-machine-scale-set/.test/linux/main.test.bicep +++ b/modules/compute/virtual-machine-scale-set/.test/linux/main.test.bicep @@ -111,7 +111,6 @@ module testDeployment '../../main.bicep' = { diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName - diagnosticLogsRetentionInDays: 7 disablePasswordAuthentication: true encryptionAtHost: false extensionCustomScriptConfig: { diff --git a/modules/compute/virtual-machine-scale-set/.test/windows/main.test.bicep b/modules/compute/virtual-machine-scale-set/.test/windows/main.test.bicep index 21a5d78570..c6694102a5 100644 --- a/modules/compute/virtual-machine-scale-set/.test/windows/main.test.bicep +++ b/modules/compute/virtual-machine-scale-set/.test/windows/main.test.bicep @@ -93,7 +93,6 @@ module testDeployment '../../main.bicep' = { diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName - diagnosticLogsRetentionInDays: 7 encryptionAtHost: false extensionAntiMalwareConfig: { enabled: true diff --git a/modules/compute/virtual-machine-scale-set/README.md b/modules/compute/virtual-machine-scale-set/README.md index 4ec607b828..b0384b82da 100644 --- a/modules/compute/virtual-machine-scale-set/README.md +++ b/modules/compute/virtual-machine-scale-set/README.md @@ -54,7 +54,6 @@ The following resources are required to be able to deploy this resource. | `dataDisks` | array | `[]` | | Specifies the data disks. For security reasons, it is recommended to specify DiskEncryptionSet into the dataDisk object. Restrictions: DiskEncryptionSet cannot be enabled if Azure Disk Encryption (guest-VM encryption using bitlocker/DM-Crypt) is enabled on your VM Scale sets. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | @@ -955,7 +954,6 @@ module virtualMachineScaleSet './compute/virtual-machine-scale-set/main.bicep' = ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' disablePasswordAuthentication: true @@ -1119,9 +1117,6 @@ module virtualMachineScaleSet './compute/virtual-machine-scale-set/main.bicep' = "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, @@ -1609,7 +1604,6 @@ module virtualMachineScaleSet './compute/virtual-machine-scale-set/main.bicep' = adminPassword: '' diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -1762,9 +1756,6 @@ module virtualMachineScaleSet './compute/virtual-machine-scale-set/main.bicep' = "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/compute/virtual-machine-scale-set/main.bicep b/modules/compute/virtual-machine-scale-set/main.bicep index 129d0fbec0..fbd688e838 100644 --- a/modules/compute/virtual-machine-scale-set/main.bicep +++ b/modules/compute/virtual-machine-scale-set/main.bicep @@ -134,11 +134,6 @@ param bootDiagnosticStorageAccountUri string = '.blob.${environment().suffixes.s @description('Optional. Storage account used to store boot diagnostic information. Boot diagnostics will be disabled if no value is provided.') param bootDiagnosticStorageAccountName string = '' -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -293,10 +288,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var publicKeysFormatted = [for publicKey in publicKeys: { diff --git a/modules/compute/virtual-machine-scale-set/main.json b/modules/compute/virtual-machine-scale-set/main.json index e223005045..89b7b6a2ca 100644 --- a/modules/compute/virtual-machine-scale-set/main.json +++ b/modules/compute/virtual-machine-scale-set/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "7835008553811642533" + "templateHash": "7715429520805746473" }, "name": "Virtual Machine Scale Sets", "description": "This module deploys a Virtual Machine Scale Set.", @@ -273,15 +273,6 @@ "description": "Optional. Storage account used to store boot diagnostic information. Boot diagnostics will be disabled if no value is provided." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -601,11 +592,7 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { diff --git a/modules/compute/virtual-machine/.bicep/nested_networkInterface.bicep b/modules/compute/virtual-machine/.bicep/nested_networkInterface.bicep index a89602200b..20386a51b8 100644 --- a/modules/compute/virtual-machine/.bicep/nested_networkInterface.bicep +++ b/modules/compute/virtual-machine/.bicep/nested_networkInterface.bicep @@ -12,7 +12,6 @@ param networkSecurityGroupResourceId string = '' param ipConfigurations array param lock string = '' param diagnosticStorageAccountId string -param diagnosticLogsRetentionInDays int param diagnosticWorkspaceId string param diagnosticEventHubAuthorizationRuleId string param diagnosticEventHubName string @@ -38,7 +37,6 @@ module networkInterface_publicIPAddresses '../../../network/public-ip-address/ma diagnosticEventHubAuthorizationRuleId: diagnosticEventHubAuthorizationRuleId diagnosticEventHubName: diagnosticEventHubName diagnosticLogCategoriesToEnable: pipdiagnosticLogCategoriesToEnable - diagnosticLogsRetentionInDays: diagnosticLogsRetentionInDays diagnosticMetricsToEnable: pipdiagnosticMetricsToEnable diagnosticSettingsName: pipDiagnosticSettingsName diagnosticStorageAccountId: diagnosticStorageAccountId @@ -80,7 +78,6 @@ module networkInterface '../../../network/network-interface/main.bicep' = { tags: tags diagnosticEventHubAuthorizationRuleId: diagnosticEventHubAuthorizationRuleId diagnosticEventHubName: diagnosticEventHubName - diagnosticLogsRetentionInDays: diagnosticLogsRetentionInDays diagnosticStorageAccountId: diagnosticStorageAccountId diagnosticMetricsToEnable: nicDiagnosticMetricsToEnable diagnosticSettingsName: nicDiagnosticSettingsName diff --git a/modules/compute/virtual-machine/.test/linux/main.test.bicep b/modules/compute/virtual-machine/.test/linux/main.test.bicep index fc8e3b07af..f85bc4d585 100644 --- a/modules/compute/virtual-machine/.test/linux/main.test.bicep +++ b/modules/compute/virtual-machine/.test/linux/main.test.bicep @@ -166,7 +166,6 @@ module testDeployment '../../main.bicep' = { diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName - diagnosticLogsRetentionInDays: 7 disablePasswordAuthentication: true encryptionAtHost: false extensionCustomScriptConfig: { diff --git a/modules/compute/virtual-machine/.test/windows/main.test.bicep b/modules/compute/virtual-machine/.test/windows/main.test.bicep index e39aa4f154..9e059f65ab 100644 --- a/modules/compute/virtual-machine/.test/windows/main.test.bicep +++ b/modules/compute/virtual-machine/.test/windows/main.test.bicep @@ -170,7 +170,6 @@ module testDeployment '../../main.bicep' = { diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName - diagnosticLogsRetentionInDays: 7 encryptionAtHost: false extensionAntiMalwareConfig: { enabled: true diff --git a/modules/compute/virtual-machine/README.md b/modules/compute/virtual-machine/README.md index 318a35ef46..c5dcc52850 100644 --- a/modules/compute/virtual-machine/README.md +++ b/modules/compute/virtual-machine/README.md @@ -61,7 +61,6 @@ This module deploys a Virtual Machine with one or multiple NICs and optionally o | `dedicatedHostId` | string | `''` | | Specifies resource ID about the dedicated host that the virtual machine resides in. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | | `disablePasswordAuthentication` | bool | `False` | | Specifies whether password authentication should be disabled. | @@ -1137,7 +1136,6 @@ module virtualMachine './compute/virtual-machine/main.bicep' = { ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' disablePasswordAuthentication: true @@ -1374,9 +1372,6 @@ module virtualMachine './compute/virtual-machine/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, @@ -1939,7 +1934,6 @@ module virtualMachine './compute/virtual-machine/main.bicep' = { ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableAutomaticUpdates: true @@ -2195,9 +2189,6 @@ module virtualMachine './compute/virtual-machine/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/compute/virtual-machine/main.bicep b/modules/compute/virtual-machine/main.bicep index bc4327b6af..3cd09f6b51 100644 --- a/modules/compute/virtual-machine/main.bicep +++ b/modules/compute/virtual-machine/main.bicep @@ -223,11 +223,6 @@ param extensionCustomScriptProtectedSetting object = {} @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -399,7 +394,6 @@ module vm_nic '.bicep/nested_networkInterface.bicep' = [for (nicConfiguration, i ipConfigurations: nicConfiguration.ipConfigurations lock: lock diagnosticStorageAccountId: diagnosticStorageAccountId - diagnosticLogsRetentionInDays: diagnosticLogsRetentionInDays diagnosticWorkspaceId: diagnosticWorkspaceId diagnosticEventHubAuthorizationRuleId: diagnosticEventHubAuthorizationRuleId diagnosticEventHubName: diagnosticEventHubName diff --git a/modules/compute/virtual-machine/main.json b/modules/compute/virtual-machine/main.json index 7f11506213..7c0d0faab1 100644 --- a/modules/compute/virtual-machine/main.json +++ b/modules/compute/virtual-machine/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "16260888276391715225" + "templateHash": "6083372606537708604" }, "name": "Virtual Machines", "description": "This module deploys a Virtual Machine with one or multiple NICs and optionally one or multiple public IPs.", @@ -432,15 +432,6 @@ "description": "Optional. Location for all resources." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -821,9 +812,6 @@ "diagnosticStorageAccountId": { "value": "[parameters('diagnosticStorageAccountId')]" }, - "diagnosticLogsRetentionInDays": { - "value": "[parameters('diagnosticLogsRetentionInDays')]" - }, "diagnosticWorkspaceId": { "value": "[parameters('diagnosticWorkspaceId')]" }, @@ -857,7 +845,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "2403050015173417412" + "templateHash": "18368167306058144977" } }, "parameters": { @@ -902,9 +890,6 @@ "diagnosticStorageAccountId": { "type": "string" }, - "diagnosticLogsRetentionInDays": { - "type": "int" - }, "diagnosticWorkspaceId": { "type": "string" }, @@ -976,9 +961,6 @@ "diagnosticLogCategoriesToEnable": { "value": "[parameters('pipdiagnosticLogCategoriesToEnable')]" }, - "diagnosticLogsRetentionInDays": { - "value": "[parameters('diagnosticLogsRetentionInDays')]" - }, "diagnosticMetricsToEnable": { "value": "[parameters('pipdiagnosticMetricsToEnable')]" }, @@ -1018,7 +1000,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "1083592604266553783" + "templateHash": "7444990895328873286" }, "name": "Public IP Addresses", "description": "This module deploys a Public IP Address.", @@ -1089,15 +1071,6 @@ "description": "Optional. IP address version." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -1244,11 +1217,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -1257,15 +1226,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" }, "resources": [ { @@ -1586,9 +1551,6 @@ "diagnosticEventHubName": { "value": "[parameters('diagnosticEventHubName')]" }, - "diagnosticLogsRetentionInDays": { - "value": "[parameters('diagnosticLogsRetentionInDays')]" - }, "diagnosticStorageAccountId": { "value": "[parameters('diagnosticStorageAccountId')]" }, @@ -1624,7 +1586,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "16443618351676529498" + "templateHash": "4973390307671682303" }, "name": "Network Interface", "description": "This module deploys a Network Interface.", @@ -1744,15 +1706,6 @@ "description": "Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -1809,11 +1762,7 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ] diff --git a/modules/container-registry/registry/.test/common/main.test.bicep b/modules/container-registry/registry/.test/common/main.test.bicep index 8460898be1..a2086f2f12 100644 --- a/modules/container-registry/registry/.test/common/main.test.bicep +++ b/modules/container-registry/registry/.test/common/main.test.bicep @@ -66,7 +66,6 @@ module testDeployment '../../main.bicep' = { name: '${namePrefix}${serviceShort}001' acrAdminUserEnabled: false acrSku: 'Premium' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/container-registry/registry/README.md b/modules/container-registry/registry/README.md index c632c2be87..563a2e27b0 100644 --- a/modules/container-registry/registry/README.md +++ b/modules/container-registry/registry/README.md @@ -52,7 +52,6 @@ This module deploys an Azure Container Registry (ACR). | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, ContainerRegistryLoginEvents, ContainerRegistryRepositoryEvents]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -393,7 +392,6 @@ module registry './container-registry/registry/main.bicep' = { azureADAuthenticationAsArmPolicyStatus: 'enabled' diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -489,9 +487,6 @@ module registry './container-registry/registry/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/container-registry/registry/main.bicep b/modules/container-registry/registry/main.bicep index 68f470fdf9..74989bd260 100644 --- a/modules/container-registry/registry/main.bicep +++ b/modules/container-registry/registry/main.bicep @@ -155,11 +155,6 @@ param diagnosticMetricsToEnable array = [ 'AllMetrics' ] -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -193,20 +188,12 @@ param cMKUserAssignedIdentityResourceId string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -214,10 +201,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var identityType = systemAssignedIdentity ? (!empty(userAssignedIdentities) ? 'SystemAssigned,UserAssigned' : 'SystemAssigned') : (!empty(userAssignedIdentities) ? 'UserAssigned' : 'None') diff --git a/modules/container-registry/registry/main.json b/modules/container-registry/registry/main.json index eda677a8c3..53c6af6abb 100644 --- a/modules/container-registry/registry/main.json +++ b/modules/container-registry/registry/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "13310604617859412118" + "templateHash": "6969483115486766809" }, "name": "Azure Container Registries (ACR)", "description": "This module deploys an Azure Container Registry (ACR).", @@ -280,15 +280,6 @@ "description": "Optional. The name of metrics that will be streamed." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -367,11 +358,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -380,15 +367,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned,UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]", "identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]", "enableReferencedModulesTelemetry": false diff --git a/modules/container-service/managed-cluster/.test/azure/main.test.bicep b/modules/container-service/managed-cluster/.test/azure/main.test.bicep index 53e453d441..ae463a55e5 100644 --- a/modules/container-service/managed-cluster/.test/azure/main.test.bicep +++ b/modules/container-service/managed-cluster/.test/azure/main.test.bicep @@ -147,7 +147,6 @@ module testDeployment '../../main.bicep' = { } ] aksClusterNetworkPlugin: 'azure' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/container-service/managed-cluster/.test/kubenet/main.test.bicep b/modules/container-service/managed-cluster/.test/kubenet/main.test.bicep index 617ca20c95..5faf01208e 100644 --- a/modules/container-service/managed-cluster/.test/kubenet/main.test.bicep +++ b/modules/container-service/managed-cluster/.test/kubenet/main.test.bicep @@ -135,7 +135,6 @@ module testDeployment '../../main.bicep' = { } ] aksClusterNetworkPlugin: 'kubenet' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/container-service/managed-cluster/.test/priv/main.test.bicep b/modules/container-service/managed-cluster/.test/priv/main.test.bicep index 13fb056ec4..c5ace56db5 100644 --- a/modules/container-service/managed-cluster/.test/priv/main.test.bicep +++ b/modules/container-service/managed-cluster/.test/priv/main.test.bicep @@ -142,7 +142,6 @@ module testDeployment '../../main.bicep' = { aksClusterSkuTier: 'Standard' aksClusterDnsServiceIP: '10.10.200.10' aksClusterServiceCidr: '10.10.200.0/24' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/container-service/managed-cluster/README.md b/modules/container-service/managed-cluster/README.md index a601b0f019..88b9e2c128 100644 --- a/modules/container-service/managed-cluster/README.md +++ b/modules/container-service/managed-cluster/README.md @@ -86,7 +86,6 @@ This module deploys an Azure Kubernetes Service (AKS) Managed Cluster. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, cluster-autoscaler, guard, kube-apiserver, kube-audit, kube-audit-admin, kube-controller-manager, kube-scheduler]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -476,7 +475,6 @@ module managedCluster './container-service/managed-cluster/main.bicep' = { aksClusterNetworkPlugin: 'azure' diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' diskEncryptionSetID: '' @@ -661,9 +659,6 @@ module managedCluster './container-service/managed-cluster/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, @@ -853,7 +848,6 @@ module managedCluster './container-service/managed-cluster/main.bicep' = { aksClusterNetworkPlugin: 'kubenet' diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -977,9 +971,6 @@ module managedCluster './container-service/managed-cluster/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, @@ -1176,7 +1167,6 @@ module managedCluster './container-service/managed-cluster/main.bicep' = { aksClusterSkuTier: 'Standard' diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -1304,9 +1294,6 @@ module managedCluster './container-service/managed-cluster/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/container-service/managed-cluster/main.bicep b/modules/container-service/managed-cluster/main.bicep index 7a0abfa63f..a07026f84b 100644 --- a/modules/container-service/managed-cluster/main.bicep +++ b/modules/container-service/managed-cluster/main.bicep @@ -284,11 +284,6 @@ param diagnosticEventHubAuthorizationRuleId string = '' @description('Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category.') param diagnosticEventHubName string = '' -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true @@ -346,20 +341,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -367,10 +354,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var identityType = systemAssignedIdentity ? 'SystemAssigned' : (!empty(userAssignedIdentities) ? 'UserAssigned' : 'None') diff --git a/modules/container-service/managed-cluster/main.json b/modules/container-service/managed-cluster/main.json index 05c57f5b90..505ad190f3 100644 --- a/modules/container-service/managed-cluster/main.json +++ b/modules/container-service/managed-cluster/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "14635294437728407087" + "templateHash": "2499528815561589714" }, "name": "Azure Kubernetes Service (AKS) Managed Clusters", "description": "This module deploys an Azure Kubernetes Service (AKS) Managed Cluster.", @@ -601,15 +601,6 @@ "description": "Optional. Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "enableDefaultTelemetry": { "type": "bool", "defaultValue": true, @@ -711,11 +702,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -724,15 +711,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "identityType": "[if(parameters('systemAssignedIdentity'), 'SystemAssigned', if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]", "identity": { "type": "[variables('identityType')]", diff --git a/modules/data-factory/factory/.test/common/main.test.bicep b/modules/data-factory/factory/.test/common/main.test.bicep index 5b1ea3f79e..522aa02ad1 100644 --- a/modules/data-factory/factory/.test/common/main.test.bicep +++ b/modules/data-factory/factory/.test/common/main.test.bicep @@ -69,7 +69,6 @@ module testDeployment '../../main.bicep' = { cMKKeyName: nestedDependencies.outputs.keyVaultEncryptionKeyName cMKKeyVaultResourceId: nestedDependencies.outputs.keyVaultResourceId cMKUserAssignedIdentityResourceId: nestedDependencies.outputs.managedIdentityResourceId - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/data-factory/factory/README.md b/modules/data-factory/factory/README.md index 0bd8772cbb..fedd12666c 100644 --- a/modules/data-factory/factory/README.md +++ b/modules/data-factory/factory/README.md @@ -48,7 +48,6 @@ This module deploys a Data Factory. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', ActivityRuns, allLogs, PipelineRuns, SSISIntegrationRuntimeLogs, SSISPackageEventMessageContext, SSISPackageEventMessages, SSISPackageExecutableStatistics, SSISPackageExecutionComponentPhases, SSISPackageExecutionDataStatistics, TriggerRuns]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -403,7 +402,6 @@ module factory './data-factory/factory/main.bicep' = { cMKUserAssignedIdentityResourceId: '' diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -509,9 +507,6 @@ module factory './data-factory/factory/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/data-factory/factory/main.bicep b/modules/data-factory/factory/main.bicep index f4a7ae7072..ad5acd0751 100644 --- a/modules/data-factory/factory/main.bicep +++ b/modules/data-factory/factory/main.bicep @@ -55,11 +55,6 @@ param gitHostName string = '' @description('Optional. List of Global Parameters for the factory.') param globalParameters object = {} -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -133,20 +128,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -154,10 +141,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] @description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') diff --git a/modules/data-factory/factory/main.json b/modules/data-factory/factory/main.json index 369413d9e0..f6dcaebbfa 100644 --- a/modules/data-factory/factory/main.json +++ b/modules/data-factory/factory/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "6436757773314352599" + "templateHash": "10840135215067371071" }, "name": "Data Factories", "description": "This module deploys a Data Factory.", @@ -128,15 +128,6 @@ "description": "Optional. List of Global Parameters for the factory." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -296,11 +287,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -309,15 +296,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned,UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]", "identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]", "enableReferencedModulesTelemetry": false diff --git a/modules/databricks/workspace/.test/common/main.test.bicep b/modules/databricks/workspace/.test/common/main.test.bicep index cad178b102..ff502e457c 100644 --- a/modules/databricks/workspace/.test/common/main.test.bicep +++ b/modules/databricks/workspace/.test/common/main.test.bicep @@ -67,7 +67,6 @@ module testDeployment '../../main.bicep' = { diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName - diagnosticLogsRetentionInDays: 7 lock: 'CanNotDelete' roleAssignments: [ { diff --git a/modules/databricks/workspace/README.md b/modules/databricks/workspace/README.md index d8e0d0bd23..bb9d78a717 100644 --- a/modules/databricks/workspace/README.md +++ b/modules/databricks/workspace/README.md @@ -34,7 +34,6 @@ This module deploys an Azure Databricks Workspace. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', accounts, allLogs, clusters, dbfs, instancePools, jobs, notebook, secrets, sqlPermissions, ssh, workspace]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | @@ -248,7 +247,6 @@ module workspace './databricks/workspace/main.bicep' = { // Non-required parameters diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -293,9 +291,6 @@ module workspace './databricks/workspace/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/databricks/workspace/main.bicep b/modules/databricks/workspace/main.bicep index 5c306dbc5e..585ff24171 100644 --- a/modules/databricks/workspace/main.bicep +++ b/modules/databricks/workspace/main.bicep @@ -25,11 +25,6 @@ param roleAssignments array = [] @description('Optional. The workspace\'s custom parameters.') param parameters object = {} -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -81,20 +76,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified diff --git a/modules/databricks/workspace/main.json b/modules/databricks/workspace/main.json index 4262ec18c2..2c5e42b8c7 100644 --- a/modules/databricks/workspace/main.json +++ b/modules/databricks/workspace/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "3914896258609999885" + "templateHash": "17661847744091981452" }, "name": "Azure Databricks Workspaces", "description": "This module deploys an Azure Databricks Workspace.", @@ -58,15 +58,6 @@ "description": "Optional. The workspace's custom parameters." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -159,15 +150,11 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "managedResourceGroupName": "[format('{0}-rg', parameters('name'))]", "managedResourceGroupIdVar": "[format('{0}/resourceGroups/{1}', subscription().id, variables('managedResourceGroupName'))]" }, diff --git a/modules/db-for-my-sql/flexible-server/.test/private/main.test.bicep b/modules/db-for-my-sql/flexible-server/.test/private/main.test.bicep index 7610bb027e..b231316e74 100644 --- a/modules/db-for-my-sql/flexible-server/.test/private/main.test.bicep +++ b/modules/db-for-my-sql/flexible-server/.test/private/main.test.bicep @@ -108,6 +108,5 @@ module testDeployment '../../main.bicep' = { diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName - diagnosticLogsRetentionInDays: 7 } } diff --git a/modules/db-for-my-sql/flexible-server/.test/public/main.test.bicep b/modules/db-for-my-sql/flexible-server/.test/public/main.test.bicep index 80e9fb5864..8c2c60ec0d 100644 --- a/modules/db-for-my-sql/flexible-server/.test/public/main.test.bicep +++ b/modules/db-for-my-sql/flexible-server/.test/public/main.test.bicep @@ -156,6 +156,5 @@ module testDeployment '../../main.bicep' = { diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName - diagnosticLogsRetentionInDays: 7 } } diff --git a/modules/db-for-my-sql/flexible-server/README.md b/modules/db-for-my-sql/flexible-server/README.md index b9be319b7a..f75e0ea4e7 100644 --- a/modules/db-for-my-sql/flexible-server/README.md +++ b/modules/db-for-my-sql/flexible-server/README.md @@ -61,7 +61,6 @@ This module deploys a DBforMySQL Flexible Server. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, MySqlAuditLogs, MySqlSlowLogs]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -324,7 +323,6 @@ module flexibleServer './db-for-my-sql/flexible-server/main.bicep' = { delegatedSubnetResourceId: '' diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -404,9 +402,6 @@ module flexibleServer './db-for-my-sql/flexible-server/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, @@ -503,7 +498,6 @@ module flexibleServer './db-for-my-sql/flexible-server/main.bicep' = { ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -619,9 +613,6 @@ module flexibleServer './db-for-my-sql/flexible-server/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/db-for-my-sql/flexible-server/main.bicep b/modules/db-for-my-sql/flexible-server/main.bicep index 17e2f6914d..1b2e3623cb 100644 --- a/modules/db-for-my-sql/flexible-server/main.bicep +++ b/modules/db-for-my-sql/flexible-server/main.bicep @@ -176,11 +176,6 @@ param firewallRules array = [] @description('Optional. Array of role assignment objects that contain the "roleDefinitionIdOrName" and "principalId" to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: "/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11".') param roleAssignments array = [] -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -218,20 +213,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -239,10 +226,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') diff --git a/modules/db-for-my-sql/flexible-server/main.json b/modules/db-for-my-sql/flexible-server/main.json index 29bf3f0dc4..ecfa7bf36e 100644 --- a/modules/db-for-my-sql/flexible-server/main.json +++ b/modules/db-for-my-sql/flexible-server/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "10319315630521368786" + "templateHash": "8843810505050220871" }, "name": "DBforMySQL Flexible Servers", "description": "This module deploys a DBforMySQL Flexible Server.", @@ -324,15 +324,6 @@ "description": "Optional. Array of role assignment objects that contain the \"roleDefinitionIdOrName\" and \"principalId\" to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \"/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\"." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -410,11 +401,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -423,15 +410,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "identityType": "[if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None')]", "identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]", "enableReferencedModulesTelemetry": false diff --git a/modules/db-for-postgre-sql/flexible-server/.test/private/main.test.bicep b/modules/db-for-postgre-sql/flexible-server/.test/private/main.test.bicep index d4655ce3d2..1cf97fb1dd 100644 --- a/modules/db-for-postgre-sql/flexible-server/.test/private/main.test.bicep +++ b/modules/db-for-postgre-sql/flexible-server/.test/private/main.test.bicep @@ -99,7 +99,6 @@ module testDeployment '../../main.bicep' = { diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName - diagnosticLogsRetentionInDays: 7 geoRedundantBackup: 'Enabled' privateDnsZoneArmResourceId: nestedDependencies.outputs.privateDNSResourceId tags: { diff --git a/modules/db-for-postgre-sql/flexible-server/.test/public/main.test.bicep b/modules/db-for-postgre-sql/flexible-server/.test/public/main.test.bicep index 021cae61be..6738b412df 100644 --- a/modules/db-for-postgre-sql/flexible-server/.test/public/main.test.bicep +++ b/modules/db-for-postgre-sql/flexible-server/.test/public/main.test.bicep @@ -99,7 +99,6 @@ module testDeployment '../../main.bicep' = { diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName - diagnosticLogsRetentionInDays: 7 firewallRules: [ { endIpAddress: '0.0.0.0' diff --git a/modules/db-for-postgre-sql/flexible-server/README.md b/modules/db-for-postgre-sql/flexible-server/README.md index d6a9a3a6db..75d89467cf 100644 --- a/modules/db-for-postgre-sql/flexible-server/README.md +++ b/modules/db-for-postgre-sql/flexible-server/README.md @@ -59,7 +59,6 @@ This module deploys a DBforPostgreSQL Flexible Server. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, PostgreSQLFlexDatabaseXacts, PostgreSQLFlexQueryStoreRuntime, PostgreSQLFlexQueryStoreWaitStats, PostgreSQLFlexSessions, PostgreSQLFlexTableStats, PostgreSQLLogs]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -477,7 +476,6 @@ module flexibleServer './db-for-postgre-sql/flexible-server/main.bicep' = { delegatedSubnetResourceId: '' diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -555,9 +553,6 @@ module flexibleServer './db-for-postgre-sql/flexible-server/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, @@ -627,7 +622,6 @@ module flexibleServer './db-for-postgre-sql/flexible-server/main.bicep' = { ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -735,9 +729,6 @@ module flexibleServer './db-for-postgre-sql/flexible-server/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/db-for-postgre-sql/flexible-server/main.bicep b/modules/db-for-postgre-sql/flexible-server/main.bicep index 48ff43f1c2..ce8495ec2a 100644 --- a/modules/db-for-postgre-sql/flexible-server/main.bicep +++ b/modules/db-for-postgre-sql/flexible-server/main.bicep @@ -144,11 +144,6 @@ param tags object = {} @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -190,20 +185,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -211,10 +198,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var enableReferencedModulesTelemetry = false diff --git a/modules/db-for-postgre-sql/flexible-server/main.json b/modules/db-for-postgre-sql/flexible-server/main.json index 5cf324dc40..64868b74c1 100644 --- a/modules/db-for-postgre-sql/flexible-server/main.json +++ b/modules/db-for-postgre-sql/flexible-server/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "12231440430796984538" + "templateHash": "1801764410852262795" }, "name": "DBforPostgreSQL Flexible Servers", "description": "This module deploys a DBforPostgreSQL Flexible Server.", @@ -268,15 +268,6 @@ "description": "Optional. Enable telemetry via a Globally Unique Identifier (GUID)." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -351,11 +342,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -364,15 +351,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "enableReferencedModulesTelemetry": false }, "resources": [ diff --git a/modules/desktop-virtualization/application-group/.test/common/main.test.bicep b/modules/desktop-virtualization/application-group/.test/common/main.test.bicep index 442aa41fdd..d49d0c91f9 100644 --- a/modules/desktop-virtualization/application-group/.test/common/main.test.bicep +++ b/modules/desktop-virtualization/application-group/.test/common/main.test.bicep @@ -85,7 +85,6 @@ module testDeployment '../../main.bicep' = { } ] description: 'This is my first Remote Applications bundle' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/desktop-virtualization/application-group/README.md b/modules/desktop-virtualization/application-group/README.md index 36c167f77a..0ea6d2af56 100644 --- a/modules/desktop-virtualization/application-group/README.md +++ b/modules/desktop-virtualization/application-group/README.md @@ -39,7 +39,6 @@ This module deploys an Azure Virtual Desktop (AVD) Application Group. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, Checkpoint, Error, Management]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of log analytics. | @@ -207,7 +206,6 @@ module applicationGroup './desktop-virtualization/application-group/main.bicep' description: 'This is my first Remote Applications bundle' diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -283,9 +281,6 @@ module applicationGroup './desktop-virtualization/application-group/main.bicep' "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/desktop-virtualization/application-group/main.bicep b/modules/desktop-virtualization/application-group/main.bicep index 4039305515..1323b46739 100644 --- a/modules/desktop-virtualization/application-group/main.bicep +++ b/modules/desktop-virtualization/application-group/main.bicep @@ -28,11 +28,6 @@ param description string = '' @sys.description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] -@sys.description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @sys.description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -80,20 +75,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified diff --git a/modules/desktop-virtualization/application-group/main.json b/modules/desktop-virtualization/application-group/main.json index 170247e1f1..273ac199e1 100644 --- a/modules/desktop-virtualization/application-group/main.json +++ b/modules/desktop-virtualization/application-group/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "4271142083769712326" + "templateHash": "14308484478858567050" }, "name": "Azure Virtual Desktop (AVD) Application Groups", "description": "This module deploys an Azure Virtual Desktop (AVD) Application Group.", @@ -63,15 +63,6 @@ "description": "Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -164,15 +155,11 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "enableReferencedModulesTelemetry": false }, "resources": [ diff --git a/modules/desktop-virtualization/host-pool/.test/common/main.test.bicep b/modules/desktop-virtualization/host-pool/.test/common/main.test.bicep index 49e0912547..6fb06b4407 100644 --- a/modules/desktop-virtualization/host-pool/.test/common/main.test.bicep +++ b/modules/desktop-virtualization/host-pool/.test/common/main.test.bicep @@ -64,7 +64,6 @@ module testDeployment '../../main.bicep' = { enableDefaultTelemetry: enableDefaultTelemetry name: '${namePrefix}${serviceShort}001' customRdpProperty: 'audiocapturemode:i:1;audiomode:i:0;drivestoredirect:s:;redirectclipboard:i:1;redirectcomports:i:1;redirectprinters:i:1;redirectsmartcards:i:1;screen mode id:i:2;' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/desktop-virtualization/host-pool/README.md b/modules/desktop-virtualization/host-pool/README.md index cf9fecd33d..d12faf2c33 100644 --- a/modules/desktop-virtualization/host-pool/README.md +++ b/modules/desktop-virtualization/host-pool/README.md @@ -43,7 +43,6 @@ This module deploys an Azure Virtual Desktop (AVD) Host Pool. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', AgentHealthStatus, allLogs, Checkpoint, Connection, Error, HostRegistration, Management]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | @@ -312,7 +311,6 @@ module hostPool './desktop-virtualization/host-pool/main.bicep' = { description: 'My first AVD Host Pool' diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -403,9 +401,6 @@ module hostPool './desktop-virtualization/host-pool/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/desktop-virtualization/host-pool/main.bicep b/modules/desktop-virtualization/host-pool/main.bicep index 2d089de365..483e0faa44 100644 --- a/modules/desktop-virtualization/host-pool/main.bicep +++ b/modules/desktop-virtualization/host-pool/main.bicep @@ -56,11 +56,6 @@ param tokenValidityLength string = 'PT8H' @sys.description('Generated. Do not provide a value! This date value is used to generate a registration token.') param baseTime string = utcNow('u') -@sys.description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @sys.description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -147,7 +142,6 @@ param agentUpdate object = { useSessionHostLocalTime: agentUpdateUseSessionHostLocalTime } - @sys.description('Optional. The ring number of HostPool.') param ring int = -1 @@ -193,20 +187,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified diff --git a/modules/desktop-virtualization/host-pool/main.json b/modules/desktop-virtualization/host-pool/main.json index 05c271e247..fa73ba0804 100644 --- a/modules/desktop-virtualization/host-pool/main.json +++ b/modules/desktop-virtualization/host-pool/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "4343458638136186821" + "templateHash": "11648715346210984085" }, "name": "Azure Virtual Desktop (AVD) Host Pools", "description": "This module deploys an Azure Virtual Desktop (AVD) Host Pool.", @@ -117,15 +117,6 @@ "description": "Generated. Do not provide a value! This date value is used to generate a registration token." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -356,15 +347,11 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "tokenExpirationTime": "[dateTimeAdd(parameters('baseTime'), parameters('tokenValidityLength'))]" }, "resources": [ diff --git a/modules/desktop-virtualization/scaling-plan/.test/common/main.test.bicep b/modules/desktop-virtualization/scaling-plan/.test/common/main.test.bicep index d89579726b..e2704b6908 100644 --- a/modules/desktop-virtualization/scaling-plan/.test/common/main.test.bicep +++ b/modules/desktop-virtualization/scaling-plan/.test/common/main.test.bicep @@ -72,7 +72,6 @@ module testDeployment '../../main.bicep' = { principalType: 'ServicePrincipal' } ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/desktop-virtualization/scaling-plan/README.md b/modules/desktop-virtualization/scaling-plan/README.md index 28ec89ea82..b964c6f5bb 100644 --- a/modules/desktop-virtualization/scaling-plan/README.md +++ b/modules/desktop-virtualization/scaling-plan/README.md @@ -34,7 +34,6 @@ This module deploys an Azure Virtual Desktop (AVD) Scaling Plan. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, Autoscale]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | @@ -286,7 +285,6 @@ module scalingPlan './desktop-virtualization/scaling-plan/main.bicep' = { description: 'My Scaling Plan Description' diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -335,9 +333,6 @@ module scalingPlan './desktop-virtualization/scaling-plan/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/desktop-virtualization/scaling-plan/main.bicep b/modules/desktop-virtualization/scaling-plan/main.bicep index aca6eb13b3..dab1c3fff6 100644 --- a/modules/desktop-virtualization/scaling-plan/main.bicep +++ b/modules/desktop-virtualization/scaling-plan/main.bicep @@ -75,11 +75,6 @@ param hostPoolReferences array = [] @sys.description('Optional. Tags of the resource.') param tags object = {} -@sys.description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @sys.description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -111,20 +106,12 @@ param diagnosticLogCategoriesToEnable array = [ var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified diff --git a/modules/desktop-virtualization/scaling-plan/main.json b/modules/desktop-virtualization/scaling-plan/main.json index 806e6ad673..de51fe69a8 100644 --- a/modules/desktop-virtualization/scaling-plan/main.json +++ b/modules/desktop-virtualization/scaling-plan/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "12746369585397346808" + "templateHash": "10391957957992354423" }, "name": "Azure Virtual Desktop (AVD) Scaling Plans", "description": "This module deploys an Azure Virtual Desktop (AVD) Scaling Plan.", @@ -124,15 +124,6 @@ "description": "Optional. Tags of the resource." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -197,15 +188,11 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" }, "resources": [ { diff --git a/modules/desktop-virtualization/workspace/.test/common/main.test.bicep b/modules/desktop-virtualization/workspace/.test/common/main.test.bicep index 8d0ec90d33..47db31d8fa 100644 --- a/modules/desktop-virtualization/workspace/.test/common/main.test.bicep +++ b/modules/desktop-virtualization/workspace/.test/common/main.test.bicep @@ -68,7 +68,6 @@ module testDeployment '../../main.bicep' = { appGroupResourceIds: [ nestedDependencies.outputs.applicationGroupResourceId ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/desktop-virtualization/workspace/README.md b/modules/desktop-virtualization/workspace/README.md index f1be8d6dec..dc530682df 100644 --- a/modules/desktop-virtualization/workspace/README.md +++ b/modules/desktop-virtualization/workspace/README.md @@ -36,7 +36,6 @@ This module deploys an Azure Virtual Desktop (AVD) Workspace. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, Checkpoint, Error, Feed, Management]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | @@ -187,7 +186,6 @@ module workspace './desktop-virtualization/workspace/main.bicep' = { description: 'This is my first AVD Workspace' diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -242,9 +240,6 @@ module workspace './desktop-virtualization/workspace/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/desktop-virtualization/workspace/main.bicep b/modules/desktop-virtualization/workspace/main.bicep index c3a018fa0e..6cf547dee5 100644 --- a/modules/desktop-virtualization/workspace/main.bicep +++ b/modules/desktop-virtualization/workspace/main.bicep @@ -17,11 +17,6 @@ param friendlyName string = '' @sys.description('Optional. The description of the Workspace to be created.') param description string = '' -@sys.description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @sys.description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -70,20 +65,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified diff --git a/modules/desktop-virtualization/workspace/main.json b/modules/desktop-virtualization/workspace/main.json index e18453d7f2..04f72d5514 100644 --- a/modules/desktop-virtualization/workspace/main.json +++ b/modules/desktop-virtualization/workspace/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "7035285655295461424" + "templateHash": "5583996217532008926" }, "name": "Azure Virtual Desktop (AVD) Workspaces", "description": "This module deploys an Azure Virtual Desktop (AVD) Workspace.", @@ -46,15 +46,6 @@ "description": "Optional. The description of the Workspace to be created." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -148,15 +139,11 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" }, "resources": [ { diff --git a/modules/digital-twins/digital-twins-instance/.test/common/main.test.bicep b/modules/digital-twins/digital-twins-instance/.test/common/main.test.bicep index 02d6f60bdb..e40037c573 100644 --- a/modules/digital-twins/digital-twins-instance/.test/common/main.test.bicep +++ b/modules/digital-twins/digital-twins-instance/.test/common/main.test.bicep @@ -87,7 +87,6 @@ module testDeployment '../../main.bicep' = { userAssignedIdentities: { '${nestedDependencies.outputs.managedIdentityResourceId}': {} } - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/digital-twins/digital-twins-instance/README.md b/modules/digital-twins/digital-twins-instance/README.md index 7a0290e41c..43768dff83 100644 --- a/modules/digital-twins/digital-twins-instance/README.md +++ b/modules/digital-twins/digital-twins-instance/README.md @@ -38,7 +38,6 @@ This module deploys an Azure Digital Twins Instance. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, DataHistoryOperation, DigitalTwinsOperation, EventRoutesOperation, ModelsOperation, QueryOperation, ResourceProviderOperation]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `[format('{0}-diagnosticSettings', parameters('name'))]` | | The name of the diagnostic setting, if deployed. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | @@ -458,7 +457,6 @@ module digitalTwinsInstance './digital-twins/digital-twins-instance/main.bicep' // Non-required parameters diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -533,9 +531,6 @@ module digitalTwinsInstance './digital-twins/digital-twins-instance/main.bicep' "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/digital-twins/digital-twins-instance/main.bicep b/modules/digital-twins/digital-twins-instance/main.bicep index 63c51286ce..c2dd816a8d 100644 --- a/modules/digital-twins/digital-twins-instance/main.bicep +++ b/modules/digital-twins/digital-twins-instance/main.bicep @@ -53,11 +53,6 @@ param diagnosticSettingsName string = '${name}-diagnosticSettings' @description('Optional. Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticStorageAccountId string = '' -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic log analytics workspace. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticWorkspaceId string = '' @@ -108,20 +103,12 @@ var identity = identityType != 'None' ? { var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -129,10 +116,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) { diff --git a/modules/digital-twins/digital-twins-instance/main.json b/modules/digital-twins/digital-twins-instance/main.json index 60cf590f99..3ea197b9bd 100644 --- a/modules/digital-twins/digital-twins-instance/main.json +++ b/modules/digital-twins/digital-twins-instance/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "11002137237777155291" + "templateHash": "8772718651117933838" }, "name": "Digital Twins Instances", "description": "This module deploys an Azure Digital Twins Instance.", @@ -114,15 +114,6 @@ "description": "Optional. Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticWorkspaceId": { "type": "string", "defaultValue": "", @@ -197,11 +188,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -210,18 +197,14 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], "enableReferencedModulesTelemetry": false, "identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned, UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]", "identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]", - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" }, "resources": [ { diff --git a/modules/document-db/database-account/.test/gremlindb/main.test.bicep b/modules/document-db/database-account/.test/gremlindb/main.test.bicep index 8d67918a57..98abd55438 100644 --- a/modules/document-db/database-account/.test/gremlindb/main.test.bicep +++ b/modules/document-db/database-account/.test/gremlindb/main.test.bicep @@ -82,7 +82,6 @@ module testDeployment '../../main.bicep' = { diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName - diagnosticLogsRetentionInDays: 7 gremlinDatabases: [ { graphs: [ diff --git a/modules/document-db/database-account/.test/mongodb/main.test.bicep b/modules/document-db/database-account/.test/mongodb/main.test.bicep index 287ff5759c..bd0e8f4fa8 100644 --- a/modules/document-db/database-account/.test/mongodb/main.test.bicep +++ b/modules/document-db/database-account/.test/mongodb/main.test.bicep @@ -79,7 +79,6 @@ module testDeployment '../../main.bicep' = { diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName - diagnosticLogsRetentionInDays: 7 location: location mongodbDatabases: [ { diff --git a/modules/document-db/database-account/.test/plain/main.test.bicep b/modules/document-db/database-account/.test/plain/main.test.bicep index d0a7345316..23071b8799 100644 --- a/modules/document-db/database-account/.test/plain/main.test.bicep +++ b/modules/document-db/database-account/.test/plain/main.test.bicep @@ -79,7 +79,6 @@ module testDeployment '../../main.bicep' = { diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName - diagnosticLogsRetentionInDays: 7 lock: 'CanNotDelete' roleAssignments: [ { diff --git a/modules/document-db/database-account/.test/sqldb/main.test.bicep b/modules/document-db/database-account/.test/sqldb/main.test.bicep index 711dfcf861..ba9288205b 100644 --- a/modules/document-db/database-account/.test/sqldb/main.test.bicep +++ b/modules/document-db/database-account/.test/sqldb/main.test.bicep @@ -80,7 +80,6 @@ module testDeployment '../../main.bicep' = { diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName - diagnosticLogsRetentionInDays: 7 location: location privateEndpoints: [ { diff --git a/modules/document-db/database-account/README.md b/modules/document-db/database-account/README.md index ace60aa802..72f4640a8a 100644 --- a/modules/document-db/database-account/README.md +++ b/modules/document-db/database-account/README.md @@ -52,7 +52,6 @@ This module deploys a DocumentDB Database Account. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, CassandraRequests, ControlPlaneRequests, DataPlaneRequests, GremlinRequests, MongoRequests, PartitionKeyRUConsumption, PartitionKeyStatistics, QueryRuntimeStatistics, TableApiRequests]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[Requests]` | `[Requests]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -682,7 +681,6 @@ module databaseAccount './document-db/database-account/main.bicep' = { ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -795,9 +793,6 @@ module databaseAccount './document-db/database-account/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, @@ -914,7 +909,6 @@ module databaseAccount './document-db/database-account/main.bicep' = { // Non-required parameters diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -1158,9 +1152,6 @@ module databaseAccount './document-db/database-account/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, @@ -1413,7 +1404,6 @@ module databaseAccount './document-db/database-account/main.bicep' = { // Non-required parameters diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -1472,9 +1462,6 @@ module databaseAccount './document-db/database-account/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, @@ -1538,7 +1525,6 @@ module databaseAccount './document-db/database-account/main.bicep' = { // Non-required parameters diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -1691,9 +1677,6 @@ module databaseAccount './document-db/database-account/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/document-db/database-account/main.bicep b/modules/document-db/database-account/main.bicep index c4e5faface..9d148d775c 100644 --- a/modules/document-db/database-account/main.bicep +++ b/modules/document-db/database-account/main.bicep @@ -84,11 +84,6 @@ param lock string = '' @description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalIds\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -179,20 +174,12 @@ param privateEndpoints array = [] var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -200,10 +187,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var identityType = systemAssignedIdentity ? (!empty(userAssignedIdentities) ? 'SystemAssigned, UserAssigned' : 'SystemAssigned') : (!empty(userAssignedIdentities) ? 'UserAssigned' : 'None') diff --git a/modules/document-db/database-account/main.json b/modules/document-db/database-account/main.json index 7a022723c9..c5f9ce0bac 100644 --- a/modules/document-db/database-account/main.json +++ b/modules/document-db/database-account/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "15745659203746227223" + "templateHash": "17230929813729114087" }, "name": "DocumentDB Database Accounts", "description": "This module deploys a DocumentDB Database Account.", @@ -168,15 +168,6 @@ "description": "Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalIds' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -328,11 +319,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -341,11 +328,7 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -365,7 +348,7 @@ } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned, UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]", "identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]", "consistencyPolicy": { diff --git a/modules/event-grid/domain/.test/common/main.test.bicep b/modules/event-grid/domain/.test/common/main.test.bicep index 062266742e..2bbe444ed6 100644 --- a/modules/event-grid/domain/.test/common/main.test.bicep +++ b/modules/event-grid/domain/.test/common/main.test.bicep @@ -64,7 +64,6 @@ module testDeployment '../../main.bicep' = { params: { enableDefaultTelemetry: enableDefaultTelemetry name: '${namePrefix}${serviceShort}001' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/event-grid/domain/README.md b/modules/event-grid/domain/README.md index fded127219..97d325a857 100644 --- a/modules/event-grid/domain/README.md +++ b/modules/event-grid/domain/README.md @@ -39,7 +39,6 @@ This module deploys an Event Grid Domain. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, DeliveryFailures, PublishFailures]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -294,7 +293,6 @@ module domain './event-grid/domain/main.bicep' = { // Non-required parameters diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -363,9 +361,6 @@ module domain './event-grid/domain/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/event-grid/domain/main.bicep b/modules/event-grid/domain/main.bicep index 91dac314a3..853973234c 100644 --- a/modules/event-grid/domain/main.bicep +++ b/modules/event-grid/domain/main.bicep @@ -25,11 +25,6 @@ param autoDeleteTopicWithLastSubscription bool = true @description('Optional. This can be used to restrict traffic from specific IPs instead of all IPs. Note: These are considered only if PublicNetworkAccess is enabled.') param inboundIpRules array = [] -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -92,20 +87,12 @@ var enableReferencedModulesTelemetry = false var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -113,10 +100,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) { diff --git a/modules/event-grid/domain/main.json b/modules/event-grid/domain/main.json index bfac7ef678..3c01e2fcef 100644 --- a/modules/event-grid/domain/main.json +++ b/modules/event-grid/domain/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "5956133578937811234" + "templateHash": "15864855878909112039" }, "name": "Event Grid Domains", "description": "This module deploys an Event Grid Domain.", @@ -58,15 +58,6 @@ "description": "Optional. This can be used to restrict traffic from specific IPs instead of all IPs. Note: These are considered only if PublicNetworkAccess is enabled." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -184,11 +175,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -197,16 +184,12 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], "enableReferencedModulesTelemetry": false, - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" }, "resources": [ { diff --git a/modules/event-grid/system-topic/.test/common/main.test.bicep b/modules/event-grid/system-topic/.test/common/main.test.bicep index e115ce165c..3499151049 100644 --- a/modules/event-grid/system-topic/.test/common/main.test.bicep +++ b/modules/event-grid/system-topic/.test/common/main.test.bicep @@ -89,7 +89,6 @@ module testDeployment '../../main.bicep' = { } } } ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/event-grid/system-topic/README.md b/modules/event-grid/system-topic/README.md index cb654ff3eb..a2e2b0e2e0 100644 --- a/modules/event-grid/system-topic/README.md +++ b/modules/event-grid/system-topic/README.md @@ -37,7 +37,6 @@ This module deploys an Event Grid System Topic. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, DeliveryFailures]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -296,7 +295,6 @@ module systemTopic './event-grid/system-topic/main.bicep' = { // Non-required parameters diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -371,9 +369,6 @@ module systemTopic './event-grid/system-topic/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/event-grid/system-topic/main.bicep b/modules/event-grid/system-topic/main.bicep index 1b94c2cc93..5358a5ea6f 100644 --- a/modules/event-grid/system-topic/main.bicep +++ b/modules/event-grid/system-topic/main.bicep @@ -17,11 +17,6 @@ param topicType string @description('Optional. Event subscriptions to deploy.') param eventSubscriptions array = [] -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -88,20 +83,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -109,10 +96,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) { diff --git a/modules/event-grid/system-topic/main.json b/modules/event-grid/system-topic/main.json index 936282955d..a00048c3e8 100644 --- a/modules/event-grid/system-topic/main.json +++ b/modules/event-grid/system-topic/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "7858603597475288436" + "templateHash": "16335082464583916112" }, "name": "Event Grid System Topics", "description": "This module deploys an Event Grid System Topic.", @@ -44,15 +44,6 @@ "description": "Optional. Event subscriptions to deploy." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -169,11 +160,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -182,17 +169,13 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], "identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned,UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]", "identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]", - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" }, "resources": [ { diff --git a/modules/event-grid/topic/.test/common/main.test.bicep b/modules/event-grid/topic/.test/common/main.test.bicep index 5bc6af6b1b..0b2f474962 100644 --- a/modules/event-grid/topic/.test/common/main.test.bicep +++ b/modules/event-grid/topic/.test/common/main.test.bicep @@ -66,7 +66,6 @@ module testDeployment '../../main.bicep' = { params: { enableDefaultTelemetry: enableDefaultTelemetry name: '${namePrefix}${serviceShort}001' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/event-grid/topic/README.md b/modules/event-grid/topic/README.md index 8f0ed6de87..f6adfeea5f 100644 --- a/modules/event-grid/topic/README.md +++ b/modules/event-grid/topic/README.md @@ -37,7 +37,6 @@ This module deploys an Event Grid Topic. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, DeliveryFailures, PublishFailures]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -365,7 +364,6 @@ module topic './event-grid/topic/main.bicep' = { // Non-required parameters diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -455,9 +453,6 @@ module topic './event-grid/topic/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/event-grid/topic/main.bicep b/modules/event-grid/topic/main.bicep index 7329c82707..fffa608311 100644 --- a/modules/event-grid/topic/main.bicep +++ b/modules/event-grid/topic/main.bicep @@ -22,11 +22,6 @@ param inboundIpRules array = [] @description('Optional. Event subscriptions to deploy.') param eventSubscriptions array = [] -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -86,20 +81,12 @@ var enableReferencedModulesTelemetry = false var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -107,10 +94,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) { diff --git a/modules/event-grid/topic/main.json b/modules/event-grid/topic/main.json index a02267f296..967a18689a 100644 --- a/modules/event-grid/topic/main.json +++ b/modules/event-grid/topic/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "3513948291671956803" + "templateHash": "14089220073124056591" }, "name": "Event Grid Topics", "description": "This module deploys an Event Grid Topic.", @@ -51,15 +51,6 @@ "description": "Optional. Event subscriptions to deploy." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -170,11 +161,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -183,16 +170,12 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], "enableReferencedModulesTelemetry": false, - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" }, "resources": [ { diff --git a/modules/event-hub/namespace/.test/common/main.test.bicep b/modules/event-hub/namespace/.test/common/main.test.bicep index 9c7069c23f..14a778ca76 100644 --- a/modules/event-hub/namespace/.test/common/main.test.bicep +++ b/modules/event-hub/namespace/.test/common/main.test.bicep @@ -83,7 +83,6 @@ module testDeployment '../../main.bicep' = { ] } ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/event-hub/namespace/README.md b/modules/event-hub/namespace/README.md index e39543c7f1..7e094550a1 100644 --- a/modules/event-hub/namespace/README.md +++ b/modules/event-hub/namespace/README.md @@ -52,7 +52,6 @@ This module deploys an Event Hub Namespace. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, ApplicationMetricsLogs, ArchiveLogs, AutoScaleLogs, CustomerManagedKeyUserLogs, EventHubVNetConnectionEvent, KafkaCoordinatorLogs, KafkaUserErrorLogs, OperationalLogs, RuntimeAuditLogs]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -370,7 +369,6 @@ module namespace './event-hub/namespace/main.bicep' = { ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' disableLocalAuth: true @@ -532,9 +530,6 @@ module namespace './event-hub/namespace/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/event-hub/namespace/main.bicep b/modules/event-hub/namespace/main.bicep index d87e07f38b..3bd583c6f8 100644 --- a/modules/event-hub/namespace/main.bicep +++ b/modules/event-hub/namespace/main.bicep @@ -74,11 +74,6 @@ param privateEndpoints array = [] @description('Optional. Configure networking options. This object contains IPs/Subnets to allow or restrict access to private endpoints only. For security reasons, it is recommended to configure this object on the Namespace.') param networkRuleSets object = {} -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -169,20 +164,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -190,10 +177,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var identityType = systemAssignedIdentity ? (!empty(userAssignedIdentities) ? 'SystemAssigned,UserAssigned' : 'SystemAssigned') : (!empty(userAssignedIdentities) ? 'UserAssigned' : 'None') diff --git a/modules/event-hub/namespace/main.json b/modules/event-hub/namespace/main.json index 8aac1f73df..eb66431aef 100644 --- a/modules/event-hub/namespace/main.json +++ b/modules/event-hub/namespace/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "14957695461206353644" + "templateHash": "13452463340225550490" }, "name": "Event Hub Namespaces", "description": "This module deploys an Event Hub Namespace.", @@ -139,15 +139,6 @@ "description": "Optional. Configure networking options. This object contains IPs/Subnets to allow or restrict access to private endpoints only. For security reasons, it is recommended to configure this object on the Namespace." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -321,11 +312,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -334,16 +321,12 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], "maximumThroughputUnitsVar": "[if(not(parameters('isAutoInflateEnabled')), 0, parameters('maximumThroughputUnits'))]", - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned,UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]", "identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]", "enableReferencedModulesTelemetry": false diff --git a/modules/healthcare-apis/workspace/.test/common/main.test.bicep b/modules/healthcare-apis/workspace/.test/common/main.test.bicep index be3dd87f8f..97b443e50b 100644 --- a/modules/healthcare-apis/workspace/.test/common/main.test.bicep +++ b/modules/healthcare-apis/workspace/.test/common/main.test.bicep @@ -79,7 +79,6 @@ module testDeployment '../../main.bicep' = { corsMaxAge: 600 corsAllowCredentials: false location: location - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId @@ -115,7 +114,6 @@ module testDeployment '../../main.bicep' = { corsMaxAge: 600 corsAllowCredentials: false location: location - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/healthcare-apis/workspace/README.md b/modules/healthcare-apis/workspace/README.md index c1eea8d1d8..cd1fffafdc 100644 --- a/modules/healthcare-apis/workspace/README.md +++ b/modules/healthcare-apis/workspace/README.md @@ -67,7 +67,6 @@ Create a FHIR service with the workspace. "corsMaxAge": 600, "corsAllowCredentials": false, "location": "[[location]]", - "diagnosticLogsRetentionInDays": 7, "diagnosticStorageAccountId": "[[storageAccountResourceId]]", "diagnosticWorkspaceId": "[[logAnalyticsWorkspaceResourceId]]", "diagnosticEventHubAuthorizationRuleId": "[[eventHubAuthorizationRuleId]]", @@ -114,7 +113,6 @@ fhirServices: [ corsMaxAge: 600 corsAllowCredentials: false location: location - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId @@ -165,7 +163,6 @@ Create a DICOM service with the workspace. "corsMaxAge": 600, "corsAllowCredentials": false, "location": "[[location]]", - "diagnosticLogsRetentionInDays": 7, "diagnosticStorageAccountId": "[[storageAccountResourceId]]", "diagnosticWorkspaceId": "[[logAnalyticsWorkspaceResourceId]]", "diagnosticEventHubAuthorizationRuleId": "[[eventHubAuthorizationRuleId]]", @@ -198,7 +195,6 @@ dicomServices: [ corsMaxAge: 600 corsAllowCredentials: false location: location - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId @@ -236,7 +232,6 @@ Create an IOT Connector (MedTech) service with the workspace. "corsMaxAge": 600, "corsAllowCredentials": false, "location": "[[location]]", - "diagnosticLogsRetentionInDays": 7, "diagnosticStorageAccountId": "[[storageAccountResourceId]]", "diagnosticWorkspaceId": "[[logAnalyticsWorkspaceResourceId]]", "diagnosticEventHubAuthorizationRuleId": "[[eventHubAuthorizationRuleId]]", @@ -275,7 +270,6 @@ iotConnectors: [ corsMaxAge: 600 corsAllowCredentials: false location: location - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId @@ -447,7 +441,6 @@ module workspace './healthcare-apis/workspace/main.bicep' = { ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -477,7 +470,6 @@ module workspace './healthcare-apis/workspace/main.bicep' = { ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -549,7 +541,6 @@ module workspace './healthcare-apis/workspace/main.bicep' = { ], "diagnosticEventHubAuthorizationRuleId": "", "diagnosticEventHubName": "", - "diagnosticLogsRetentionInDays": 7, "diagnosticStorageAccountId": "", "diagnosticWorkspaceId": "", "enableDefaultTelemetry": "", @@ -583,7 +574,6 @@ module workspace './healthcare-apis/workspace/main.bicep' = { ], "diagnosticEventHubAuthorizationRuleId": "", "diagnosticEventHubName": "", - "diagnosticLogsRetentionInDays": 7, "diagnosticStorageAccountId": "", "diagnosticWorkspaceId": "", "enableDefaultTelemetry": "", diff --git a/modules/healthcare-apis/workspace/dicomservice/README.md b/modules/healthcare-apis/workspace/dicomservice/README.md index e564c4c9f1..222a4334f9 100644 --- a/modules/healthcare-apis/workspace/dicomservice/README.md +++ b/modules/healthcare-apis/workspace/dicomservice/README.md @@ -43,7 +43,6 @@ This module deploys a Healthcare API Workspace DICOM Service. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[AuditLogs]` | `[AuditLogs]` | The name of logs that will be streamed. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | diff --git a/modules/healthcare-apis/workspace/dicomservice/main.bicep b/modules/healthcare-apis/workspace/dicomservice/main.bicep index 50defd0c9e..b15727ce45 100644 --- a/modules/healthcare-apis/workspace/dicomservice/main.bicep +++ b/modules/healthcare-apis/workspace/dicomservice/main.bicep @@ -35,11 +35,6 @@ param corsAllowCredentials bool = false @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -93,10 +88,6 @@ param diagnosticSettingsName string = '' var diagnosticsLogs = [for category in diagnosticLogCategoriesToEnable: { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var identityType = systemAssignedIdentity ? (!empty(userAssignedIdentities) ? 'SystemAssigned,UserAssigned' : 'SystemAssigned') : (!empty(userAssignedIdentities) ? 'UserAssigned' : 'None') diff --git a/modules/healthcare-apis/workspace/dicomservice/main.json b/modules/healthcare-apis/workspace/dicomservice/main.json index 4649c859ae..e9d301126e 100644 --- a/modules/healthcare-apis/workspace/dicomservice/main.json +++ b/modules/healthcare-apis/workspace/dicomservice/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "17349771087938418319" + "templateHash": "13236257936604632093" }, "name": "Healthcare API Workspace DICOM Services", "description": "This module deploys a Healthcare API Workspace DICOM Service.", @@ -75,15 +75,6 @@ "description": "Optional. Location for all resources." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -190,11 +181,7 @@ "count": "[length(parameters('diagnosticLogCategoriesToEnable'))]", "input": { "category": "[parameters('diagnosticLogCategoriesToEnable')[copyIndex('diagnosticsLogs')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], diff --git a/modules/healthcare-apis/workspace/fhirservice/README.md b/modules/healthcare-apis/workspace/fhirservice/README.md index 8f6f39b84d..2a83d83637 100644 --- a/modules/healthcare-apis/workspace/fhirservice/README.md +++ b/modules/healthcare-apis/workspace/fhirservice/README.md @@ -49,7 +49,6 @@ This module deploys a Healthcare API Workspace FHIR Service. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[AuditLogs]` | `[AuditLogs]` | The name of logs that will be streamed. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | diff --git a/modules/healthcare-apis/workspace/fhirservice/main.bicep b/modules/healthcare-apis/workspace/fhirservice/main.bicep index bef3c2814e..f724cbe5a0 100644 --- a/modules/healthcare-apis/workspace/fhirservice/main.bicep +++ b/modules/healthcare-apis/workspace/fhirservice/main.bicep @@ -57,11 +57,6 @@ param corsAllowCredentials bool = false @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -152,20 +147,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogs = [for category in diagnosticLogCategoriesToEnable: { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var identityType = systemAssignedIdentity ? (!empty(userAssignedIdentities) ? 'SystemAssigned,UserAssigned' : 'SystemAssigned') : (!empty(userAssignedIdentities) ? 'UserAssigned' : 'None') diff --git a/modules/healthcare-apis/workspace/fhirservice/main.json b/modules/healthcare-apis/workspace/fhirservice/main.json index 71a63af276..33998d37da 100644 --- a/modules/healthcare-apis/workspace/fhirservice/main.json +++ b/modules/healthcare-apis/workspace/fhirservice/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "5960921917878811827" + "templateHash": "3716031618750035294" }, "name": "Healthcare API Workspace FHIR Services", "description": "This module deploys a Healthcare API Workspace FHIR Service.", @@ -121,15 +121,6 @@ "description": "Optional. Location for all resources." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -309,11 +300,7 @@ "count": "[length(parameters('diagnosticLogCategoriesToEnable'))]", "input": { "category": "[parameters('diagnosticLogCategoriesToEnable')[copyIndex('diagnosticsLogs')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -322,11 +309,7 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { diff --git a/modules/healthcare-apis/workspace/iotconnector/README.md b/modules/healthcare-apis/workspace/iotconnector/README.md index 5367007d20..5ff70e2024 100644 --- a/modules/healthcare-apis/workspace/iotconnector/README.md +++ b/modules/healthcare-apis/workspace/iotconnector/README.md @@ -43,7 +43,6 @@ This module deploys a Healthcare API Workspace IoT Connector. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[DiagnosticLogs]` | `[DiagnosticLogs]` | The name of logs that will be streamed. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | diff --git a/modules/healthcare-apis/workspace/iotconnector/main.bicep b/modules/healthcare-apis/workspace/iotconnector/main.bicep index 0f18338e21..137108bd31 100644 --- a/modules/healthcare-apis/workspace/iotconnector/main.bicep +++ b/modules/healthcare-apis/workspace/iotconnector/main.bicep @@ -30,11 +30,6 @@ param fhirdestination object = {} @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -89,20 +84,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogs = [for category in diagnosticLogCategoriesToEnable: { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var identityType = systemAssignedIdentity ? (!empty(userAssignedIdentities) ? 'SystemAssigned,UserAssigned' : 'SystemAssigned') : (!empty(userAssignedIdentities) ? 'UserAssigned' : 'None') diff --git a/modules/healthcare-apis/workspace/iotconnector/main.json b/modules/healthcare-apis/workspace/iotconnector/main.json index e884fdfb3d..63bb75e273 100644 --- a/modules/healthcare-apis/workspace/iotconnector/main.json +++ b/modules/healthcare-apis/workspace/iotconnector/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "1006320922223302726" + "templateHash": "16981578699165858107" }, "name": "Healthcare API Workspace IoT Connectors", "description": "This module deploys a Healthcare API Workspace IoT Connector.", @@ -68,15 +68,6 @@ "description": "Optional. Location for all resources." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -184,11 +175,7 @@ "count": "[length(parameters('diagnosticLogCategoriesToEnable'))]", "input": { "category": "[parameters('diagnosticLogCategoriesToEnable')[copyIndex('diagnosticsLogs')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -197,11 +184,7 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], diff --git a/modules/healthcare-apis/workspace/main.bicep b/modules/healthcare-apis/workspace/main.bicep index 2157ab87e5..00251abaca 100644 --- a/modules/healthcare-apis/workspace/main.bicep +++ b/modules/healthcare-apis/workspace/main.bicep @@ -111,7 +111,6 @@ module workspace_fhirservices 'fhirservice/main.bicep' = [for (fhir, index) in f corsMethods: contains(fhir, 'corsMethods') ? fhir.corsMethods : [] corsMaxAge: contains(fhir, 'corsMaxAge') ? fhir.corsMaxAge : -1 corsAllowCredentials: contains(fhir, 'corsAllowCredentials') ? fhir.corsAllowCredentials : false - diagnosticLogsRetentionInDays: contains(fhir, 'diagnosticLogsRetentionInDays') ? fhir.diagnosticLogsRetentionInDays : 365 diagnosticStorageAccountId: contains(fhir, 'diagnosticStorageAccountId') ? fhir.diagnosticStorageAccountId : '' diagnosticWorkspaceId: contains(fhir, 'diagnosticWorkspaceId') ? fhir.diagnosticWorkspaceId : '' diagnosticEventHubAuthorizationRuleId: contains(fhir, 'diagnosticEventHubAuthorizationRuleId') ? fhir.diagnosticEventHubAuthorizationRuleId : '' @@ -145,7 +144,6 @@ module workspace_dicomservices 'dicomservice/main.bicep' = [for (dicom, index) i corsMethods: contains(dicom, 'corsMethods') ? dicom.corsMethods : [] corsMaxAge: contains(dicom, 'corsMaxAge') ? dicom.corsMaxAge : -1 corsAllowCredentials: contains(dicom, 'corsAllowCredentials') ? dicom.corsAllowCredentials : false - diagnosticLogsRetentionInDays: contains(dicom, 'diagnosticLogsRetentionInDays') ? dicom.diagnosticLogsRetentionInDays : 365 diagnosticStorageAccountId: contains(dicom, 'diagnosticStorageAccountId') ? dicom.diagnosticStorageAccountId : '' diagnosticWorkspaceId: contains(dicom, 'diagnosticWorkspaceId') ? dicom.diagnosticWorkspaceId : '' diagnosticEventHubAuthorizationRuleId: contains(dicom, 'diagnosticEventHubAuthorizationRuleId') ? dicom.diagnosticEventHubAuthorizationRuleId : '' @@ -173,7 +171,6 @@ module workspace_iotconnector 'iotconnector/main.bicep' = [for (iotConnector, in fhirdestination: contains(iotConnector, 'fhirdestination') ? iotConnector.fhirdestination : {} consumerGroup: contains(iotConnector, 'consumerGroup') ? iotConnector.consumerGroup : iotConnector.name systemAssignedIdentity: contains(iotConnector, 'systemAssignedIdentity') ? iotConnector.systemAssignedIdentity : false - diagnosticLogsRetentionInDays: contains(iotConnector, 'diagnosticLogsRetentionInDays') ? iotConnector.diagnosticLogsRetentionInDays : 365 diagnosticStorageAccountId: contains(iotConnector, 'diagnosticStorageAccountId') ? iotConnector.diagnosticStorageAccountId : '' diagnosticWorkspaceId: contains(iotConnector, 'diagnosticWorkspaceId') ? iotConnector.diagnosticWorkspaceId : '' diagnosticEventHubAuthorizationRuleId: contains(iotConnector, 'diagnosticEventHubAuthorizationRuleId') ? iotConnector.diagnosticEventHubAuthorizationRuleId : '' diff --git a/modules/healthcare-apis/workspace/main.json b/modules/healthcare-apis/workspace/main.json index 823e5fe378..a680566afe 100644 --- a/modules/healthcare-apis/workspace/main.json +++ b/modules/healthcare-apis/workspace/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "6792143552661751987" + "templateHash": "8975971845190410186" }, "name": "Healthcare API Workspaces", "description": "This module deploys a Healthcare API Workspace.", @@ -331,7 +331,6 @@ "corsMethods": "[if(contains(parameters('fhirservices')[copyIndex()], 'corsMethods'), createObject('value', parameters('fhirservices')[copyIndex()].corsMethods), createObject('value', createArray()))]", "corsMaxAge": "[if(contains(parameters('fhirservices')[copyIndex()], 'corsMaxAge'), createObject('value', parameters('fhirservices')[copyIndex()].corsMaxAge), createObject('value', -1))]", "corsAllowCredentials": "[if(contains(parameters('fhirservices')[copyIndex()], 'corsAllowCredentials'), createObject('value', parameters('fhirservices')[copyIndex()].corsAllowCredentials), createObject('value', false()))]", - "diagnosticLogsRetentionInDays": "[if(contains(parameters('fhirservices')[copyIndex()], 'diagnosticLogsRetentionInDays'), createObject('value', parameters('fhirservices')[copyIndex()].diagnosticLogsRetentionInDays), createObject('value', 365))]", "diagnosticStorageAccountId": "[if(contains(parameters('fhirservices')[copyIndex()], 'diagnosticStorageAccountId'), createObject('value', parameters('fhirservices')[copyIndex()].diagnosticStorageAccountId), createObject('value', ''))]", "diagnosticWorkspaceId": "[if(contains(parameters('fhirservices')[copyIndex()], 'diagnosticWorkspaceId'), createObject('value', parameters('fhirservices')[copyIndex()].diagnosticWorkspaceId), createObject('value', ''))]", "diagnosticEventHubAuthorizationRuleId": "[if(contains(parameters('fhirservices')[copyIndex()], 'diagnosticEventHubAuthorizationRuleId'), createObject('value', parameters('fhirservices')[copyIndex()].diagnosticEventHubAuthorizationRuleId), createObject('value', ''))]", @@ -358,7 +357,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "5960921917878811827" + "templateHash": "3716031618750035294" }, "name": "Healthcare API Workspace FHIR Services", "description": "This module deploys a Healthcare API Workspace FHIR Service.", @@ -474,15 +473,6 @@ "description": "Optional. Location for all resources." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -662,11 +652,7 @@ "count": "[length(parameters('diagnosticLogCategoriesToEnable'))]", "input": { "category": "[parameters('diagnosticLogCategoriesToEnable')[copyIndex('diagnosticsLogs')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -675,11 +661,7 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -1021,7 +1003,6 @@ "corsMethods": "[if(contains(parameters('dicomservices')[copyIndex()], 'corsMethods'), createObject('value', parameters('dicomservices')[copyIndex()].corsMethods), createObject('value', createArray()))]", "corsMaxAge": "[if(contains(parameters('dicomservices')[copyIndex()], 'corsMaxAge'), createObject('value', parameters('dicomservices')[copyIndex()].corsMaxAge), createObject('value', -1))]", "corsAllowCredentials": "[if(contains(parameters('dicomservices')[copyIndex()], 'corsAllowCredentials'), createObject('value', parameters('dicomservices')[copyIndex()].corsAllowCredentials), createObject('value', false()))]", - "diagnosticLogsRetentionInDays": "[if(contains(parameters('dicomservices')[copyIndex()], 'diagnosticLogsRetentionInDays'), createObject('value', parameters('dicomservices')[copyIndex()].diagnosticLogsRetentionInDays), createObject('value', 365))]", "diagnosticStorageAccountId": "[if(contains(parameters('dicomservices')[copyIndex()], 'diagnosticStorageAccountId'), createObject('value', parameters('dicomservices')[copyIndex()].diagnosticStorageAccountId), createObject('value', ''))]", "diagnosticWorkspaceId": "[if(contains(parameters('dicomservices')[copyIndex()], 'diagnosticWorkspaceId'), createObject('value', parameters('dicomservices')[copyIndex()].diagnosticWorkspaceId), createObject('value', ''))]", "diagnosticEventHubAuthorizationRuleId": "[if(contains(parameters('dicomservices')[copyIndex()], 'diagnosticEventHubAuthorizationRuleId'), createObject('value', parameters('dicomservices')[copyIndex()].diagnosticEventHubAuthorizationRuleId), createObject('value', ''))]", @@ -1040,7 +1021,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "17349771087938418319" + "templateHash": "13236257936604632093" }, "name": "Healthcare API Workspace DICOM Services", "description": "This module deploys a Healthcare API Workspace DICOM Service.", @@ -1110,15 +1091,6 @@ "description": "Optional. Location for all resources." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -1225,11 +1197,7 @@ "count": "[length(parameters('diagnosticLogCategoriesToEnable'))]", "input": { "category": "[parameters('diagnosticLogCategoriesToEnable')[copyIndex('diagnosticsLogs')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], @@ -1379,7 +1347,6 @@ "fhirdestination": "[if(contains(parameters('iotconnectors')[copyIndex()], 'fhirdestination'), createObject('value', parameters('iotconnectors')[copyIndex()].fhirdestination), createObject('value', createObject()))]", "consumerGroup": "[if(contains(parameters('iotconnectors')[copyIndex()], 'consumerGroup'), createObject('value', parameters('iotconnectors')[copyIndex()].consumerGroup), createObject('value', parameters('iotconnectors')[copyIndex()].name))]", "systemAssignedIdentity": "[if(contains(parameters('iotconnectors')[copyIndex()], 'systemAssignedIdentity'), createObject('value', parameters('iotconnectors')[copyIndex()].systemAssignedIdentity), createObject('value', false()))]", - "diagnosticLogsRetentionInDays": "[if(contains(parameters('iotconnectors')[copyIndex()], 'diagnosticLogsRetentionInDays'), createObject('value', parameters('iotconnectors')[copyIndex()].diagnosticLogsRetentionInDays), createObject('value', 365))]", "diagnosticStorageAccountId": "[if(contains(parameters('iotconnectors')[copyIndex()], 'diagnosticStorageAccountId'), createObject('value', parameters('iotconnectors')[copyIndex()].diagnosticStorageAccountId), createObject('value', ''))]", "diagnosticWorkspaceId": "[if(contains(parameters('iotconnectors')[copyIndex()], 'diagnosticWorkspaceId'), createObject('value', parameters('iotconnectors')[copyIndex()].diagnosticWorkspaceId), createObject('value', ''))]", "diagnosticEventHubAuthorizationRuleId": "[if(contains(parameters('iotconnectors')[copyIndex()], 'diagnosticEventHubAuthorizationRuleId'), createObject('value', parameters('iotconnectors')[copyIndex()].diagnosticEventHubAuthorizationRuleId), createObject('value', ''))]", @@ -1399,7 +1366,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "1006320922223302726" + "templateHash": "16981578699165858107" }, "name": "Healthcare API Workspace IoT Connectors", "description": "This module deploys a Healthcare API Workspace IoT Connector.", @@ -1462,15 +1429,6 @@ "description": "Optional. Location for all resources." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -1578,11 +1536,7 @@ "count": "[length(parameters('diagnosticLogCategoriesToEnable'))]", "input": { "category": "[parameters('diagnosticLogCategoriesToEnable')[copyIndex('diagnosticsLogs')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -1591,11 +1545,7 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], diff --git a/modules/insights/component/.test/common/main.test.bicep b/modules/insights/component/.test/common/main.test.bicep index 63923f1643..fcd24bdb75 100644 --- a/modules/insights/component/.test/common/main.test.bicep +++ b/modules/insights/component/.test/common/main.test.bicep @@ -68,7 +68,6 @@ module testDeployment '../../main.bicep' = { diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName - diagnosticLogsRetentionInDays: 7 roleAssignments: [ { roleDefinitionIdOrName: 'Reader' diff --git a/modules/insights/component/README.md b/modules/insights/component/README.md index 37697220e5..48eb8b99af 100644 --- a/modules/insights/component/README.md +++ b/modules/insights/component/README.md @@ -35,7 +35,6 @@ This component deploys an Application Insights instance. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, AppAvailabilityResults, AppBrowserTimings, AppDependencies, AppEvents, AppExceptions, AppMetrics, AppPageViews, AppPerformanceCounters, AppRequests, AppSystemEvents, AppTraces]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -189,7 +188,6 @@ module component './insights/component/main.bicep' = { // Non-required parameters diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -236,9 +234,6 @@ module component './insights/component/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/insights/component/main.bicep b/modules/insights/component/main.bicep index 661d545480..f6f6eb774d 100644 --- a/modules/insights/component/main.bicep +++ b/modules/insights/component/main.bicep @@ -63,11 +63,6 @@ param tags object = {} @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -114,20 +109,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -135,10 +122,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) { name: 'pid-47ed15a6-730a-4827-bcb4-0fd963ffbd82-${uniqueString(deployment().name, location)}' diff --git a/modules/insights/component/main.json b/modules/insights/component/main.json index 9ed5b34cea..eaad52c2a6 100644 --- a/modules/insights/component/main.json +++ b/modules/insights/component/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "5060813713999885493" + "templateHash": "2194633988963750006" }, "name": "Application Insights", "description": "This component deploys an Application Insights instance.", @@ -119,15 +119,6 @@ "description": "Optional. Enable telemetry via a Globally Unique Identifier (GUID)." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -207,11 +198,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -220,15 +207,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" }, "resources": [ { diff --git a/modules/insights/diagnostic-setting/.test/common/main.test.bicep b/modules/insights/diagnostic-setting/.test/common/main.test.bicep index 62e0d84fb9..d8eb101670 100644 --- a/modules/insights/diagnostic-setting/.test/common/main.test.bicep +++ b/modules/insights/diagnostic-setting/.test/common/main.test.bicep @@ -54,7 +54,6 @@ module testDeployment '../../main.bicep' = { params: { enableDefaultTelemetry: enableDefaultTelemetry name: '${namePrefix}${serviceShort}001' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/insights/diagnostic-setting/README.md b/modules/insights/diagnostic-setting/README.md index 3574719a0e..1af907de3f 100644 --- a/modules/insights/diagnostic-setting/README.md +++ b/modules/insights/diagnostic-setting/README.md @@ -25,7 +25,6 @@ This module deploys a Subscription wide export of the Activity Log. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', Administrative, Alert, allLogs, Autoscale, Policy, Recommendation, ResourceHealth, Security, ServiceHealth]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | @@ -64,7 +63,6 @@ module diagnosticSetting './insights/diagnostic-setting/main.bicep' = { params: { diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -91,9 +89,6 @@ module diagnosticSetting './insights/diagnostic-setting/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/insights/diagnostic-setting/main.bicep b/modules/insights/diagnostic-setting/main.bicep index d2eab81677..1054a40273 100644 --- a/modules/insights/diagnostic-setting/main.bicep +++ b/modules/insights/diagnostic-setting/main.bicep @@ -9,11 +9,6 @@ targetScope = 'subscription' @maxLength(260) param name string = '${uniqueString(subscription().id)}-ActivityLog' -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -52,20 +47,12 @@ param location string = deployment().location var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified diff --git a/modules/insights/diagnostic-setting/main.json b/modules/insights/diagnostic-setting/main.json index 915fcc1e42..f664a98704 100644 --- a/modules/insights/diagnostic-setting/main.json +++ b/modules/insights/diagnostic-setting/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "16269839762351658454" + "templateHash": "16527409196402161876" }, "name": "Diagnostic Settings (Activity Logs) for Azure Subscriptions", "description": "This module deploys a Subscription wide export of the Activity Log.", @@ -21,15 +21,6 @@ "description": "Optional. Name of the ActivityLog diagnostic settings." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -101,15 +92,11 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" }, "resources": [ { diff --git a/modules/key-vault/vault/.test/common/main.test.bicep b/modules/key-vault/vault/.test/common/main.test.bicep index 9fb15bfb73..0d82e9293e 100644 --- a/modules/key-vault/vault/.test/common/main.test.bicep +++ b/modules/key-vault/vault/.test/common/main.test.bicep @@ -93,7 +93,6 @@ module testDeployment '../../main.bicep' = { } } ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/key-vault/vault/README.md b/modules/key-vault/vault/README.md index 11b2097913..d1bd7943f2 100644 --- a/modules/key-vault/vault/README.md +++ b/modules/key-vault/vault/README.md @@ -41,7 +41,6 @@ This module deploys a Key Vault. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, AuditEvent, AzurePolicyEvaluationDetails]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | @@ -445,7 +444,6 @@ module vault './key-vault/vault/main.bicep' = { ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -611,9 +609,6 @@ module vault './key-vault/vault/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/key-vault/vault/main.bicep b/modules/key-vault/vault/main.bicep index 7a530242f1..e6afd5d50f 100644 --- a/modules/key-vault/vault/main.bicep +++ b/modules/key-vault/vault/main.bicep @@ -64,11 +64,6 @@ param networkAcls object = {} ]) param publicNetworkAccess string = '' -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticStorageAccountId string = '' @@ -129,20 +124,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -150,10 +137,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var formattedAccessPolicies = [for accessPolicy in accessPolicies: { diff --git a/modules/key-vault/vault/main.json b/modules/key-vault/vault/main.json index 58f5bcb817..6e8099ca11 100644 --- a/modules/key-vault/vault/main.json +++ b/modules/key-vault/vault/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "13407897882748144722" + "templateHash": "16665099504700716453" }, "name": "Key Vaults", "description": "This module deploys a Key Vault.", @@ -133,15 +133,6 @@ "description": "Optional. Whether or not public network access is allowed for this resource. For security reasons it should be disabled. If not specified, it will be disabled by default if private endpoints are set and networkAcls are not set." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -252,11 +243,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -265,11 +252,7 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -283,7 +266,7 @@ } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "secretList": "[if(not(empty(parameters('secrets'))), parameters('secrets').secureList, createArray())]", "enableReferencedModulesTelemetry": false }, diff --git a/modules/logic/workflow/.test/common/main.test.bicep b/modules/logic/workflow/.test/common/main.test.bicep index 85c51d1cdf..d5d815a1ba 100644 --- a/modules/logic/workflow/.test/common/main.test.bicep +++ b/modules/logic/workflow/.test/common/main.test.bicep @@ -63,7 +63,6 @@ module testDeployment '../../main.bicep' = { params: { enableDefaultTelemetry: enableDefaultTelemetry name: '${namePrefix}${serviceShort}001' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/logic/workflow/README.md b/modules/logic/workflow/README.md index f2d6d77eb6..029e1d3ef8 100644 --- a/modules/logic/workflow/README.md +++ b/modules/logic/workflow/README.md @@ -38,7 +38,6 @@ This module deploys a Logic App (Workflow). | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, WorkflowRuntime]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -339,7 +338,6 @@ module workflow './logic/workflow/main.bicep' = { // Non-required parameters diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -418,9 +416,6 @@ module workflow './logic/workflow/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/logic/workflow/main.bicep b/modules/logic/workflow/main.bicep index 707b36ec4f..9562898748 100644 --- a/modules/logic/workflow/main.bicep +++ b/modules/logic/workflow/main.bicep @@ -35,11 +35,6 @@ param integrationServiceEnvironmentResourceId string = '' @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -125,20 +120,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -146,10 +133,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var identityType = systemAssignedIdentity ? 'SystemAssigned' : (!empty(userAssignedIdentities) ? 'UserAssigned' : 'None') diff --git a/modules/logic/workflow/main.json b/modules/logic/workflow/main.json index 49a8c39261..92bebfe574 100644 --- a/modules/logic/workflow/main.json +++ b/modules/logic/workflow/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "16001808059875367485" + "templateHash": "4657619507482611014" }, "name": "Logic Apps (Workflows)", "description": "This module deploys a Logic App (Workflow).", @@ -88,15 +88,6 @@ "description": "Optional. Location for all resources." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -263,11 +254,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -276,15 +263,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "identityType": "[if(parameters('systemAssignedIdentity'), 'SystemAssigned', if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]", "identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]" }, diff --git a/modules/machine-learning-services/workspace/.test/common/main.test.bicep b/modules/machine-learning-services/workspace/.test/common/main.test.bicep index cad6ccb49e..8ef9866ca3 100644 --- a/modules/machine-learning-services/workspace/.test/common/main.test.bicep +++ b/modules/machine-learning-services/workspace/.test/common/main.test.bicep @@ -101,7 +101,6 @@ module testDeployment '../../main.bicep' = { } ] description: 'The cake is a lie.' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/machine-learning-services/workspace/README.md b/modules/machine-learning-services/workspace/README.md index 0ca84e4e11..b25795e5be 100644 --- a/modules/machine-learning-services/workspace/README.md +++ b/modules/machine-learning-services/workspace/README.md @@ -57,7 +57,6 @@ This module deploys a Machine Learning Services Workspace. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, AmlComputeClusterEvent, AmlComputeClusterNodeEvent, AmlComputeCpuGpuUtilization, AmlComputeJobEvent, AmlRunStatusChangedEvent]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -488,7 +487,6 @@ module workspace './machine-learning-services/workspace/main.bicep' = { description: 'The cake is a lie.' diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' discoveryUrl: 'http://example.com' @@ -600,9 +598,6 @@ module workspace './machine-learning-services/workspace/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/machine-learning-services/workspace/main.bicep b/modules/machine-learning-services/workspace/main.bicep index 7056db4f7d..e7dadf2e34 100644 --- a/modules/machine-learning-services/workspace/main.bicep +++ b/modules/machine-learning-services/workspace/main.bicep @@ -69,11 +69,6 @@ param systemAssignedIdentity bool = false param userAssignedIdentities object = {} // Diagnostic Settings -@sys.description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @sys.description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -164,20 +159,12 @@ var identity = identityType != 'None' ? { var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -185,10 +172,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] // ================// diff --git a/modules/machine-learning-services/workspace/main.json b/modules/machine-learning-services/workspace/main.json index d7fa9821a7..5f5a4ad75a 100644 --- a/modules/machine-learning-services/workspace/main.json +++ b/modules/machine-learning-services/workspace/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "16779630594426738311" + "templateHash": "12489776525535905441" }, "name": "Machine Learning Services Workspaces", "description": "This module deploys a Machine Learning Services Workspace.", @@ -137,15 +137,6 @@ "description": "Conditional. The ID(s) to assign to the resource. Required if `systemAssignedIdentity` is set to false." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -301,11 +292,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -314,18 +301,14 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], "enableReferencedModulesTelemetry": false, "identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned,UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]", "identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]", - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" }, "resources": [ { diff --git a/modules/network/application-gateway/.test/common/main.test.bicep b/modules/network/application-gateway/.test/common/main.test.bicep index e735a7a896..c104f55dd6 100644 --- a/modules/network/application-gateway/.test/common/main.test.bicep +++ b/modules/network/application-gateway/.test/common/main.test.bicep @@ -116,7 +116,6 @@ module testDeployment '../../main.bicep' = { } } ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/network/application-gateway/README.md b/modules/network/application-gateway/README.md index de3e79664d..1030c5792e 100644 --- a/modules/network/application-gateway/README.md +++ b/modules/network/application-gateway/README.md @@ -42,7 +42,6 @@ This module deploys a Network Application Gateway. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, ApplicationGatewayAccessLog, ApplicationGatewayFirewallLog, ApplicationGatewayPerformanceLog]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | @@ -299,7 +298,6 @@ module applicationGateway './network/application-gateway/main.bicep' = { ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -701,9 +699,6 @@ module applicationGateway './network/application-gateway/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/network/application-gateway/main.bicep b/modules/network/application-gateway/main.bicep index be37d002c3..86c83ba8ad 100644 --- a/modules/network/application-gateway/main.bicep +++ b/modules/network/application-gateway/main.bicep @@ -177,11 +177,6 @@ param webApplicationFirewallConfiguration object = {} @description('Optional. A list of availability zones denoting where the resource needs to come from.') param zones array = [] -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticStorageAccountId string = '' @@ -227,20 +222,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -248,10 +235,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] @allowed([ diff --git a/modules/network/application-gateway/main.json b/modules/network/application-gateway/main.json index b2913ef734..b63c0b3509 100644 --- a/modules/network/application-gateway/main.json +++ b/modules/network/application-gateway/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "7421247948458060739" + "templateHash": "5018705520765822480" }, "name": "Network Application Gateways", "description": "This module deploys a Network Application Gateway.", @@ -334,15 +334,6 @@ "description": "Optional. A list of availability zones denoting where the resource needs to come from." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -468,11 +459,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -481,17 +468,13 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], "identityType": "[if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None')]", "identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]", - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" }, "resources": [ { diff --git a/modules/network/azure-firewall/.test/common/main.test.bicep b/modules/network/azure-firewall/.test/common/main.test.bicep index 49adde3d27..3e0a1db6cc 100644 --- a/modules/network/azure-firewall/.test/common/main.test.bicep +++ b/modules/network/azure-firewall/.test/common/main.test.bicep @@ -119,7 +119,6 @@ module testDeployment '../../main.bicep' = { } ] publicIPResourceID: nestedDependencies.outputs.publicIPResourceId - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/network/azure-firewall/README.md b/modules/network/azure-firewall/README.md index e9061b6dae..f5cca12eaf 100644 --- a/modules/network/azure-firewall/README.md +++ b/modules/network/azure-firewall/README.md @@ -47,7 +47,6 @@ This module deploys an Azure Firewall. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, AzureFirewallApplicationRule, AzureFirewallDnsProxy, AzureFirewallNetworkRule]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Diagnostic Storage Account resource identifier. | @@ -493,7 +492,6 @@ module azureFirewall './network/azure-firewall/main.bicep' = { ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -628,9 +626,6 @@ module azureFirewall './network/azure-firewall/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/network/azure-firewall/main.bicep b/modules/network/azure-firewall/main.bicep index 89556994ea..83e3b2a2af 100644 --- a/modules/network/azure-firewall/main.bicep +++ b/modules/network/azure-firewall/main.bicep @@ -73,11 +73,6 @@ param diagnosticStorageAccountId string = '' @description('Optional. Log Analytics workspace resource identifier.') param diagnosticWorkspaceId string = '' -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to.') param diagnosticEventHubAuthorizationRuleId string = '' @@ -199,20 +194,12 @@ var managementIPConfiguration = { var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -220,10 +207,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var enableReferencedModulesTelemetry = false @@ -260,7 +243,6 @@ module publicIPAddress '../../network/public-ip-address/main.bicep' = if (empty( ] location: location diagnosticStorageAccountId: diagnosticStorageAccountId - diagnosticLogsRetentionInDays: diagnosticLogsRetentionInDays diagnosticWorkspaceId: diagnosticWorkspaceId diagnosticEventHubAuthorizationRuleId: diagnosticEventHubAuthorizationRuleId diagnosticEventHubName: diagnosticEventHubName @@ -291,7 +273,6 @@ module managementIPAddress '../../network/public-ip-address/main.bicep' = if (em ] location: location diagnosticStorageAccountId: diagnosticStorageAccountId - diagnosticLogsRetentionInDays: diagnosticLogsRetentionInDays diagnosticWorkspaceId: diagnosticWorkspaceId diagnosticEventHubAuthorizationRuleId: diagnosticEventHubAuthorizationRuleId diagnosticEventHubName: diagnosticEventHubName diff --git a/modules/network/azure-firewall/main.json b/modules/network/azure-firewall/main.json index 55a9c98812..7e91e558dd 100644 --- a/modules/network/azure-firewall/main.json +++ b/modules/network/azure-firewall/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "9804363922267154833" + "templateHash": "16299423526459095141" }, "name": "Azure Firewalls", "description": "This module deploys an Azure Firewall.", @@ -158,15 +158,6 @@ "description": "Optional. Log Analytics workspace resource identifier." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticEventHubAuthorizationRuleId": { "type": "string", "defaultValue": "", @@ -274,11 +265,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -287,11 +274,7 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], @@ -318,7 +301,7 @@ "id": "[parameters('managementIPResourceID')]" } }, - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "enableReferencedModulesTelemetry": false }, "resources": [ @@ -406,9 +389,6 @@ "diagnosticStorageAccountId": { "value": "[parameters('diagnosticStorageAccountId')]" }, - "diagnosticLogsRetentionInDays": { - "value": "[parameters('diagnosticLogsRetentionInDays')]" - }, "diagnosticWorkspaceId": { "value": "[parameters('diagnosticWorkspaceId')]" }, @@ -438,7 +418,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "1083592604266553783" + "templateHash": "7444990895328873286" }, "name": "Public IP Addresses", "description": "This module deploys a Public IP Address.", @@ -509,15 +489,6 @@ "description": "Optional. IP address version." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -664,11 +635,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -677,15 +644,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" }, "resources": [ { @@ -997,9 +960,6 @@ "diagnosticStorageAccountId": { "value": "[parameters('diagnosticStorageAccountId')]" }, - "diagnosticLogsRetentionInDays": { - "value": "[parameters('diagnosticLogsRetentionInDays')]" - }, "diagnosticWorkspaceId": { "value": "[parameters('diagnosticWorkspaceId')]" }, @@ -1029,7 +989,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "1083592604266553783" + "templateHash": "7444990895328873286" }, "name": "Public IP Addresses", "description": "This module deploys a Public IP Address.", @@ -1100,15 +1060,6 @@ "description": "Optional. IP address version." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -1255,11 +1206,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -1268,15 +1215,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" }, "resources": [ { diff --git a/modules/network/bastion-host/.test/common/main.test.bicep b/modules/network/bastion-host/.test/common/main.test.bicep index ed7b56b900..5086feb3dd 100644 --- a/modules/network/bastion-host/.test/common/main.test.bicep +++ b/modules/network/bastion-host/.test/common/main.test.bicep @@ -67,7 +67,6 @@ module testDeployment '../../main.bicep' = { name: '${namePrefix}${serviceShort}001' vNetId: nestedDependencies.outputs.virtualNetworkResourceId bastionSubnetPublicIpResourceId: nestedDependencies.outputs.publicIPResourceId - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/network/bastion-host/README.md b/modules/network/bastion-host/README.md index d74126bc3f..bdc13666af 100644 --- a/modules/network/bastion-host/README.md +++ b/modules/network/bastion-host/README.md @@ -37,7 +37,6 @@ This module deploys a Bastion Host. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, BastionAuditLogs]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | @@ -320,7 +319,6 @@ module bastionHost './network/bastion-host/main.bicep' = { bastionSubnetPublicIpResourceId: '' diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' disableCopyPaste: true @@ -377,9 +375,6 @@ module bastionHost './network/bastion-host/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/network/bastion-host/main.bicep b/modules/network/bastion-host/main.bicep index 797177e37e..f0b0ea9427 100644 --- a/modules/network/bastion-host/main.bicep +++ b/modules/network/bastion-host/main.bicep @@ -20,11 +20,6 @@ param isCreateDefaultPublicIP bool = true @description('Optional. Specifies the properties of the Public IP to create and be used by Azure Bastion. If it\'s not provided and publicIPAddressResourceId is empty, a \'-pip\' suffix will be appended to the Bastion\'s name.') param publicIPAddressObject object = {} -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -95,20 +90,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -172,7 +159,6 @@ module publicIPAddress '../public-ip-address/main.bicep' = if (empty(bastionSubn 'AllMetrics' ] diagnosticStorageAccountId: diagnosticStorageAccountId - diagnosticLogsRetentionInDays: diagnosticLogsRetentionInDays diagnosticWorkspaceId: diagnosticWorkspaceId diagnosticEventHubAuthorizationRuleId: diagnosticEventHubAuthorizationRuleId diagnosticEventHubName: diagnosticEventHubName diff --git a/modules/network/bastion-host/main.json b/modules/network/bastion-host/main.json index 66f3d187f8..141d9fccf5 100644 --- a/modules/network/bastion-host/main.json +++ b/modules/network/bastion-host/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "14936354487659140379" + "templateHash": "419717336724554916" }, "name": "Bastion Hosts", "description": "This module deploys a Bastion Host.", @@ -52,15 +52,6 @@ "description": "Optional. Specifies the properties of the Public IP to create and be used by Azure Bastion. If it's not provided and publicIPAddressResourceId is empty, a '-pip' suffix will be appended to the Bastion's name." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -204,15 +195,11 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "enableTunneling": "[if(equals(parameters('skuName'), 'Standard'), true(), null())]", "scaleUnitsVar": "[if(equals(parameters('skuName'), 'Basic'), 2, parameters('scaleUnits'))]", "subnetVar": { @@ -304,9 +291,6 @@ "diagnosticStorageAccountId": { "value": "[parameters('diagnosticStorageAccountId')]" }, - "diagnosticLogsRetentionInDays": { - "value": "[parameters('diagnosticLogsRetentionInDays')]" - }, "diagnosticWorkspaceId": { "value": "[parameters('diagnosticWorkspaceId')]" }, @@ -343,7 +327,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "1083592604266553783" + "templateHash": "7444990895328873286" }, "name": "Public IP Addresses", "description": "This module deploys a Public IP Address.", @@ -414,15 +398,6 @@ "description": "Optional. IP address version." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -569,11 +544,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -582,15 +553,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" }, "resources": [ { diff --git a/modules/network/express-route-circuit/.test/common/main.test.bicep b/modules/network/express-route-circuit/.test/common/main.test.bicep index b5994dbf43..a9770a8c30 100644 --- a/modules/network/express-route-circuit/.test/common/main.test.bicep +++ b/modules/network/express-route-circuit/.test/common/main.test.bicep @@ -66,7 +66,6 @@ module testDeployment '../../main.bicep' = { bandwidthInMbps: 50 peeringLocation: 'Amsterdam' serviceProviderName: 'Equinix' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/network/express-route-circuit/README.md b/modules/network/express-route-circuit/README.md index 8d46b97a55..a37c149790 100644 --- a/modules/network/express-route-circuit/README.md +++ b/modules/network/express-route-circuit/README.md @@ -39,7 +39,6 @@ This module deploys an Express Route Circuit. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, PeeringRouteLog]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -202,7 +201,6 @@ module expressRouteCircuit './network/express-route-circuit/main.bicep' = { allowClassicOperations: true diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -261,9 +259,6 @@ module expressRouteCircuit './network/express-route-circuit/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/network/express-route-circuit/main.bicep b/modules/network/express-route-circuit/main.bicep index 572d9a1e5b..f979f2c2e7 100644 --- a/modules/network/express-route-circuit/main.bicep +++ b/modules/network/express-route-circuit/main.bicep @@ -69,11 +69,6 @@ param expressRoutePortResourceId string = '' @description('Optional. Flag denoting global reach status. To enable ExpressRoute Global Reach between different geopolitical regions, your circuits must be Premium SKU.') param globalReachEnabled bool = false -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -127,20 +122,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -148,10 +135,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var peeringConfiguration = [ diff --git a/modules/network/express-route-circuit/main.json b/modules/network/express-route-circuit/main.json index 19dc512b9f..0c1dd34102 100644 --- a/modules/network/express-route-circuit/main.json +++ b/modules/network/express-route-circuit/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "4025479550069387805" + "templateHash": "2220842335649593450" }, "name": "ExpressRoute Circuits", "description": "This module deploys an Express Route Circuit.", @@ -147,15 +147,6 @@ "description": "Optional. Flag denoting global reach status. To enable ExpressRoute Global Reach between different geopolitical regions, your circuits must be Premium SKU." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -258,11 +249,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -271,15 +258,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "peeringConfiguration": [ { "name": "[parameters('peeringType')]", diff --git a/modules/network/front-door/README.md b/modules/network/front-door/README.md index 99d21d9b11..7708e8c589 100644 --- a/modules/network/front-door/README.md +++ b/modules/network/front-door/README.md @@ -39,7 +39,6 @@ This module deploys an Azure Front Door. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, FrontdoorAccessLog, FrontdoorWebApplicationFirewallLog]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | diff --git a/modules/network/front-door/main.bicep b/modules/network/front-door/main.bicep index 6e3eaa513b..fe4dac367a 100644 --- a/modules/network/front-door/main.bicep +++ b/modules/network/front-door/main.bicep @@ -55,11 +55,6 @@ param loadBalancingSettings array @description('Required. Routing rules settings of the frontdoor resource.') param routingRules array -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticStorageAccountId string = '' @@ -94,20 +89,12 @@ param metricsToEnable array = [ var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -115,10 +102,6 @@ var diagnosticsMetrics = [for metric in metricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) { diff --git a/modules/network/front-door/main.json b/modules/network/front-door/main.json index b619fa7d6c..bcd114db31 100644 --- a/modules/network/front-door/main.json +++ b/modules/network/front-door/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "17170884535140128269" + "templateHash": "14479303029874640056" }, "name": "Azure Front Doors", "description": "This module deploys an Azure Front Door.", @@ -119,15 +119,6 @@ "description": "Required. Routing rules settings of the frontdoor resource." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -191,11 +182,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -204,15 +191,11 @@ "input": { "category": "[parameters('metricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" }, "resources": [ { diff --git a/modules/network/load-balancer/.test/common/main.test.bicep b/modules/network/load-balancer/.test/common/main.test.bicep index 526fb4b161..0ad2ff1ec7 100644 --- a/modules/network/load-balancer/.test/common/main.test.bicep +++ b/modules/network/load-balancer/.test/common/main.test.bicep @@ -78,7 +78,6 @@ module testDeployment '../../main.bicep' = { name: 'backendAddressPool2' } ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/network/load-balancer/.test/internal/main.test.bicep b/modules/network/load-balancer/.test/internal/main.test.bicep index 55e1de8d6e..b7f877c493 100644 --- a/modules/network/load-balancer/.test/internal/main.test.bicep +++ b/modules/network/load-balancer/.test/internal/main.test.bicep @@ -75,7 +75,6 @@ module testDeployment '../../main.bicep' = { name: 'servers' } ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/network/load-balancer/README.md b/modules/network/load-balancer/README.md index 10c2d43657..f584631d93 100644 --- a/modules/network/load-balancer/README.md +++ b/modules/network/load-balancer/README.md @@ -37,7 +37,6 @@ This module deploys a Load Balancer. | `backendAddressPools` | array | `[]` | | Collection of backend address pools used by a load balancer. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -500,7 +499,6 @@ module loadBalancer './network/load-balancer/main.bicep' = { ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -629,9 +627,6 @@ module loadBalancer './network/load-balancer/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, @@ -768,7 +763,6 @@ module loadBalancer './network/load-balancer/main.bicep' = { ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -871,9 +865,6 @@ module loadBalancer './network/load-balancer/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/network/load-balancer/main.bicep b/modules/network/load-balancer/main.bicep index 7b575cb532..0f15931f27 100644 --- a/modules/network/load-balancer/main.bicep +++ b/modules/network/load-balancer/main.bicep @@ -28,11 +28,6 @@ param loadBalancingRules array = [] @description('Optional. Array of objects containing all probes, these are references in the load balancing rules.') param probes array = [] -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -162,10 +157,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) { diff --git a/modules/network/load-balancer/main.json b/modules/network/load-balancer/main.json index b356c26c3e..22bcda4dae 100644 --- a/modules/network/load-balancer/main.json +++ b/modules/network/load-balancer/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "13778569760126189916" + "templateHash": "7868327465566555198" }, "name": "Load Balancers", "description": "This module deploys a Load Balancer.", @@ -64,15 +64,6 @@ "description": "Optional. Array of objects containing all probes, these are references in the load balancing rules." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -260,11 +251,7 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], diff --git a/modules/network/nat-gateway/.test/common/main.test.bicep b/modules/network/nat-gateway/.test/common/main.test.bicep index 62cc3168e6..733add4379 100644 --- a/modules/network/nat-gateway/.test/common/main.test.bicep +++ b/modules/network/nat-gateway/.test/common/main.test.bicep @@ -63,7 +63,6 @@ module testDeployment '../../main.bicep' = { params: { enableDefaultTelemetry: enableDefaultTelemetry name: '${namePrefix}${serviceShort}001' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/network/nat-gateway/README.md b/modules/network/nat-gateway/README.md index 9bfbe7e757..5f45329dc9 100644 --- a/modules/network/nat-gateway/README.md +++ b/modules/network/nat-gateway/README.md @@ -35,7 +35,6 @@ This module deploys a NAT Gateway. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, DDoSMitigationFlowLogs, DDoSMitigationReports, DDoSProtectionNotifications]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the public IP diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -194,7 +193,6 @@ module natGateway './network/nat-gateway/main.bicep' = { // Non-required parameters diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -240,9 +238,6 @@ module natGateway './network/nat-gateway/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/network/nat-gateway/main.bicep b/modules/network/nat-gateway/main.bicep index b99e082761..0f48846095 100644 --- a/modules/network/nat-gateway/main.bicep +++ b/modules/network/nat-gateway/main.bicep @@ -32,11 +32,6 @@ param zones array = [] @description('Optional. Location for all resources.') param location string = resourceGroup().location -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -120,7 +115,6 @@ module publicIPAddress '../public-ip-address/main.bicep' = if (natGatewayPublicI diagnosticLogCategoriesToEnable: diagnosticLogCategoriesToEnable diagnosticMetricsToEnable: diagnosticMetricsToEnable diagnosticSettingsName: !empty(diagnosticSettingsName) ? diagnosticSettingsName : (!empty(natGatewayPipName) ? '${natGatewayPipName}-diagnosticSettings' : '${name}-pip-diagnosticSettings') - diagnosticLogsRetentionInDays: diagnosticLogsRetentionInDays diagnosticStorageAccountId: diagnosticStorageAccountId diagnosticWorkspaceId: diagnosticWorkspaceId diagnosticEventHubAuthorizationRuleId: diagnosticEventHubAuthorizationRuleId diff --git a/modules/network/nat-gateway/main.json b/modules/network/nat-gateway/main.json index 7cc22c25b0..2faa1a6061 100644 --- a/modules/network/nat-gateway/main.json +++ b/modules/network/nat-gateway/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "2140026861684582232" + "templateHash": "11858620925085165603" }, "name": "NAT Gateways", "description": "This module deploys a NAT Gateway.", @@ -81,15 +81,6 @@ "description": "Optional. Location for all resources." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -273,9 +264,6 @@ "value": "[parameters('diagnosticMetricsToEnable')]" }, "diagnosticSettingsName": "[if(not(empty(parameters('diagnosticSettingsName'))), createObject('value', parameters('diagnosticSettingsName')), if(not(empty(parameters('natGatewayPipName'))), createObject('value', format('{0}-diagnosticSettings', parameters('natGatewayPipName'))), createObject('value', format('{0}-pip-diagnosticSettings', parameters('name')))))]", - "diagnosticLogsRetentionInDays": { - "value": "[parameters('diagnosticLogsRetentionInDays')]" - }, "diagnosticStorageAccountId": { "value": "[parameters('diagnosticStorageAccountId')]" }, @@ -320,7 +308,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "1083592604266553783" + "templateHash": "7444990895328873286" }, "name": "Public IP Addresses", "description": "This module deploys a Public IP Address.", @@ -391,15 +379,6 @@ "description": "Optional. IP address version." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -546,11 +525,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -559,15 +534,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" }, "resources": [ { diff --git a/modules/network/network-interface/.test/common/main.test.bicep b/modules/network/network-interface/.test/common/main.test.bicep index b6ddc8f6bb..ba8beced0c 100644 --- a/modules/network/network-interface/.test/common/main.test.bicep +++ b/modules/network/network-interface/.test/common/main.test.bicep @@ -90,7 +90,6 @@ module testDeployment '../../main.bicep' = { ] } ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/network/network-interface/README.md b/modules/network/network-interface/README.md index bfc73e1332..3ad755e48e 100644 --- a/modules/network/network-interface/README.md +++ b/modules/network/network-interface/README.md @@ -36,7 +36,6 @@ This module deploys a Network Interface. | `auxiliarySku` | string | `'None'` | `[A1, A2, A4, A8, None]` | Auxiliary sku of Network Interface resource. Not all regions are enabled for Auxiliary Mode Nic. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -233,7 +232,6 @@ module networkInterface './network/network-interface/main.bicep' = { // Non-required parameters diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -304,9 +302,6 @@ module networkInterface './network/network-interface/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/network/network-interface/main.bicep b/modules/network/network-interface/main.bicep index decbdad77b..43f79f1528 100644 --- a/modules/network/network-interface/main.bicep +++ b/modules/network/network-interface/main.bicep @@ -61,11 +61,6 @@ param lock string = '' @description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') param roleAssignments array = [] -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -93,10 +88,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) { diff --git a/modules/network/network-interface/main.json b/modules/network/network-interface/main.json index dbfd597378..f60e5a1aaf 100644 --- a/modules/network/network-interface/main.json +++ b/modules/network/network-interface/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "16443618351676529498" + "templateHash": "4973390307671682303" }, "name": "Network Interface", "description": "This module deploys a Network Interface.", @@ -125,15 +125,6 @@ "description": "Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -190,11 +181,7 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ] diff --git a/modules/network/network-security-group/.test/common/main.test.bicep b/modules/network/network-security-group/.test/common/main.test.bicep index 8de614a0a2..fabfb5ecf0 100644 --- a/modules/network/network-security-group/.test/common/main.test.bicep +++ b/modules/network/network-security-group/.test/common/main.test.bicep @@ -64,7 +64,6 @@ module testDeployment '../../main.bicep' = { params: { enableDefaultTelemetry: enableDefaultTelemetry name: '${namePrefix}${serviceShort}001' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/network/network-security-group/README.md b/modules/network/network-security-group/README.md index c9086cacff..2580168572 100644 --- a/modules/network/network-security-group/README.md +++ b/modules/network/network-security-group/README.md @@ -35,7 +35,6 @@ This module deploys a Network security Group (NSG). | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, NetworkSecurityGroupEvent, NetworkSecurityGroupRuleCounter]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | @@ -183,7 +182,6 @@ module networkSecurityGroup './network/network-security-group/main.bicep' = { // Non-required parameters diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -292,9 +290,6 @@ module networkSecurityGroup './network/network-security-group/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/network/network-security-group/main.bicep b/modules/network/network-security-group/main.bicep index ed32df2d8d..5ee9437903 100644 --- a/modules/network/network-security-group/main.bicep +++ b/modules/network/network-security-group/main.bicep @@ -17,11 +17,6 @@ param flushConnection bool = false @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic log analytics workspace.') param diagnosticWorkspaceId string = '' @@ -67,20 +62,12 @@ var enableReferencedModulesTelemetry = false var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified diff --git a/modules/network/network-security-group/main.json b/modules/network/network-security-group/main.json index 23b674d936..704049b90f 100644 --- a/modules/network/network-security-group/main.json +++ b/modules/network/network-security-group/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "8464209741643291242" + "templateHash": "7109762987268283105" }, "name": "Network Security Groups", "description": "This module deploys a Network security Group (NSG).", @@ -46,15 +46,6 @@ "description": "Optional. Resource ID of the diagnostic storage account." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticWorkspaceId": { "type": "string", "defaultValue": "", @@ -139,16 +130,12 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], "enableReferencedModulesTelemetry": false, - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" }, "resources": [ { diff --git a/modules/network/public-ip-address/.test/common/main.test.bicep b/modules/network/public-ip-address/.test/common/main.test.bicep index 90906c965b..b5fa77c643 100644 --- a/modules/network/public-ip-address/.test/common/main.test.bicep +++ b/modules/network/public-ip-address/.test/common/main.test.bicep @@ -63,7 +63,6 @@ module testDeployment '../../main.bicep' = { params: { enableDefaultTelemetry: enableDefaultTelemetry name: '${namePrefix}${serviceShort}001' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/network/public-ip-address/README.md b/modules/network/public-ip-address/README.md index 4f8d7fcb26..abd33c1bba 100644 --- a/modules/network/public-ip-address/README.md +++ b/modules/network/public-ip-address/README.md @@ -34,7 +34,6 @@ This module deploys a Public IP Address. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, DDoSMitigationFlowLogs, DDoSMitigationReports, DDoSProtectionNotifications]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -192,7 +191,6 @@ module publicIpAddress './network/public-ip-address/main.bicep' = { // Non-required parameters diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -244,9 +242,6 @@ module publicIpAddress './network/public-ip-address/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/network/public-ip-address/main.bicep b/modules/network/public-ip-address/main.bicep index 22cf3b8c6a..77d07b8959 100644 --- a/modules/network/public-ip-address/main.bicep +++ b/modules/network/public-ip-address/main.bicep @@ -39,11 +39,6 @@ param zones array = [] ]) param publicIPAddressVersion string = 'IPv4' -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -121,20 +116,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -142,10 +129,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) { diff --git a/modules/network/public-ip-address/main.json b/modules/network/public-ip-address/main.json index 0483bee931..2b027e8a9d 100644 --- a/modules/network/public-ip-address/main.json +++ b/modules/network/public-ip-address/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "1083592604266553783" + "templateHash": "7444990895328873286" }, "name": "Public IP Addresses", "description": "This module deploys a Public IP Address.", @@ -76,15 +76,6 @@ "description": "Optional. IP address version." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -231,11 +222,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -244,15 +231,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" }, "resources": [ { diff --git a/modules/network/trafficmanagerprofile/.test/common/main.test.bicep b/modules/network/trafficmanagerprofile/.test/common/main.test.bicep index 207638d325..38180305f9 100644 --- a/modules/network/trafficmanagerprofile/.test/common/main.test.bicep +++ b/modules/network/trafficmanagerprofile/.test/common/main.test.bicep @@ -64,7 +64,6 @@ module testDeployment '../../main.bicep' = { enableDefaultTelemetry: enableDefaultTelemetry name: resourceName relativeName: resourceName - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/network/trafficmanagerprofile/README.md b/modules/network/trafficmanagerprofile/README.md index 61fe35d3df..5726c8c35f 100644 --- a/modules/network/trafficmanagerprofile/README.md +++ b/modules/network/trafficmanagerprofile/README.md @@ -35,7 +35,6 @@ This module deploys a Traffic Manager Profile. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, ProbeHealthStatusEvents]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -278,7 +277,6 @@ module trafficmanagerprofile './network/trafficmanagerprofile/main.bicep' = { // Non-required parameters diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -326,9 +324,6 @@ module trafficmanagerprofile './network/trafficmanagerprofile/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/network/trafficmanagerprofile/main.bicep b/modules/network/trafficmanagerprofile/main.bicep index 254f7ed1e6..bfb057fe76 100644 --- a/modules/network/trafficmanagerprofile/main.bicep +++ b/modules/network/trafficmanagerprofile/main.bicep @@ -50,11 +50,6 @@ param trafficViewEnrollmentStatus string = 'Disabled' @description('Optional. Maximum number of endpoints to be returned for MultiValue routing type.') param maxReturn int = 1 -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -108,20 +103,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -129,10 +116,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) { diff --git a/modules/network/trafficmanagerprofile/main.json b/modules/network/trafficmanagerprofile/main.json index 3d97951d1e..609a1c00e6 100644 --- a/modules/network/trafficmanagerprofile/main.json +++ b/modules/network/trafficmanagerprofile/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "14526210195159140049" + "templateHash": "11826110444839615156" }, "name": "Traffic Manager Profiles", "description": "This module deploys a Traffic Manager Profile.", @@ -94,15 +94,6 @@ "description": "Optional. Maximum number of endpoints to be returned for MultiValue routing type." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -205,11 +196,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -218,15 +205,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" }, "resources": [ { diff --git a/modules/network/virtual-network-gateway/.test/expressRoute/main.test.bicep b/modules/network/virtual-network-gateway/.test/expressRoute/main.test.bicep index a3300192ee..9f100cf2ac 100644 --- a/modules/network/virtual-network-gateway/.test/expressRoute/main.test.bicep +++ b/modules/network/virtual-network-gateway/.test/expressRoute/main.test.bicep @@ -67,7 +67,6 @@ module testDeployment '../../main.bicep' = { skuName: 'ErGw1AZ' gatewayType: 'ExpressRoute' vNetResourceId: nestedDependencies.outputs.vnetResourceId - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/network/virtual-network-gateway/.test/vpn/main.test.bicep b/modules/network/virtual-network-gateway/.test/vpn/main.test.bicep index 4a6bb7cb1b..fdc18c8d60 100644 --- a/modules/network/virtual-network-gateway/.test/vpn/main.test.bicep +++ b/modules/network/virtual-network-gateway/.test/vpn/main.test.bicep @@ -70,7 +70,6 @@ module testDeployment '../../main.bicep' = { gatewayType: 'Vpn' vNetResourceId: nestedDependencies.outputs.vnetResourceId activeActive: true - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/network/virtual-network-gateway/README.md b/modules/network/virtual-network-gateway/README.md index a66f3b221e..dd04cdbb7a 100644 --- a/modules/network/virtual-network-gateway/README.md +++ b/modules/network/virtual-network-gateway/README.md @@ -45,7 +45,6 @@ This module deploys a Virtual Network Gateway. | `clientRootCertData` | string | `''` | | Client root certificate data used to authenticate VPN clients. Cannot be configured if vpnClientAadConfiguration is provided. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -440,7 +439,6 @@ module virtualNetworkGateway './network/virtual-network-gateway/main.bicep' = { // Non-required parameters diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' domainNameLabel: [ @@ -500,9 +498,6 @@ module virtualNetworkGateway './network/virtual-network-gateway/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, @@ -567,7 +562,6 @@ module virtualNetworkGateway './network/virtual-network-gateway/main.bicep' = { allowRemoteVnetTraffic: true diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' disableIPSecReplayProtection: true @@ -672,9 +666,6 @@ module virtualNetworkGateway './network/virtual-network-gateway/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/network/virtual-network-gateway/main.bicep b/modules/network/virtual-network-gateway/main.bicep index 382194f01b..3603f8132e 100644 --- a/modules/network/virtual-network-gateway/main.bicep +++ b/modules/network/virtual-network-gateway/main.bicep @@ -112,11 +112,6 @@ param clientRootCertData string = '' @description('Optional. Thumbprint of the revoked certificate. This would revoke VPN client certificates matching this thumbprint from connecting to the VNet.') param clientRevokedCertThumbprint string = '' -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -197,20 +192,12 @@ param publicIpDiagnosticSettingsName string = '' var virtualNetworkGatewayDiagnosticsLogsSpecified = [for category in filter(virtualNetworkGatewaydiagnosticLogCategoriesToEnable, item => item != 'allLogs'): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var virtualNetworkGatewayDiagnosticsLogs = contains(virtualNetworkGatewaydiagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : virtualNetworkGatewayDiagnosticsLogsSpecified @@ -218,10 +205,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] // Other Variables diff --git a/modules/network/virtual-network-gateway/main.json b/modules/network/virtual-network-gateway/main.json index 432af3d9d8..49fbec3813 100644 --- a/modules/network/virtual-network-gateway/main.json +++ b/modules/network/virtual-network-gateway/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "13886376010607878497" + "templateHash": "11924737127791135245" }, "name": "Virtual Network Gateways", "description": "This module deploys a Virtual Network Gateway.", @@ -222,15 +222,6 @@ "description": "Optional. Thumbprint of the revoked certificate. This would revoke VPN client certificates matching this thumbprint from connecting to the VNet." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -367,11 +358,7 @@ "count": "[length(filter(parameters('virtualNetworkGatewaydiagnosticLogCategoriesToEnable'), lambda('item', not(equals(lambdaVariables('item'), 'allLogs')))))]", "input": { "category": "[filter(parameters('virtualNetworkGatewaydiagnosticLogCategoriesToEnable'), lambda('item', not(equals(lambdaVariables('item'), 'allLogs'))))[copyIndex('virtualNetworkGatewayDiagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -380,15 +367,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "virtualNetworkGatewayDiagnosticsLogs": "[if(contains(parameters('virtualNetworkGatewaydiagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), variables('virtualNetworkGatewayDiagnosticsLogsSpecified'))]", + "virtualNetworkGatewayDiagnosticsLogs": "[if(contains(parameters('virtualNetworkGatewaydiagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), variables('virtualNetworkGatewayDiagnosticsLogsSpecified'))]", "zoneRedundantSkus": [ "VpnGw1AZ", "VpnGw2AZ", @@ -557,7 +540,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "1083592604266553783" + "templateHash": "7444990895328873286" }, "name": "Public IP Addresses", "description": "This module deploys a Public IP Address.", @@ -628,15 +611,6 @@ "description": "Optional. IP address version." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -783,11 +757,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -796,15 +766,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]" }, "resources": [ { diff --git a/modules/network/virtual-network/.test/common/main.test.bicep b/modules/network/virtual-network/.test/common/main.test.bicep index f2b76e6d32..33c4c94f4a 100644 --- a/modules/network/virtual-network/.test/common/main.test.bicep +++ b/modules/network/virtual-network/.test/common/main.test.bicep @@ -68,7 +68,6 @@ module testDeployment '../../main.bicep' = { addressPrefixes: [ '10.0.0.0/16' ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/network/virtual-network/README.md b/modules/network/virtual-network/README.md index ea80255e9d..805b67791f 100644 --- a/modules/network/virtual-network/README.md +++ b/modules/network/virtual-network/README.md @@ -39,7 +39,6 @@ This module deploys a Virtual Network (vNet). | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, VMProtectionAlerts]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -382,7 +381,6 @@ module virtualNetwork './network/virtual-network/main.bicep' = { // Non-required parameters diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' dnsServers: [ @@ -484,9 +482,6 @@ module virtualNetwork './network/virtual-network/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/network/virtual-network/main.bicep b/modules/network/virtual-network/main.bicep index e73e8fc2d8..0cc764171e 100644 --- a/modules/network/virtual-network/main.bicep +++ b/modules/network/virtual-network/main.bicep @@ -37,11 +37,6 @@ param vnetEncryptionEnforcement string = 'AllowUnencrypted' @description('Optional. The flow timeout in minutes for the Virtual Network, which is used to enable connection tracking for intra-VM flows. Possible values are between 4 and 30 minutes. Default value 0 will set the property to null.') param flowTimeoutInMinutes int = 0 -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -95,20 +90,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -116,10 +103,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var dnsServersVar = { diff --git a/modules/network/virtual-network/main.json b/modules/network/virtual-network/main.json index f3eee8335b..e8ef34a528 100644 --- a/modules/network/virtual-network/main.json +++ b/modules/network/virtual-network/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "9576309425088641284" + "templateHash": "14981703889706916168" }, "name": "Virtual Networks", "description": "This module deploys a Virtual Network (vNet).", @@ -85,15 +85,6 @@ "description": "Optional. The flow timeout in minutes for the Virtual Network, which is used to enable connection tracking for intra-VM flows. Possible values are between 4 and 30 minutes. Default value 0 will set the property to null." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -196,11 +187,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -209,15 +196,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "dnsServersVar": { "dnsServers": "[array(parameters('dnsServers'))]" }, diff --git a/modules/operational-insights/workspace/.test/adv/main.test.bicep b/modules/operational-insights/workspace/.test/adv/main.test.bicep index 8810b63f0b..cd02694a03 100644 --- a/modules/operational-insights/workspace/.test/adv/main.test.bicep +++ b/modules/operational-insights/workspace/.test/adv/main.test.bicep @@ -158,7 +158,6 @@ module testDeployment '../../main.bicep' = { state: 'Enabled' } ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/operational-insights/workspace/.test/common/main.test.bicep b/modules/operational-insights/workspace/.test/common/main.test.bicep index 463912df68..080238e35c 100644 --- a/modules/operational-insights/workspace/.test/common/main.test.bicep +++ b/modules/operational-insights/workspace/.test/common/main.test.bicep @@ -156,7 +156,6 @@ module testDeployment '../../main.bicep' = { state: 'Enabled' } ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/operational-insights/workspace/README.md b/modules/operational-insights/workspace/README.md index dfc11de711..3c9127b79a 100644 --- a/modules/operational-insights/workspace/README.md +++ b/modules/operational-insights/workspace/README.md @@ -52,7 +52,6 @@ This module deploys a Log Analytics Workspace. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, Audit]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -637,7 +636,6 @@ module workspace './operational-insights/workspace/main.bicep' = { ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -892,9 +890,6 @@ module workspace './operational-insights/workspace/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, @@ -1142,7 +1137,6 @@ module workspace './operational-insights/workspace/main.bicep' = { ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -1324,9 +1318,6 @@ module workspace './operational-insights/workspace/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/operational-insights/workspace/main.bicep b/modules/operational-insights/workspace/main.bicep index 43c7763bc4..77f01cff47 100644 --- a/modules/operational-insights/workspace/main.bicep +++ b/modules/operational-insights/workspace/main.bicep @@ -82,11 +82,6 @@ param userAssignedIdentities object = {} @description('Optional. Set to \'true\' to use resource or workspace permissions and \'false\' (or leave empty) to require workspace permissions.') param useResourcePermissions bool = false -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -143,20 +138,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -164,10 +151,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var logAnalyticsSearchVersion = 1 diff --git a/modules/operational-insights/workspace/main.json b/modules/operational-insights/workspace/main.json index 9167075ce6..fee2989894 100644 --- a/modules/operational-insights/workspace/main.json +++ b/modules/operational-insights/workspace/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "8950583195644458006" + "templateHash": "15935041829541448463" }, "name": "Log Analytics Workspaces", "description": "This module deploys a Log Analytics Workspace.", @@ -167,15 +167,6 @@ "description": "Optional. Set to 'true' to use resource or workspace permissions and 'false' (or leave empty) to require workspace permissions." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -285,11 +276,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -298,15 +285,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "logAnalyticsSearchVersion": 1, "enableReferencedModulesTelemetry": false, "identityType": "[if(parameters('systemAssignedIdentity'), 'SystemAssigned', if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]", diff --git a/modules/purview/account/.test/common/main.test.bicep b/modules/purview/account/.test/common/main.test.bicep index 8ab221a468..24f46c7d6e 100644 --- a/modules/purview/account/.test/common/main.test.bicep +++ b/modules/purview/account/.test/common/main.test.bicep @@ -73,7 +73,6 @@ module testDeployment '../../main.bicep' = { } managedResourceGroupName: '${namePrefix}${serviceShort}001-managed-rg' publicNetworkAccess: 'Disabled' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/purview/account/README.md b/modules/purview/account/README.md index 8655d00f52..e1dc61fcc7 100644 --- a/modules/purview/account/README.md +++ b/modules/purview/account/README.md @@ -37,7 +37,6 @@ This module deploys a Purview Account. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, DataSensitivity, PurviewAccountAuditEvents, ScanStatus]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | @@ -251,7 +250,6 @@ module account './purview/account/main.bicep' = { diagnosticLogCategoriesToEnable: [ 'allLogs' ] - diagnosticLogsRetentionInDays: 7 diagnosticMetricsToEnable: [ 'AllMetrics' ] @@ -387,9 +385,6 @@ module account './purview/account/main.bicep' = { "allLogs" ] }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticMetricsToEnable": { "value": [ "AllMetrics" diff --git a/modules/purview/account/main.bicep b/modules/purview/account/main.bicep index 6d888fb1ed..2ff193993b 100644 --- a/modules/purview/account/main.bicep +++ b/modules/purview/account/main.bicep @@ -27,11 +27,6 @@ param managedResourceGroupName string = 'managed-rg-${name}' ]) param publicNetworkAccess string = 'NotSpecified' -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticStorageAccountId string = '' @@ -103,20 +98,12 @@ param lock string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -124,10 +111,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var identityType = !empty(userAssignedIdentities) ? 'SystemAssigned,UserAssigned' : 'SystemAssigned' diff --git a/modules/purview/account/main.json b/modules/purview/account/main.json index 34cdf717cb..b7c65353b7 100644 --- a/modules/purview/account/main.json +++ b/modules/purview/account/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "5601456100837177354" + "templateHash": "7070720012428002907" }, "name": "Purview Accounts", "description": "This module deploys a Purview Account.", @@ -60,15 +60,6 @@ "description": "Optional. Whether or not public network access is allowed for this resource. For security reasons it should be disabled. If not specified, it will be disabled by default if private endpoints are set." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -201,11 +192,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -214,15 +201,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "identityType": "[if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned,UserAssigned', 'SystemAssigned')]", "identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]", "enableReferencedModulesTelemetry": false diff --git a/modules/recovery-services/vault/.test/common/main.test.bicep b/modules/recovery-services/vault/.test/common/main.test.bicep index 4320fda6a6..d2640a4acd 100644 --- a/modules/recovery-services/vault/.test/common/main.test.bicep +++ b/modules/recovery-services/vault/.test/common/main.test.bicep @@ -309,7 +309,6 @@ module testDeployment '../../main.bicep' = { locale: 'en-US' sendToOwners: 'Send' } - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/recovery-services/vault/README.md b/modules/recovery-services/vault/README.md index eb2ed847cb..8bb79128ee 100644 --- a/modules/recovery-services/vault/README.md +++ b/modules/recovery-services/vault/README.md @@ -49,7 +49,6 @@ This module deploys a Recovery Services Vault. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', AddonAzureBackupAlerts, AddonAzureBackupJobs, AddonAzureBackupPolicy, AddonAzureBackupProtectedInstance, AddonAzureBackupStorage, allLogs, AzureBackupReport, AzureSiteRecoveryEvents, AzureSiteRecoveryJobs, AzureSiteRecoveryProtectedDiskDataChurn, AzureSiteRecoveryRecoveryPoints, AzureSiteRecoveryReplicatedItems, AzureSiteRecoveryReplicationDataUploadRate, AzureSiteRecoveryReplicationStats, CoreAzureBackup]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[Health]` | `[Health]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -1190,7 +1189,6 @@ module vault './recovery-services/vault/main.bicep' = { } diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -1514,9 +1512,6 @@ module vault './recovery-services/vault/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/recovery-services/vault/main.bicep b/modules/recovery-services/vault/main.bicep index 0bdd7f612a..fb430886da 100644 --- a/modules/recovery-services/vault/main.bicep +++ b/modules/recovery-services/vault/main.bicep @@ -35,11 +35,6 @@ param replicationPolicies array = [] @description('Optional. Replication alert settings.') param replicationAlertSettings object = {} -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -125,20 +120,12 @@ param publicNetworkAccess string = 'Disabled' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -146,10 +133,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var identityType = systemAssignedIdentity ? (!empty(userAssignedIdentities) ? 'SystemAssigned,UserAssigned' : 'SystemAssigned') : (!empty(userAssignedIdentities) ? 'UserAssigned' : 'None') diff --git a/modules/recovery-services/vault/main.json b/modules/recovery-services/vault/main.json index 623cc1e25c..ccde94fb9b 100644 --- a/modules/recovery-services/vault/main.json +++ b/modules/recovery-services/vault/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "324693328685577648" + "templateHash": "2454346461488348861" }, "name": "Recovery Services Vaults", "description": "This module deploys a Recovery Services Vault.", @@ -84,15 +84,6 @@ "description": "Optional. Replication alert settings." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -247,11 +238,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -260,15 +247,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned,UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]", "identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]", "enableReferencedModulesTelemetry": false diff --git a/modules/relay/namespace/.test/common/main.test.bicep b/modules/relay/namespace/.test/common/main.test.bicep index 1a53c17303..33dc81515e 100644 --- a/modules/relay/namespace/.test/common/main.test.bicep +++ b/modules/relay/namespace/.test/common/main.test.bicep @@ -148,7 +148,6 @@ module testDeployment '../../main.bicep' = { relayType: 'NetTcp' } ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/relay/namespace/README.md b/modules/relay/namespace/README.md index ba9bdca035..b2718c4bcc 100644 --- a/modules/relay/namespace/README.md +++ b/modules/relay/namespace/README.md @@ -43,7 +43,6 @@ This module deploys a Relay Namespace | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs, hybridConnectionsEvent]` | `['', allLogs, hybridConnectionsEvent, OperationalLogs]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -316,7 +315,6 @@ module namespace './relay/namespace/main.bicep' = { ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -448,9 +446,6 @@ module namespace './relay/namespace/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/relay/namespace/main.bicep b/modules/relay/namespace/main.bicep index 6287d52dd6..3eeae7b77e 100644 --- a/modules/relay/namespace/main.bicep +++ b/modules/relay/namespace/main.bicep @@ -28,11 +28,6 @@ param authorizationRules array = [ } ] -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -100,20 +95,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -121,10 +108,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var enableReferencedModulesTelemetry = false diff --git a/modules/relay/namespace/main.json b/modules/relay/namespace/main.json index 7384faafd4..fe98978996 100644 --- a/modules/relay/namespace/main.json +++ b/modules/relay/namespace/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "13194307060352119469" + "templateHash": "1044636100638824265" }, "name": "Relay Namespaces", "description": "This module deploys a Relay Namespace", @@ -53,15 +53,6 @@ "description": "Optional. Authorization Rules for the Relay namespace." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -194,11 +185,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -207,15 +194,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "enableReferencedModulesTelemetry": false }, "resources": [ diff --git a/modules/service-bus/namespace/.test/common/main.test.bicep b/modules/service-bus/namespace/.test/common/main.test.bicep index 556a132a75..dae378b8ce 100644 --- a/modules/service-bus/namespace/.test/common/main.test.bicep +++ b/modules/service-bus/namespace/.test/common/main.test.bicep @@ -178,7 +178,6 @@ module testDeployment '../../main.bicep' = { ] } ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/service-bus/namespace/README.md b/modules/service-bus/namespace/README.md index 9a4d05236e..dbecee6455 100644 --- a/modules/service-bus/namespace/README.md +++ b/modules/service-bus/namespace/README.md @@ -54,7 +54,6 @@ This module deploys a Service Bus Namespace. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, OperationalLogs]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -403,7 +402,6 @@ module namespace './service-bus/namespace/main.bicep' = { ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -569,9 +567,6 @@ module namespace './service-bus/namespace/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/service-bus/namespace/main.bicep b/modules/service-bus/namespace/main.bicep index 0745ab81fc..ec21ab1119 100644 --- a/modules/service-bus/namespace/main.bicep +++ b/modules/service-bus/namespace/main.bicep @@ -38,11 +38,6 @@ param migrationConfigurations object = {} @description('Optional. The disaster recovery configuration.') param disasterRecoveryConfigs object = {} -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -129,20 +124,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -150,10 +137,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var identityType = systemAssignedIdentity ? (!empty(userAssignedIdentities) ? 'SystemAssigned,UserAssigned' : 'SystemAssigned') : (!empty(userAssignedIdentities) ? 'UserAssigned' : 'None') diff --git a/modules/service-bus/namespace/main.json b/modules/service-bus/namespace/main.json index 02153c288d..d85f7b04b9 100644 --- a/modules/service-bus/namespace/main.json +++ b/modules/service-bus/namespace/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "11170953988292783009" + "templateHash": "14431444875905250098" }, "name": "Service Bus Namespaces", "description": "This module deploys a Service Bus Namespace.", @@ -75,15 +75,6 @@ "description": "Optional. The disaster recovery configuration." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -263,11 +254,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -276,15 +263,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned,UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]", "identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]", "enableReferencedModulesTelemetry": false diff --git a/modules/sql/managed-instance/.test/common/main.test.bicep b/modules/sql/managed-instance/.test/common/main.test.bicep index 7092da7e05..a57a422cc5 100644 --- a/modules/sql/managed-instance/.test/common/main.test.bicep +++ b/modules/sql/managed-instance/.test/common/main.test.bicep @@ -91,7 +91,6 @@ module testDeployment '../../main.bicep' = { name: '${namePrefix}-${serviceShort}-db-001' } ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/sql/managed-instance/README.md b/modules/sql/managed-instance/README.md index 8c731ac3e0..3404c33082 100644 --- a/modules/sql/managed-instance/README.md +++ b/modules/sql/managed-instance/README.md @@ -66,7 +66,6 @@ SQL MI allows for Azure AD Authentication via an [Azure AD Admin](https://learn. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, ResourceUsageStats, SQLSecurityAuditEvents]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -316,7 +315,6 @@ module managedInstance './sql/managed-instance/main.bicep' = { ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' dnsZonePartner: '' @@ -425,9 +423,6 @@ module managedInstance './sql/managed-instance/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/sql/managed-instance/database/README.md b/modules/sql/managed-instance/database/README.md index f8928e44cb..b347af31a0 100644 --- a/modules/sql/managed-instance/database/README.md +++ b/modules/sql/managed-instance/database/README.md @@ -55,7 +55,6 @@ The SQL Managed Instance Database is deployed on a SQL Managed Instance. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, Errors, QueryStoreRuntimeStatistics, QueryStoreWaitStatistics, SQLInsights]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | diff --git a/modules/sql/managed-instance/database/main.bicep b/modules/sql/managed-instance/database/main.bicep index 0d7e0385f4..dd6a4914f3 100644 --- a/modules/sql/managed-instance/database/main.bicep +++ b/modules/sql/managed-instance/database/main.bicep @@ -48,11 +48,6 @@ param recoverableDatabaseId string = '' @description('Conditional. The resource ID of the Long Term Retention backup to be used for restore of this managed database. Required if createMode is RestoreLongTermRetentionBackup.') param longTermRetentionBackupResourceId string = '' -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -104,20 +99,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified diff --git a/modules/sql/managed-instance/database/main.json b/modules/sql/managed-instance/database/main.json index ff2cb9411f..03c72318d8 100644 --- a/modules/sql/managed-instance/database/main.json +++ b/modules/sql/managed-instance/database/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "15113454848732720811" + "templateHash": "7819487658736647657" }, "name": "SQL Managed Instance Databases", "description": "This module deploys a SQL Managed Instance Database.", @@ -108,15 +108,6 @@ "description": "Conditional. The resource ID of the Long Term Retention backup to be used for restore of this managed database. Required if createMode is RestoreLongTermRetentionBackup." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -217,15 +208,11 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "enableReferencedModulesTelemetry": false }, "resources": [ diff --git a/modules/sql/managed-instance/main.bicep b/modules/sql/managed-instance/main.bicep index 8c6cde5714..4a134086db 100644 --- a/modules/sql/managed-instance/main.bicep +++ b/modules/sql/managed-instance/main.bicep @@ -86,11 +86,6 @@ param restorePointInTime string = '' @description('Optional. The resource identifier of the source managed instance associated with create operation of this instance.') param sourceManagedInstanceId string = '' -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -190,20 +185,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -211,10 +198,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var identityType = systemAssignedIdentity ? (!empty(userAssignedIdentities) ? 'SystemAssigned,UserAssigned' : 'SystemAssigned') : (!empty(userAssignedIdentities) ? 'UserAssigned' : 'None') @@ -317,7 +300,6 @@ module managedInstance_databases 'database/main.bicep' = [for (database, index) catalogCollation: contains(database, 'catalogCollation') ? database.catalogCollation : 'SQL_Latin1_General_CP1_CI_AS' collation: contains(database, 'collation') ? database.collation : 'SQL_Latin1_General_CP1_CI_AS' createMode: contains(database, 'createMode') ? database.createMode : 'Default' - diagnosticLogsRetentionInDays: contains(database, 'diagnosticLogsRetentionInDays') ? database.diagnosticLogsRetentionInDays : 365 diagnosticStorageAccountId: contains(database, 'diagnosticStorageAccountId') ? database.diagnosticStorageAccountId : '' diagnosticEventHubAuthorizationRuleId: contains(database, 'diagnosticEventHubAuthorizationRuleId') ? database.diagnosticEventHubAuthorizationRuleId : '' diagnosticEventHubName: contains(database, 'diagnosticEventHubName') ? database.diagnosticEventHubName : '' diff --git a/modules/sql/managed-instance/main.json b/modules/sql/managed-instance/main.json index b7cfc2440d..b9aba00b6b 100644 --- a/modules/sql/managed-instance/main.json +++ b/modules/sql/managed-instance/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "2503340536888501754" + "templateHash": "225988996484492227" }, "name": "SQL Managed Instances", "description": "This module deploys a SQL Managed Instance.", @@ -179,15 +179,6 @@ "description": "Optional. The resource identifier of the source managed instance associated with create operation of this instance." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -380,11 +371,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -393,15 +380,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned,UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]", "identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]", "enableReferencedModulesTelemetry": false @@ -668,7 +651,6 @@ "catalogCollation": "[if(contains(parameters('databases')[copyIndex()], 'catalogCollation'), createObject('value', parameters('databases')[copyIndex()].catalogCollation), createObject('value', 'SQL_Latin1_General_CP1_CI_AS'))]", "collation": "[if(contains(parameters('databases')[copyIndex()], 'collation'), createObject('value', parameters('databases')[copyIndex()].collation), createObject('value', 'SQL_Latin1_General_CP1_CI_AS'))]", "createMode": "[if(contains(parameters('databases')[copyIndex()], 'createMode'), createObject('value', parameters('databases')[copyIndex()].createMode), createObject('value', 'Default'))]", - "diagnosticLogsRetentionInDays": "[if(contains(parameters('databases')[copyIndex()], 'diagnosticLogsRetentionInDays'), createObject('value', parameters('databases')[copyIndex()].diagnosticLogsRetentionInDays), createObject('value', 365))]", "diagnosticStorageAccountId": "[if(contains(parameters('databases')[copyIndex()], 'diagnosticStorageAccountId'), createObject('value', parameters('databases')[copyIndex()].diagnosticStorageAccountId), createObject('value', ''))]", "diagnosticEventHubAuthorizationRuleId": "[if(contains(parameters('databases')[copyIndex()], 'diagnosticEventHubAuthorizationRuleId'), createObject('value', parameters('databases')[copyIndex()].diagnosticEventHubAuthorizationRuleId), createObject('value', ''))]", "diagnosticEventHubName": "[if(contains(parameters('databases')[copyIndex()], 'diagnosticEventHubName'), createObject('value', parameters('databases')[copyIndex()].diagnosticEventHubName), createObject('value', ''))]", @@ -696,7 +678,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "15113454848732720811" + "templateHash": "7819487658736647657" }, "name": "SQL Managed Instance Databases", "description": "This module deploys a SQL Managed Instance Database.", @@ -799,15 +781,6 @@ "description": "Conditional. The resource ID of the Long Term Retention backup to be used for restore of this managed database. Required if createMode is RestoreLongTermRetentionBackup." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -908,15 +881,11 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "enableReferencedModulesTelemetry": false }, "resources": [ diff --git a/modules/sql/server/.test/common/main.test.bicep b/modules/sql/server/.test/common/main.test.bicep index 3bf5dd351a..c2f61de647 100644 --- a/modules/sql/server/.test/common/main.test.bicep +++ b/modules/sql/server/.test/common/main.test.bicep @@ -113,7 +113,6 @@ module testDeployment '../../main.bicep' = { capacity: 0 maxSizeBytes: 34359738368 licenseType: 'LicenseIncluded' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/sql/server/README.md b/modules/sql/server/README.md index 7faf0547ff..c9ab033556 100644 --- a/modules/sql/server/README.md +++ b/modules/sql/server/README.md @@ -457,7 +457,6 @@ module server './sql/server/main.bicep' = { collation: 'SQL_Latin1_General_CP1_CI_AS' diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' elasticPoolId: '' @@ -594,7 +593,6 @@ module server './sql/server/main.bicep' = { "collation": "SQL_Latin1_General_CP1_CI_AS", "diagnosticEventHubAuthorizationRuleId": "", "diagnosticEventHubName": "", - "diagnosticLogsRetentionInDays": 7, "diagnosticStorageAccountId": "", "diagnosticWorkspaceId": "", "elasticPoolId": "", diff --git a/modules/sql/server/database/README.md b/modules/sql/server/database/README.md index 27851faa12..6a7202d179 100644 --- a/modules/sql/server/database/README.md +++ b/modules/sql/server/database/README.md @@ -44,7 +44,6 @@ This module deploys an Azure SQL Server Database. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, AutomaticTuning, Blocks, DatabaseWaitStatistics, Deadlocks, DevOpsOperationsAudit, Errors, QueryStoreRuntimeStatistics, QueryStoreWaitStatistics, SQLInsights, SQLSecurityAuditEvents, Timeouts]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[Basic, InstanceAndAppAdvanced, WorkloadManagement]` | `[Basic, InstanceAndAppAdvanced, WorkloadManagement]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | diff --git a/modules/sql/server/database/main.bicep b/modules/sql/server/database/main.bicep index 1a5c603171..d41562b0be 100644 --- a/modules/sql/server/database/main.bicep +++ b/modules/sql/server/database/main.bicep @@ -66,11 +66,6 @@ param location string = resourceGroup().location @description('Optional. Enable telemetry via a Globally Unique Identifier (GUID).') param enableDefaultTelemetry bool = true -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -146,20 +141,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -167,10 +154,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] @description('Optional. The storage account type to be used to store backups for this database.') diff --git a/modules/sql/server/database/main.json b/modules/sql/server/database/main.json index 34000cc7f2..d1f5ef5b28 100644 --- a/modules/sql/server/database/main.json +++ b/modules/sql/server/database/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "16491004875407634627" + "templateHash": "641387093656497816" }, "name": "SQL Server Database", "description": "This module deploys an Azure SQL Server Database.", @@ -154,15 +154,6 @@ "description": "Optional. Enable telemetry via a Globally Unique Identifier (GUID)." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -332,11 +323,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -345,15 +332,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "skuVar": "[union(createObject('name', parameters('skuName'), 'tier', parameters('skuTier')), if(not(equals(parameters('skuCapacity'), -1)), createObject('capacity', parameters('skuCapacity')), if(not(empty(parameters('skuFamily'))), createObject('family', parameters('skuFamily')), if(not(empty(parameters('skuSize'))), createObject('size', parameters('skuSize')), createObject()))))]" }, "resources": [ diff --git a/modules/sql/server/main.bicep b/modules/sql/server/main.bicep index 1ca0ad825f..8040667bb8 100644 --- a/modules/sql/server/main.bicep +++ b/modules/sql/server/main.bicep @@ -175,7 +175,6 @@ module server_databases 'database/main.bicep' = [for (database, index) in databa collation: contains(database, 'collation') ? database.collation : 'SQL_Latin1_General_CP1_CI_AS' maxSizeBytes: contains(database, 'maxSizeBytes') ? database.maxSizeBytes : 34359738368 autoPauseDelay: contains(database, 'autoPauseDelay') ? database.autoPauseDelay : 0 - diagnosticLogsRetentionInDays: contains(database, 'diagnosticLogsRetentionInDays') ? database.diagnosticLogsRetentionInDays : 365 diagnosticStorageAccountId: contains(database, 'diagnosticStorageAccountId') ? database.diagnosticStorageAccountId : '' diagnosticEventHubAuthorizationRuleId: contains(database, 'diagnosticEventHubAuthorizationRuleId') ? database.diagnosticEventHubAuthorizationRuleId : '' diagnosticEventHubName: contains(database, 'diagnosticEventHubName') ? database.diagnosticEventHubName : '' diff --git a/modules/sql/server/main.json b/modules/sql/server/main.json index c8b7e99c75..e7b17b1d74 100644 --- a/modules/sql/server/main.json +++ b/modules/sql/server/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "6341226950080927191" + "templateHash": "8349737255843318984" }, "name": "Azure SQL Servers", "description": "This module deploys an Azure SQL Server.", @@ -435,7 +435,6 @@ "collation": "[if(contains(parameters('databases')[copyIndex()], 'collation'), createObject('value', parameters('databases')[copyIndex()].collation), createObject('value', 'SQL_Latin1_General_CP1_CI_AS'))]", "maxSizeBytes": "[if(contains(parameters('databases')[copyIndex()], 'maxSizeBytes'), createObject('value', parameters('databases')[copyIndex()].maxSizeBytes), createObject('value', json('34359738368')))]", "autoPauseDelay": "[if(contains(parameters('databases')[copyIndex()], 'autoPauseDelay'), createObject('value', parameters('databases')[copyIndex()].autoPauseDelay), createObject('value', 0))]", - "diagnosticLogsRetentionInDays": "[if(contains(parameters('databases')[copyIndex()], 'diagnosticLogsRetentionInDays'), createObject('value', parameters('databases')[copyIndex()].diagnosticLogsRetentionInDays), createObject('value', 365))]", "diagnosticStorageAccountId": "[if(contains(parameters('databases')[copyIndex()], 'diagnosticStorageAccountId'), createObject('value', parameters('databases')[copyIndex()].diagnosticStorageAccountId), createObject('value', ''))]", "diagnosticEventHubAuthorizationRuleId": "[if(contains(parameters('databases')[copyIndex()], 'diagnosticEventHubAuthorizationRuleId'), createObject('value', parameters('databases')[copyIndex()].diagnosticEventHubAuthorizationRuleId), createObject('value', ''))]", "diagnosticEventHubName": "[if(contains(parameters('databases')[copyIndex()], 'diagnosticEventHubName'), createObject('value', parameters('databases')[copyIndex()].diagnosticEventHubName), createObject('value', ''))]", @@ -475,7 +474,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "16491004875407634627" + "templateHash": "641387093656497816" }, "name": "SQL Server Database", "description": "This module deploys an Azure SQL Server Database.", @@ -624,15 +623,6 @@ "description": "Optional. Enable telemetry via a Globally Unique Identifier (GUID)." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -802,11 +792,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -815,15 +801,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "skuVar": "[union(createObject('name', parameters('skuName'), 'tier', parameters('skuTier')), if(not(equals(parameters('skuCapacity'), -1)), createObject('capacity', parameters('skuCapacity')), if(not(empty(parameters('skuFamily'))), createObject('family', parameters('skuFamily')), if(not(empty(parameters('skuSize'))), createObject('size', parameters('skuSize')), createObject()))))]" }, "resources": [ diff --git a/modules/storage/storage-account/.test/common/main.test.bicep b/modules/storage/storage-account/.test/common/main.test.bicep index f8d5c0bc59..7368878fdc 100644 --- a/modules/storage/storage-account/.test/common/main.test.bicep +++ b/modules/storage/storage-account/.test/common/main.test.bicep @@ -121,7 +121,7 @@ module testDeployment '../../main.bicep' = { } ] blobServices: { - diagnosticLogsRetentionInDays: 7 + lastAccessTimeTrackingPolicyEnabled: true diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId @@ -160,7 +160,6 @@ module testDeployment '../../main.bicep' = { deleteRetentionPolicyDays: 9 } fileServices: { - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId @@ -187,7 +186,6 @@ module testDeployment '../../main.bicep' = { ] } tableServices: { - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId @@ -198,7 +196,6 @@ module testDeployment '../../main.bicep' = { ] } queueServices: { - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId @@ -240,11 +237,44 @@ module testDeployment '../../main.bicep' = { principalType: 'ServicePrincipal' } ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diagnosticEventHubName: diagnosticDependencies.outputs.eventHubNamespaceEventHubName + managementPolicyRules: [ + { + enabled: true + name: 'FirstRule' + type: 'Lifecycle' + definition: { + actions: { + baseBlob: { + delete: { + daysAfterModificationGreaterThan: 30 + } + tierToCool: { + daysAfterLastAccessTimeGreaterThan: 5 + } + } + } + filters: { + blobIndexMatch: [ + { + name: 'BlobIndex' + op: '==' + value: '1' + } + ] + blobTypes: [ + 'blockBlob' + ] + prefixMatch: [ + 'sample-container/log' + ] + } + } + } + ] tags: { Environment: 'Non-Prod' Role: 'DeploymentValidation' diff --git a/modules/storage/storage-account/.test/nfs/main.test.bicep b/modules/storage/storage-account/.test/nfs/main.test.bicep index 57712eb4e4..aea547019d 100644 --- a/modules/storage/storage-account/.test/nfs/main.test.bicep +++ b/modules/storage/storage-account/.test/nfs/main.test.bicep @@ -89,7 +89,6 @@ module testDeployment '../../main.bicep' = { principalType: 'ServicePrincipal' } ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/storage/storage-account/README.md b/modules/storage/storage-account/README.md index f76e197dd7..0ba330d1bd 100644 --- a/modules/storage/storage-account/README.md +++ b/modules/storage/storage-account/README.md @@ -27,7 +27,7 @@ This module deploys a Storage Account. | `Microsoft.Storage/storageAccounts/fileServices` | [2021-09-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Storage/2021-09-01/storageAccounts/fileServices) | | `Microsoft.Storage/storageAccounts/fileServices/shares` | [2021-09-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Storage/2021-09-01/storageAccounts/fileServices/shares) | | `Microsoft.Storage/storageAccounts/localUsers` | [2022-05-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Storage/2022-05-01/storageAccounts/localUsers) | -| `Microsoft.Storage/storageAccounts/managementPolicies` | [2021-09-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Storage/2021-09-01/storageAccounts/managementPolicies) | +| `Microsoft.Storage/storageAccounts/managementPolicies` | [2023-01-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Storage/storageAccounts/managementPolicies) | | `Microsoft.Storage/storageAccounts/queueServices` | [2021-09-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Storage/2021-09-01/storageAccounts/queueServices) | | `Microsoft.Storage/storageAccounts/queueServices/queues` | [2021-09-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Storage/2021-09-01/storageAccounts/queueServices/queues) | | `Microsoft.Storage/storageAccounts/tableServices` | [2021-09-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Storage/2021-09-01/storageAccounts/tableServices) | @@ -67,7 +67,6 @@ This module deploys a Storage Account. | `defaultToOAuthAuthentication` | bool | `False` | | A boolean flag which indicates whether the default authentication is OAuth or not. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[Transaction]` | `[Transaction]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -468,13 +467,12 @@ module storageAccount './storage/storage-account/main.bicep' = { deleteRetentionPolicyEnabled: true diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' + lastAccessTimeTrackingPolicyEnabled: true } diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -484,7 +482,6 @@ module storageAccount './storage/storage-account/main.bicep' = { fileServices: { diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' shares: [ @@ -527,6 +524,40 @@ module storageAccount './storage/storage-account/main.bicep' = { } ] lock: 'CanNotDelete' + managementPolicyRules: [ + { + definition: { + actions: { + baseBlob: { + delete: { + daysAfterModificationGreaterThan: 30 + } + tierToCool: { + daysAfterLastAccessTimeGreaterThan: 5 + } + } + } + filters: { + blobIndexMatch: [ + { + name: 'BlobIndex' + op: '==' + value: '1' + } + ] + blobTypes: [ + 'blockBlob' + ] + prefixMatch: [ + 'sample-container/log' + ] + } + } + enabled: true + name: 'FirstRule' + type: 'Lifecycle' + } + ] networkAcls: { bypass: 'AzureServices' defaultAction: 'Deny' @@ -561,7 +592,6 @@ module storageAccount './storage/storage-account/main.bicep' = { queueServices: { diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' queues: [ @@ -603,7 +633,6 @@ module storageAccount './storage/storage-account/main.bicep' = { tableServices: { diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' tables: [ @@ -678,9 +707,9 @@ module storageAccount './storage/storage-account/main.bicep' = { "deleteRetentionPolicyEnabled": true, "diagnosticEventHubAuthorizationRuleId": "", "diagnosticEventHubName": "", - "diagnosticLogsRetentionInDays": 7, "diagnosticStorageAccountId": "", - "diagnosticWorkspaceId": "" + "diagnosticWorkspaceId": "", + "lastAccessTimeTrackingPolicyEnabled": true } }, "diagnosticEventHubAuthorizationRuleId": { @@ -689,9 +718,6 @@ module storageAccount './storage/storage-account/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, @@ -714,7 +740,6 @@ module storageAccount './storage/storage-account/main.bicep' = { "value": { "diagnosticEventHubAuthorizationRuleId": "", "diagnosticEventHubName": "", - "diagnosticLogsRetentionInDays": 7, "diagnosticStorageAccountId": "", "diagnosticWorkspaceId": "", "shares": [ @@ -764,6 +789,42 @@ module storageAccount './storage/storage-account/main.bicep' = { "lock": { "value": "CanNotDelete" }, + "managementPolicyRules": { + "value": [ + { + "definition": { + "actions": { + "baseBlob": { + "delete": { + "daysAfterModificationGreaterThan": 30 + }, + "tierToCool": { + "daysAfterLastAccessTimeGreaterThan": 5 + } + } + }, + "filters": { + "blobIndexMatch": [ + { + "name": "BlobIndex", + "op": "==", + "value": "1" + } + ], + "blobTypes": [ + "blockBlob" + ], + "prefixMatch": [ + "sample-container/log" + ] + } + }, + "enabled": true, + "name": "FirstRule", + "type": "Lifecycle" + } + ] + }, "networkAcls": { "value": { "bypass": "AzureServices", @@ -803,7 +864,6 @@ module storageAccount './storage/storage-account/main.bicep' = { "value": { "diagnosticEventHubAuthorizationRuleId": "", "diagnosticEventHubName": "", - "diagnosticLogsRetentionInDays": 7, "diagnosticStorageAccountId": "", "diagnosticWorkspaceId": "", "queues": [ @@ -857,7 +917,6 @@ module storageAccount './storage/storage-account/main.bicep' = { "value": { "diagnosticEventHubAuthorizationRuleId": "", "diagnosticEventHubName": "", - "diagnosticLogsRetentionInDays": 7, "diagnosticStorageAccountId": "", "diagnosticWorkspaceId": "", "tables": [ @@ -1116,7 +1175,6 @@ module storageAccount './storage/storage-account/main.bicep' = { allowBlobPublicAccess: false diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -1179,9 +1237,6 @@ module storageAccount './storage/storage-account/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/storage/storage-account/blob-service/README.md b/modules/storage/storage-account/blob-service/README.md index 4a2cd4ae63..b0c44ced78 100644 --- a/modules/storage/storage-account/blob-service/README.md +++ b/modules/storage/storage-account/blob-service/README.md @@ -46,14 +46,13 @@ This module deploys a Storage Account Blob Service. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, StorageDelete, StorageRead, StorageWrite]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[Transaction]` | `[Transaction]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of a log analytics workspace. | | `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | | `isVersioningEnabled` | bool | `True` | | Use versioning to automatically maintain previous versions of your blobs. | -| `lastAccessTimeTrackingPolicyEnable` | bool | `False` | | The blob service property to configure last access time based tracking policy. When set to true last access time based tracking is enabled. | +| `lastAccessTimeTrackingPolicyEnabled` | bool | `False` | | The blob service property to configure last access time based tracking policy. When set to true last access time based tracking is enabled. | | `restorePolicyDays` | int | `6` | | how long this blob can be restored. It should be less than DeleteRetentionPolicy days. | | `restorePolicyEnabled` | bool | `True` | | The blob service properties for blob restore policy. If point-in-time restore is enabled, then versioning, change feed, and blob soft delete must also be enabled. | diff --git a/modules/storage/storage-account/blob-service/main.bicep b/modules/storage/storage-account/blob-service/main.bicep index 6498194fb8..aaca3f7025 100644 --- a/modules/storage/storage-account/blob-service/main.bicep +++ b/modules/storage/storage-account/blob-service/main.bicep @@ -49,7 +49,7 @@ param deleteRetentionPolicyAllowPermanentDelete bool = false param isVersioningEnabled bool = true @description('Optional. The blob service property to configure last access time based tracking policy. When set to true last access time based tracking is enabled.') -param lastAccessTimeTrackingPolicyEnable bool = false +param lastAccessTimeTrackingPolicyEnabled bool = false @description('Optional. The blob service properties for blob restore policy. If point-in-time restore is enabled, then versioning, change feed, and blob soft delete must also be enabled.') param restorePolicyEnabled bool = true @@ -61,11 +61,6 @@ param restorePolicyDays int = 6 @description('Optional. Blob containers to create.') param containers array = [] -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -110,20 +105,12 @@ var name = 'default' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -131,10 +118,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var enableReferencedModulesTelemetry = false @@ -180,9 +163,9 @@ resource blobServices 'Microsoft.Storage/storageAccounts/blobServices@2022-09-01 } isVersioningEnabled: isVersioningEnabled lastAccessTimeTrackingPolicy: { - enable: lastAccessTimeTrackingPolicyEnable - name: lastAccessTimeTrackingPolicyEnable == true ? 'AccessTimeTracking' : null - trackingGranularityInDays: lastAccessTimeTrackingPolicyEnable == true ? 1 : null + enable: lastAccessTimeTrackingPolicyEnabled + name: lastAccessTimeTrackingPolicyEnabled == true ? 'AccessTimeTracking' : null + trackingGranularityInDays: lastAccessTimeTrackingPolicyEnabled == true ? 1 : null } restorePolicy: { enabled: restorePolicyEnabled diff --git a/modules/storage/storage-account/blob-service/main.json b/modules/storage/storage-account/blob-service/main.json index 80c1930298..49c255f2fa 100644 --- a/modules/storage/storage-account/blob-service/main.json +++ b/modules/storage/storage-account/blob-service/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "1395192341429097070" + "templateHash": "16838270897726250953" }, "name": "Storage Account blob Services", "description": "This module deploys a Storage Account Blob Service.", @@ -109,7 +109,7 @@ "description": "Optional. Use versioning to automatically maintain previous versions of your blobs." } }, - "lastAccessTimeTrackingPolicyEnable": { + "lastAccessTimeTrackingPolicyEnabled": { "type": "bool", "defaultValue": false, "metadata": { @@ -138,15 +138,6 @@ "description": "Optional. Blob containers to create." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -225,11 +216,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -238,16 +225,12 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], "name": "default", - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "enableReferencedModulesTelemetry": false }, "resources": [ @@ -291,9 +274,9 @@ }, "isVersioningEnabled": "[parameters('isVersioningEnabled')]", "lastAccessTimeTrackingPolicy": { - "enable": "[parameters('lastAccessTimeTrackingPolicyEnable')]", - "name": "[if(equals(parameters('lastAccessTimeTrackingPolicyEnable'), true()), 'AccessTimeTracking', null())]", - "trackingGranularityInDays": "[if(equals(parameters('lastAccessTimeTrackingPolicyEnable'), true()), 1, null())]" + "enable": "[parameters('lastAccessTimeTrackingPolicyEnabled')]", + "name": "[if(equals(parameters('lastAccessTimeTrackingPolicyEnabled'), true()), 'AccessTimeTracking', null())]", + "trackingGranularityInDays": "[if(equals(parameters('lastAccessTimeTrackingPolicyEnabled'), true()), 1, null())]" }, "restorePolicy": { "enabled": "[parameters('restorePolicyEnabled')]", diff --git a/modules/storage/storage-account/file-service/README.md b/modules/storage/storage-account/file-service/README.md index a85bba06bf..5ccef9ca69 100644 --- a/modules/storage/storage-account/file-service/README.md +++ b/modules/storage/storage-account/file-service/README.md @@ -33,7 +33,6 @@ This module deploys a Storage Account File Share Service. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, StorageDelete, StorageRead, StorageWrite]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[Transaction]` | `[Transaction]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | diff --git a/modules/storage/storage-account/file-service/main.bicep b/modules/storage/storage-account/file-service/main.bicep index e66a526b14..49d27c4715 100644 --- a/modules/storage/storage-account/file-service/main.bicep +++ b/modules/storage/storage-account/file-service/main.bicep @@ -18,11 +18,6 @@ param shareDeleteRetentionPolicy object = { days: 7 } -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -67,20 +62,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -88,10 +75,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var enableReferencedModulesTelemetry = false diff --git a/modules/storage/storage-account/file-service/main.json b/modules/storage/storage-account/file-service/main.json index 5dac172d60..f4601e248a 100644 --- a/modules/storage/storage-account/file-service/main.json +++ b/modules/storage/storage-account/file-service/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "1594285537604698727" + "templateHash": "17282775888269025572" }, "name": "Storage Account File Share Services", "description": "This module deploys a Storage Account File Share Service.", @@ -43,15 +43,6 @@ "description": "Optional. The service properties for soft delete." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -137,11 +128,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -150,15 +137,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "enableReferencedModulesTelemetry": false }, "resources": [ diff --git a/modules/storage/storage-account/main.bicep b/modules/storage/storage-account/main.bicep index b3371af496..125e7548fc 100644 --- a/modules/storage/storage-account/main.bicep +++ b/modules/storage/storage-account/main.bicep @@ -132,11 +132,6 @@ param isLocalUserEnabled bool = false @description('Optional. If true, enables NFS 3.0 support for the storage account. Requires enableHierarchicalNamespace to be true.') param enableNfsV3 bool = false -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -212,10 +207,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var supportsBlobService = kind == 'BlockBlobStorage' || kind == 'BlobStorage' || kind == 'StorageV2' || kind == 'Storage' @@ -380,6 +371,9 @@ module storageAccount_managementPolicies 'management-policy/main.bicep' = if (!e rules: managementPolicyRules enableDefaultTelemetry: enableReferencedModulesTelemetry } + dependsOn: [ + storageAccount_blobServices // To ensure the lastAccessTimeTrackingPolicy is set first (if used in rule) + ] } // SFTP user settings @@ -416,10 +410,9 @@ module storageAccount_blobServices 'blob-service/main.bicep' = if (!empty(blobSe deleteRetentionPolicyEnabled: contains(blobServices, 'deleteRetentionPolicyEnabled') ? blobServices.deleteRetentionPolicyEnabled : false deleteRetentionPolicyDays: contains(blobServices, 'deleteRetentionPolicyDays') ? blobServices.deleteRetentionPolicyDays : 7 isVersioningEnabled: contains(blobServices, 'isVersioningEnabled') ? blobServices.isVersioningEnabled : false - lastAccessTimeTrackingPolicyEnable: contains(blobServices, 'lastAccessTimeTrackingPolicyEnable') ? blobServices.lastAccessTimeTrackingPolicyEnable : false + lastAccessTimeTrackingPolicyEnabled: contains(blobServices, 'lastAccessTimeTrackingPolicyEnabled') ? blobServices.lastAccessTimeTrackingPolicyEnabled : false restorePolicyEnabled: contains(blobServices, 'restorePolicyEnabled') ? blobServices.restorePolicyEnabled : false restorePolicyDays: contains(blobServices, 'restorePolicyDays') ? blobServices.restorePolicyDays : 6 - diagnosticLogsRetentionInDays: contains(blobServices, 'diagnosticLogsRetentionInDays') ? blobServices.diagnosticLogsRetentionInDays : 365 diagnosticStorageAccountId: contains(blobServices, 'diagnosticStorageAccountId') ? blobServices.diagnosticStorageAccountId : '' diagnosticEventHubAuthorizationRuleId: contains(blobServices, 'diagnosticEventHubAuthorizationRuleId') ? blobServices.diagnosticEventHubAuthorizationRuleId : '' diagnosticEventHubName: contains(blobServices, 'diagnosticEventHubName') ? blobServices.diagnosticEventHubName : '' @@ -435,7 +428,6 @@ module storageAccount_fileServices 'file-service/main.bicep' = if (!empty(fileSe name: '${uniqueString(deployment().name, location)}-Storage-FileServices' params: { storageAccountName: storageAccount.name - diagnosticLogsRetentionInDays: contains(fileServices, 'diagnosticLogsRetentionInDays') ? fileServices.diagnosticLogsRetentionInDays : 365 diagnosticStorageAccountId: contains(fileServices, 'diagnosticStorageAccountId') ? fileServices.diagnosticStorageAccountId : '' diagnosticEventHubAuthorizationRuleId: contains(fileServices, 'diagnosticEventHubAuthorizationRuleId') ? fileServices.diagnosticEventHubAuthorizationRuleId : '' diagnosticEventHubName: contains(fileServices, 'diagnosticEventHubName') ? fileServices.diagnosticEventHubName : '' @@ -457,7 +449,6 @@ module storageAccount_queueServices 'queue-service/main.bicep' = if (!empty(queu name: '${uniqueString(deployment().name, location)}-Storage-QueueServices' params: { storageAccountName: storageAccount.name - diagnosticLogsRetentionInDays: contains(queueServices, 'diagnosticLogsRetentionInDays') ? queueServices.diagnosticLogsRetentionInDays : 365 diagnosticStorageAccountId: contains(queueServices, 'diagnosticStorageAccountId') ? queueServices.diagnosticStorageAccountId : '' diagnosticEventHubAuthorizationRuleId: contains(queueServices, 'diagnosticEventHubAuthorizationRuleId') ? queueServices.diagnosticEventHubAuthorizationRuleId : '' diagnosticEventHubName: contains(queueServices, 'diagnosticEventHubName') ? queueServices.diagnosticEventHubName : '' @@ -474,7 +465,6 @@ module storageAccount_tableServices 'table-service/main.bicep' = if (!empty(tabl name: '${uniqueString(deployment().name, location)}-Storage-TableServices' params: { storageAccountName: storageAccount.name - diagnosticLogsRetentionInDays: contains(tableServices, 'diagnosticLogsRetentionInDays') ? tableServices.diagnosticLogsRetentionInDays : 365 diagnosticStorageAccountId: contains(tableServices, 'diagnosticStorageAccountId') ? tableServices.diagnosticStorageAccountId : '' diagnosticEventHubAuthorizationRuleId: contains(tableServices, 'diagnosticEventHubAuthorizationRuleId') ? tableServices.diagnosticEventHubAuthorizationRuleId : '' diagnosticEventHubName: contains(tableServices, 'diagnosticEventHubName') ? tableServices.diagnosticEventHubName : '' diff --git a/modules/storage/storage-account/main.json b/modules/storage/storage-account/main.json index 4737aece5b..aaf1f658ef 100644 --- a/modules/storage/storage-account/main.json +++ b/modules/storage/storage-account/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "9595192726711963831" + "templateHash": "14955719000423184958" }, "name": "Storage Accounts", "description": "This module deploys a Storage Account.", @@ -265,15 +265,6 @@ "description": "Optional. If true, enables NFS 3.0 support for the storage account. Requires enableHierarchicalNamespace to be true." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -422,11 +413,7 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], @@ -1309,7 +1296,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "9756021983971600432" + "templateHash": "2581396185828179457" }, "name": "Storage Account Management Policies", "description": "This module deploys a Storage Account Management Policy.", @@ -1355,7 +1342,7 @@ { "condition": "[not(empty(parameters('rules')))]", "type": "Microsoft.Storage/storageAccounts/managementPolicies", - "apiVersion": "2021-09-01", + "apiVersion": "2023-01-01", "name": "[format('{0}/{1}', parameters('storageAccountName'), 'default')]", "properties": { "policy": { @@ -1390,7 +1377,8 @@ } }, "dependsOn": [ - "[resourceId('Microsoft.Storage/storageAccounts', parameters('name'))]" + "[resourceId('Microsoft.Storage/storageAccounts', parameters('name'))]", + "[resourceId('Microsoft.Resources/deployments', format('{0}-Storage-BlobServices', uniqueString(deployment().name, parameters('location'))))]" ] }, { @@ -1588,10 +1576,9 @@ "deleteRetentionPolicyEnabled": "[if(contains(parameters('blobServices'), 'deleteRetentionPolicyEnabled'), createObject('value', parameters('blobServices').deleteRetentionPolicyEnabled), createObject('value', false()))]", "deleteRetentionPolicyDays": "[if(contains(parameters('blobServices'), 'deleteRetentionPolicyDays'), createObject('value', parameters('blobServices').deleteRetentionPolicyDays), createObject('value', 7))]", "isVersioningEnabled": "[if(contains(parameters('blobServices'), 'isVersioningEnabled'), createObject('value', parameters('blobServices').isVersioningEnabled), createObject('value', false()))]", - "lastAccessTimeTrackingPolicyEnable": "[if(contains(parameters('blobServices'), 'lastAccessTimeTrackingPolicyEnable'), createObject('value', parameters('blobServices').lastAccessTimeTrackingPolicyEnable), createObject('value', false()))]", + "lastAccessTimeTrackingPolicyEnabled": "[if(contains(parameters('blobServices'), 'lastAccessTimeTrackingPolicyEnabled'), createObject('value', parameters('blobServices').lastAccessTimeTrackingPolicyEnabled), createObject('value', false()))]", "restorePolicyEnabled": "[if(contains(parameters('blobServices'), 'restorePolicyEnabled'), createObject('value', parameters('blobServices').restorePolicyEnabled), createObject('value', false()))]", "restorePolicyDays": "[if(contains(parameters('blobServices'), 'restorePolicyDays'), createObject('value', parameters('blobServices').restorePolicyDays), createObject('value', 6))]", - "diagnosticLogsRetentionInDays": "[if(contains(parameters('blobServices'), 'diagnosticLogsRetentionInDays'), createObject('value', parameters('blobServices').diagnosticLogsRetentionInDays), createObject('value', 365))]", "diagnosticStorageAccountId": "[if(contains(parameters('blobServices'), 'diagnosticStorageAccountId'), createObject('value', parameters('blobServices').diagnosticStorageAccountId), createObject('value', ''))]", "diagnosticEventHubAuthorizationRuleId": "[if(contains(parameters('blobServices'), 'diagnosticEventHubAuthorizationRuleId'), createObject('value', parameters('blobServices').diagnosticEventHubAuthorizationRuleId), createObject('value', ''))]", "diagnosticEventHubName": "[if(contains(parameters('blobServices'), 'diagnosticEventHubName'), createObject('value', parameters('blobServices').diagnosticEventHubName), createObject('value', ''))]", @@ -1609,7 +1596,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "1395192341429097070" + "templateHash": "16838270897726250953" }, "name": "Storage Account blob Services", "description": "This module deploys a Storage Account Blob Service.", @@ -1713,7 +1700,7 @@ "description": "Optional. Use versioning to automatically maintain previous versions of your blobs." } }, - "lastAccessTimeTrackingPolicyEnable": { + "lastAccessTimeTrackingPolicyEnabled": { "type": "bool", "defaultValue": false, "metadata": { @@ -1742,15 +1729,6 @@ "description": "Optional. Blob containers to create." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -1829,11 +1807,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -1842,16 +1816,12 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], "name": "default", - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "enableReferencedModulesTelemetry": false }, "resources": [ @@ -1895,9 +1865,9 @@ }, "isVersioningEnabled": "[parameters('isVersioningEnabled')]", "lastAccessTimeTrackingPolicy": { - "enable": "[parameters('lastAccessTimeTrackingPolicyEnable')]", - "name": "[if(equals(parameters('lastAccessTimeTrackingPolicyEnable'), true()), 'AccessTimeTracking', null())]", - "trackingGranularityInDays": "[if(equals(parameters('lastAccessTimeTrackingPolicyEnable'), true()), 1, null())]" + "enable": "[parameters('lastAccessTimeTrackingPolicyEnabled')]", + "name": "[if(equals(parameters('lastAccessTimeTrackingPolicyEnabled'), true()), 'AccessTimeTracking', null())]", + "trackingGranularityInDays": "[if(equals(parameters('lastAccessTimeTrackingPolicyEnabled'), true()), 1, null())]" }, "restorePolicy": { "enabled": "[parameters('restorePolicyEnabled')]", @@ -2485,7 +2455,6 @@ "storageAccountName": { "value": "[parameters('name')]" }, - "diagnosticLogsRetentionInDays": "[if(contains(parameters('fileServices'), 'diagnosticLogsRetentionInDays'), createObject('value', parameters('fileServices').diagnosticLogsRetentionInDays), createObject('value', 365))]", "diagnosticStorageAccountId": "[if(contains(parameters('fileServices'), 'diagnosticStorageAccountId'), createObject('value', parameters('fileServices').diagnosticStorageAccountId), createObject('value', ''))]", "diagnosticEventHubAuthorizationRuleId": "[if(contains(parameters('fileServices'), 'diagnosticEventHubAuthorizationRuleId'), createObject('value', parameters('fileServices').diagnosticEventHubAuthorizationRuleId), createObject('value', ''))]", "diagnosticEventHubName": "[if(contains(parameters('fileServices'), 'diagnosticEventHubName'), createObject('value', parameters('fileServices').diagnosticEventHubName), createObject('value', ''))]", @@ -2506,7 +2475,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "1594285537604698727" + "templateHash": "17282775888269025572" }, "name": "Storage Account File Share Services", "description": "This module deploys a Storage Account File Share Service.", @@ -2544,15 +2513,6 @@ "description": "Optional. The service properties for soft delete." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -2638,11 +2598,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -2651,15 +2607,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "enableReferencedModulesTelemetry": false }, "resources": [ @@ -3109,7 +3061,6 @@ "storageAccountName": { "value": "[parameters('name')]" }, - "diagnosticLogsRetentionInDays": "[if(contains(parameters('queueServices'), 'diagnosticLogsRetentionInDays'), createObject('value', parameters('queueServices').diagnosticLogsRetentionInDays), createObject('value', 365))]", "diagnosticStorageAccountId": "[if(contains(parameters('queueServices'), 'diagnosticStorageAccountId'), createObject('value', parameters('queueServices').diagnosticStorageAccountId), createObject('value', ''))]", "diagnosticEventHubAuthorizationRuleId": "[if(contains(parameters('queueServices'), 'diagnosticEventHubAuthorizationRuleId'), createObject('value', parameters('queueServices').diagnosticEventHubAuthorizationRuleId), createObject('value', ''))]", "diagnosticEventHubName": "[if(contains(parameters('queueServices'), 'diagnosticEventHubName'), createObject('value', parameters('queueServices').diagnosticEventHubName), createObject('value', ''))]", @@ -3128,7 +3079,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "13219619797955519085" + "templateHash": "3707030790801090324" }, "name": "Storage Account Queue Services", "description": "This module deploys a Storage Account Queue Service.", @@ -3149,15 +3100,6 @@ "description": "Optional. Queues to create." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -3236,11 +3178,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -3249,16 +3187,12 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], "name": "default", - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "enableReferencedModulesTelemetry": false }, "resources": [ @@ -3650,7 +3584,6 @@ "storageAccountName": { "value": "[parameters('name')]" }, - "diagnosticLogsRetentionInDays": "[if(contains(parameters('tableServices'), 'diagnosticLogsRetentionInDays'), createObject('value', parameters('tableServices').diagnosticLogsRetentionInDays), createObject('value', 365))]", "diagnosticStorageAccountId": "[if(contains(parameters('tableServices'), 'diagnosticStorageAccountId'), createObject('value', parameters('tableServices').diagnosticStorageAccountId), createObject('value', ''))]", "diagnosticEventHubAuthorizationRuleId": "[if(contains(parameters('tableServices'), 'diagnosticEventHubAuthorizationRuleId'), createObject('value', parameters('tableServices').diagnosticEventHubAuthorizationRuleId), createObject('value', ''))]", "diagnosticEventHubName": "[if(contains(parameters('tableServices'), 'diagnosticEventHubName'), createObject('value', parameters('tableServices').diagnosticEventHubName), createObject('value', ''))]", @@ -3669,7 +3602,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "15029180251266513913" + "templateHash": "16178057085724361046" }, "name": "Storage Account Table Services", "description": "This module deploys a Storage Account Table Service.", @@ -3690,15 +3623,6 @@ "description": "Optional. tables to create." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -3777,11 +3701,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -3790,16 +3710,12 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], "name": "default", - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "enableReferencedModulesTelemetry": false }, "resources": [ diff --git a/modules/storage/storage-account/management-policy/README.md b/modules/storage/storage-account/management-policy/README.md index 2931f7fb9f..471cefa283 100644 --- a/modules/storage/storage-account/management-policy/README.md +++ b/modules/storage/storage-account/management-policy/README.md @@ -13,7 +13,7 @@ This module deploys a Storage Account Management Policy. | Resource Type | API Version | | :-- | :-- | -| `Microsoft.Storage/storageAccounts/managementPolicies` | [2021-09-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Storage/2021-09-01/storageAccounts/managementPolicies) | +| `Microsoft.Storage/storageAccounts/managementPolicies` | [2023-01-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Storage/storageAccounts/managementPolicies) | ## Parameters diff --git a/modules/storage/storage-account/management-policy/main.bicep b/modules/storage/storage-account/management-policy/main.bicep index 7594e558f1..de6c694754 100644 --- a/modules/storage/storage-account/management-policy/main.bicep +++ b/modules/storage/storage-account/management-policy/main.bicep @@ -24,12 +24,12 @@ resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (ena } } -resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' existing = { +resource storageAccount 'Microsoft.Storage/storageAccounts@2023-01-01' existing = { name: storageAccountName } // lifecycle policy -resource managementPolicy 'Microsoft.Storage/storageAccounts/managementPolicies@2021-09-01' = if (!empty(rules)) { +resource managementPolicy 'Microsoft.Storage/storageAccounts/managementPolicies@2023-01-01' = if (!empty(rules)) { name: 'default' parent: storageAccount properties: { diff --git a/modules/storage/storage-account/management-policy/main.json b/modules/storage/storage-account/management-policy/main.json index f22270f4e7..ed8bcbe20d 100644 --- a/modules/storage/storage-account/management-policy/main.json +++ b/modules/storage/storage-account/management-policy/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "9756021983971600432" + "templateHash": "2581396185828179457" }, "name": "Storage Account Management Policies", "description": "This module deploys a Storage Account Management Policy.", @@ -51,7 +51,7 @@ { "condition": "[not(empty(parameters('rules')))]", "type": "Microsoft.Storage/storageAccounts/managementPolicies", - "apiVersion": "2021-09-01", + "apiVersion": "2023-01-01", "name": "[format('{0}/{1}', parameters('storageAccountName'), 'default')]", "properties": { "policy": { diff --git a/modules/storage/storage-account/queue-service/README.md b/modules/storage/storage-account/queue-service/README.md index f0410dd6f9..043a0b7c67 100644 --- a/modules/storage/storage-account/queue-service/README.md +++ b/modules/storage/storage-account/queue-service/README.md @@ -33,7 +33,6 @@ This module deploys a Storage Account Queue Service. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, StorageDelete, StorageRead, StorageWrite]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[Transaction]` | `[Transaction]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | diff --git a/modules/storage/storage-account/queue-service/main.bicep b/modules/storage/storage-account/queue-service/main.bicep index 649f1f0147..29ee8b7d02 100644 --- a/modules/storage/storage-account/queue-service/main.bicep +++ b/modules/storage/storage-account/queue-service/main.bicep @@ -9,11 +9,6 @@ param storageAccountName string @description('Optional. Queues to create.') param queues array = [] -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -58,20 +53,12 @@ var name = 'default' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -79,10 +66,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var enableReferencedModulesTelemetry = false diff --git a/modules/storage/storage-account/queue-service/main.json b/modules/storage/storage-account/queue-service/main.json index 0ff7fb5367..33a2c49f58 100644 --- a/modules/storage/storage-account/queue-service/main.json +++ b/modules/storage/storage-account/queue-service/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "13219619797955519085" + "templateHash": "3707030790801090324" }, "name": "Storage Account Queue Services", "description": "This module deploys a Storage Account Queue Service.", @@ -26,15 +26,6 @@ "description": "Optional. Queues to create." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -113,11 +104,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -126,16 +113,12 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], "name": "default", - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "enableReferencedModulesTelemetry": false }, "resources": [ diff --git a/modules/storage/storage-account/table-service/README.md b/modules/storage/storage-account/table-service/README.md index ef4e9243f6..978bb97f0d 100644 --- a/modules/storage/storage-account/table-service/README.md +++ b/modules/storage/storage-account/table-service/README.md @@ -32,7 +32,6 @@ This module deploys a Storage Account Table Service. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, StorageDelete, StorageRead, StorageWrite]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[Transaction]` | `[Transaction]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | diff --git a/modules/storage/storage-account/table-service/main.bicep b/modules/storage/storage-account/table-service/main.bicep index 3d43322b4d..cbf0bf086b 100644 --- a/modules/storage/storage-account/table-service/main.bicep +++ b/modules/storage/storage-account/table-service/main.bicep @@ -9,11 +9,6 @@ param storageAccountName string @description('Optional. tables to create.') param tables array = [] -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -58,20 +53,12 @@ var name = 'default' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -79,10 +66,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var enableReferencedModulesTelemetry = false diff --git a/modules/storage/storage-account/table-service/main.json b/modules/storage/storage-account/table-service/main.json index c2eac6c04e..67a9622a48 100644 --- a/modules/storage/storage-account/table-service/main.json +++ b/modules/storage/storage-account/table-service/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "15029180251266513913" + "templateHash": "16178057085724361046" }, "name": "Storage Account Table Services", "description": "This module deploys a Storage Account Table Service.", @@ -26,15 +26,6 @@ "description": "Optional. tables to create." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -113,11 +104,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -126,16 +113,12 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], "name": "default", - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "enableReferencedModulesTelemetry": false }, "resources": [ diff --git a/modules/synapse/workspace/.test/common/main.test.bicep b/modules/synapse/workspace/.test/common/main.test.bicep index 5a4fdf72ea..b9e21c6690 100644 --- a/modules/synapse/workspace/.test/common/main.test.bicep +++ b/modules/synapse/workspace/.test/common/main.test.bicep @@ -102,7 +102,6 @@ module testDeployment '../../main.bicep' = { name: 'shir01' } ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/synapse/workspace/README.md b/modules/synapse/workspace/README.md index 167bd50d9b..85195eaa20 100644 --- a/modules/synapse/workspace/README.md +++ b/modules/synapse/workspace/README.md @@ -54,7 +54,6 @@ This module deploys a Synapse Workspace. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, BuiltinSqlReqsEnded, GatewayApiRequests, IntegrationActivityRuns, IntegrationPipelineRuns, IntegrationTriggerRuns, SQLSecurityAuditEvents, SynapseLinkEvent, SynapseRbacOperations]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | @@ -366,7 +365,6 @@ module workspace './synapse/workspace/main.bicep' = { 'SynapseLinkEvent' 'SynapseRbacOperations' ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -452,9 +450,6 @@ module workspace './synapse/workspace/main.bicep' = { "SynapseRbacOperations" ] }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/synapse/workspace/main.bicep b/modules/synapse/workspace/main.bicep index 7799db3908..b0c627634d 100644 --- a/modules/synapse/workspace/main.bicep +++ b/modules/synapse/workspace/main.bicep @@ -105,11 +105,6 @@ param roleAssignments array = [] @description('Optional. Configuration details for private endpoints. For security reasons, it is recommended to use private endpoints whenever possible.') param privateEndpoints array = [] -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -157,20 +152,12 @@ var identity = { var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified diff --git a/modules/synapse/workspace/main.json b/modules/synapse/workspace/main.json index de7c90397d..7ae7ac9409 100644 --- a/modules/synapse/workspace/main.json +++ b/modules/synapse/workspace/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "14162992826241613507" + "templateHash": "6192759054109646804" }, "name": "Synapse Workspaces", "description": "This module deploys a Synapse Workspace.", @@ -229,15 +229,6 @@ "description": "Optional. Configuration details for private endpoints. For security reasons, it is recommended to use private endpoints whenever possible." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -302,11 +293,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], @@ -316,7 +303,7 @@ "type": "[variables('identityType')]", "userAssignedIdentities": "[if(not(empty(variables('userAssignedIdentitiesUnion'))), variables('userAssignedIdentitiesUnion'), null())]" }, - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "enableReferencedModulesTelemetry": false }, "resources": [ diff --git a/modules/web/hosting-environment/.test/asev2/main.test.bicep b/modules/web/hosting-environment/.test/asev2/main.test.bicep index 3f83844fc3..1941d8545e 100644 --- a/modules/web/hosting-environment/.test/asev2/main.test.bicep +++ b/modules/web/hosting-environment/.test/asev2/main.test.bicep @@ -87,7 +87,6 @@ module testDeployment '../../main.bicep' = { value: '1' } ] - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/web/hosting-environment/.test/asev3/main.test.bicep b/modules/web/hosting-environment/.test/asev3/main.test.bicep index 27c63ec145..11b13d0ee2 100644 --- a/modules/web/hosting-environment/.test/asev3/main.test.bicep +++ b/modules/web/hosting-environment/.test/asev3/main.test.bicep @@ -95,7 +95,6 @@ module testDeployment '../../main.bicep' = { inboundIpAddressOverride: '10.0.0.10' remoteDebugEnabled: true upgradePreference: 'Late' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/web/hosting-environment/README.md b/modules/web/hosting-environment/README.md index 942d442db9..c602501fb8 100644 --- a/modules/web/hosting-environment/README.md +++ b/modules/web/hosting-environment/README.md @@ -47,7 +47,6 @@ This module deploys an App Service Environment. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, AppServiceEnvironmentPlatformLogs]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | | `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | @@ -282,7 +281,6 @@ module hostingEnvironment './web/hosting-environment/main.bicep' = { ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -346,9 +344,6 @@ module hostingEnvironment './web/hosting-environment/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, @@ -431,7 +426,6 @@ module hostingEnvironment './web/hosting-environment/main.bicep' = { customDnsSuffixKeyVaultReferenceIdentity: '' diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -509,9 +503,6 @@ module hostingEnvironment './web/hosting-environment/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/web/hosting-environment/main.bicep b/modules/web/hosting-environment/main.bicep index 40ec20ece0..dbaade31fd 100644 --- a/modules/web/hosting-environment/main.bicep +++ b/modules/web/hosting-environment/main.bicep @@ -120,11 +120,6 @@ param systemAssignedIdentity bool = false @description('Optional. The ID(s) to assign to the resource.') param userAssignedIdentities object = {} -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -156,20 +151,12 @@ param diagnosticSettingsName string = '' var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified diff --git a/modules/web/hosting-environment/main.json b/modules/web/hosting-environment/main.json index 1819618fda..82944f13dc 100644 --- a/modules/web/hosting-environment/main.json +++ b/modules/web/hosting-environment/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "6802854184212493840" + "templateHash": "8748704169658147866" }, "name": "App Service Environments", "description": "This module deploys an App Service Environment.", @@ -232,15 +232,6 @@ "description": "Optional. The ID(s) to assign to the resource." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -305,15 +296,11 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned,UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]", "enableReferencedModulesTelemetry": false, "identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]" diff --git a/modules/web/serverfarm/.test/common/main.test.bicep b/modules/web/serverfarm/.test/common/main.test.bicep index 4829eff14a..4d1be19acd 100644 --- a/modules/web/serverfarm/.test/common/main.test.bicep +++ b/modules/web/serverfarm/.test/common/main.test.bicep @@ -70,7 +70,6 @@ module testDeployment '../../main.bicep' = { size: 'S1' tier: 'Standard' } - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/web/serverfarm/README.md b/modules/web/serverfarm/README.md index 91bbd57e2f..a96a2a13e7 100644 --- a/modules/web/serverfarm/README.md +++ b/modules/web/serverfarm/README.md @@ -35,7 +35,6 @@ This module deploys an App Service Plan. | `appServiceEnvironmentId` | string | `''` | | The Resource ID of the App Service Environment to use for the App Service Plan. | | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | @@ -233,7 +232,6 @@ module serverfarm './web/serverfarm/main.bicep' = { // Non-required parameters diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -287,9 +285,6 @@ module serverfarm './web/serverfarm/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, diff --git a/modules/web/serverfarm/main.bicep b/modules/web/serverfarm/main.bicep index bac8c02ef6..e94ffce02d 100644 --- a/modules/web/serverfarm/main.bicep +++ b/modules/web/serverfarm/main.bicep @@ -66,11 +66,6 @@ param enableDefaultTelemetry bool = true @description('Optional. The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings".') param diagnosticSettingsName string = '' -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 - @description('Optional. Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub.') param diagnosticStorageAccountId string = '' @@ -101,10 +96,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] // ============ // diff --git a/modules/web/serverfarm/main.json b/modules/web/serverfarm/main.json index 1a639d8afb..5dca04a299 100644 --- a/modules/web/serverfarm/main.json +++ b/modules/web/serverfarm/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "3258143989298787582" + "templateHash": "10904675387778545087" }, "name": "App Service Plans", "description": "This module deploys an App Service Plan.", @@ -131,15 +131,6 @@ "description": "Optional. The name of the diagnostic setting, if deployed. If left empty, it defaults to \"-diagnosticSettings\"." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -196,11 +187,7 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ] diff --git a/modules/web/site/.test/functionAppCommon/main.test.bicep b/modules/web/site/.test/functionAppCommon/main.test.bicep index ed5a59c4f7..4c966e89bb 100644 --- a/modules/web/site/.test/functionAppCommon/main.test.bicep +++ b/modules/web/site/.test/functionAppCommon/main.test.bicep @@ -140,7 +140,6 @@ module testDeployment '../../main.bicep' = { runtimeVersion: '~1' } } - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/web/site/.test/webAppCommon/main.test.bicep b/modules/web/site/.test/webAppCommon/main.test.bicep index 78d71daac3..dd669262c0 100644 --- a/modules/web/site/.test/webAppCommon/main.test.bicep +++ b/modules/web/site/.test/webAppCommon/main.test.bicep @@ -68,7 +68,6 @@ module testDeployment '../../main.bicep' = { name: '${namePrefix}${serviceShort}001' kind: 'app' serverFarmResourceId: nestedDependencies.outputs.serverFarmResourceId - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId @@ -77,7 +76,6 @@ module testDeployment '../../main.bicep' = { slots: [ { name: 'slot1' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: diagnosticDependencies.outputs.storageAccountResourceId diagnosticWorkspaceId: diagnosticDependencies.outputs.logAnalyticsWorkspaceResourceId diagnosticEventHubAuthorizationRuleId: diagnosticDependencies.outputs.eventHubAuthorizationRuleId diff --git a/modules/web/site/README.md b/modules/web/site/README.md index 7fe5193cd6..15b9c76197 100644 --- a/modules/web/site/README.md +++ b/modules/web/site/README.md @@ -59,7 +59,6 @@ This module deploys a Web or Function App. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[if(equals(parameters('kind'), 'functionapp'), createArray('FunctionAppLogs'), createArray('AppServiceHTTPLogs', 'AppServiceConsoleLogs', 'AppServiceAppLogs', 'AppServiceAuditLogs', 'AppServiceIPSecAuditLogs', 'AppServicePlatformLogs'))]` | `['', allLogs, AppServiceAppLogs, AppServiceAuditLogs, AppServiceConsoleLogs, AppServiceHTTPLogs, AppServiceIPSecAuditLogs, AppServicePlatformLogs, FunctionAppLogs]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | @@ -535,7 +534,6 @@ module site './web/site/main.bicep' = { } diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -689,9 +687,6 @@ module site './web/site/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, @@ -856,7 +851,6 @@ module site './web/site/main.bicep' = { ] diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' enableDefaultTelemetry: '' @@ -904,7 +898,6 @@ module site './web/site/main.bicep' = { { diagnosticEventHubAuthorizationRuleId: '' diagnosticEventHubName: '' - diagnosticLogsRetentionInDays: 7 diagnosticStorageAccountId: '' diagnosticWorkspaceId: '' hybridConnectionRelays: [ @@ -999,9 +992,6 @@ module site './web/site/main.bicep' = { "diagnosticEventHubName": { "value": "" }, - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "diagnosticStorageAccountId": { "value": "" }, @@ -1066,7 +1056,6 @@ module site './web/site/main.bicep' = { { "diagnosticEventHubAuthorizationRuleId": "", "diagnosticEventHubName": "", - "diagnosticLogsRetentionInDays": 7, "diagnosticStorageAccountId": "", "diagnosticWorkspaceId": "", "hybridConnectionRelays": [ diff --git a/modules/web/site/main.bicep b/modules/web/site/main.bicep index f28d9d8599..95aea690e2 100644 --- a/modules/web/site/main.bicep +++ b/modules/web/site/main.bicep @@ -98,10 +98,6 @@ param enableDefaultTelemetry bool = true param roleAssignments array = [] // Diagnostic Settings -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -206,20 +202,12 @@ param hybridConnectionRelays array = [] var diagnosticsLogsSpecified = [for category in filter(diagnosticLogCategoriesToEnable, item => item != 'allLogs' && item != ''): { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsLogs = contains(diagnosticLogCategoriesToEnable, 'allLogs') ? [ { categoryGroup: 'allLogs' enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } } ] : contains(diagnosticLogCategoriesToEnable, '') ? [] : diagnosticsLogsSpecified @@ -227,10 +215,6 @@ var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var identityType = systemAssignedIdentity ? (!empty(userAssignedIdentities) ? 'SystemAssigned,UserAssigned' : 'SystemAssigned') : (!empty(userAssignedIdentities) ? 'UserAssigned' : 'None') @@ -334,7 +318,6 @@ module app_slots 'slot/main.bicep' = [for (slot, index) in slots: { setAzureWebJobsDashboard: contains(slot, 'setAzureWebJobsDashboard') ? slot.setAzureWebJobsDashboard : setAzureWebJobsDashboard authSettingV2Configuration: contains(slot, 'authSettingV2Configuration') ? slot.authSettingV2Configuration : authSettingV2Configuration enableDefaultTelemetry: enableReferencedModulesTelemetry - diagnosticLogsRetentionInDays: contains(slot, 'diagnosticLogsRetentionInDays') ? slot.diagnosticLogsRetentionInDays : diagnosticLogsRetentionInDays diagnosticStorageAccountId: contains(slot, 'diagnosticStorageAccountId') ? slot.diagnosticStorageAccountId : diagnosticStorageAccountId diagnosticWorkspaceId: contains(slot, 'diagnosticWorkspaceId') ? slot.diagnosticWorkspaceId : diagnosticWorkspaceId diagnosticEventHubAuthorizationRuleId: contains(slot, 'diagnosticEventHubAuthorizationRuleId') ? slot.diagnosticEventHubAuthorizationRuleId : diagnosticEventHubAuthorizationRuleId diff --git a/modules/web/site/main.json b/modules/web/site/main.json index 2afda953a9..00917005c0 100644 --- a/modules/web/site/main.json +++ b/modules/web/site/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "8150384838487445049" + "templateHash": "13974380780985159210" }, "name": "Web/Function Apps", "description": "This module deploys a Web or Function App.", @@ -189,15 +189,6 @@ "description": "Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -374,11 +365,7 @@ "count": "[length(filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), ''))))))]", "input": { "category": "[filter(parameters('diagnosticLogCategoriesToEnable'), lambda('item', and(not(equals(lambdaVariables('item'), 'allLogs')), not(equals(lambdaVariables('item'), '')))))[copyIndex('diagnosticsLogsSpecified')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -387,15 +374,11 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], - "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true(), 'retentionPolicy', createObject('enabled', true(), 'days', parameters('diagnosticLogsRetentionInDays')))), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", + "diagnosticsLogs": "[if(contains(parameters('diagnosticLogCategoriesToEnable'), 'allLogs'), createArray(createObject('categoryGroup', 'allLogs', 'enabled', true())), if(contains(parameters('diagnosticLogCategoriesToEnable'), ''), createArray(), variables('diagnosticsLogsSpecified')))]", "identityType": "[if(parameters('systemAssignedIdentity'), if(not(empty(parameters('userAssignedIdentities'))), 'SystemAssigned,UserAssigned', 'SystemAssigned'), if(not(empty(parameters('userAssignedIdentities'))), 'UserAssigned', 'None'))]", "identity": "[if(not(equals(variables('identityType'), 'None')), createObject('type', variables('identityType'), 'userAssignedIdentities', if(not(empty(parameters('userAssignedIdentities'))), parameters('userAssignedIdentities'), null())), null())]", "enableReferencedModulesTelemetry": false @@ -801,7 +784,6 @@ "enableDefaultTelemetry": { "value": "[variables('enableReferencedModulesTelemetry')]" }, - "diagnosticLogsRetentionInDays": "[if(contains(parameters('slots')[copyIndex()], 'diagnosticLogsRetentionInDays'), createObject('value', parameters('slots')[copyIndex()].diagnosticLogsRetentionInDays), createObject('value', parameters('diagnosticLogsRetentionInDays')))]", "diagnosticStorageAccountId": "[if(contains(parameters('slots')[copyIndex()], 'diagnosticStorageAccountId'), createObject('value', parameters('slots')[copyIndex()].diagnosticStorageAccountId), createObject('value', parameters('diagnosticStorageAccountId')))]", "diagnosticWorkspaceId": "[if(contains(parameters('slots')[copyIndex()], 'diagnosticWorkspaceId'), createObject('value', parameters('slots')[copyIndex()].diagnosticWorkspaceId), createObject('value', parameters('diagnosticWorkspaceId')))]", "diagnosticEventHubAuthorizationRuleId": "[if(contains(parameters('slots')[copyIndex()], 'diagnosticEventHubAuthorizationRuleId'), createObject('value', parameters('slots')[copyIndex()].diagnosticEventHubAuthorizationRuleId), createObject('value', parameters('diagnosticEventHubAuthorizationRuleId')))]", @@ -839,7 +821,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "3335652793898104714" + "templateHash": "16902564518059278998" }, "name": "Web/Function App Deployment Slots", "description": "This module deploys a Web or Function App Deployment Slot.", @@ -1023,15 +1005,6 @@ "description": "Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -1232,11 +1205,7 @@ "count": "[length(parameters('diagnosticLogCategoriesToEnable'))]", "input": { "category": "[parameters('diagnosticLogCategoriesToEnable')[copyIndex('diagnosticsLogs')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -1245,11 +1214,7 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], diff --git a/modules/web/site/slot/README.md b/modules/web/site/slot/README.md index 1772cd9b3c..4e7a78d912 100644 --- a/modules/web/site/slot/README.md +++ b/modules/web/site/slot/README.md @@ -58,7 +58,6 @@ This module deploys a Web or Function App Deployment Slot. | `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | | `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | | `diagnosticLogCategoriesToEnable` | array | `[if(equals(parameters('kind'), 'functionapp'), createArray('FunctionAppLogs'), createArray('AppServiceHTTPLogs', 'AppServiceConsoleLogs', 'AppServiceAppLogs', 'AppServiceAuditLogs', 'AppServiceIPSecAuditLogs', 'AppServicePlatformLogs'))]` | `[AppServiceAppLogs, AppServiceAuditLogs, AppServiceConsoleLogs, AppServiceHTTPLogs, AppServiceIPSecAuditLogs, AppServicePlatformLogs, FunctionAppLogs]` | The name of logs that will be streamed. | -| `diagnosticLogsRetentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | | `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | | `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | | `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | diff --git a/modules/web/site/slot/main.bicep b/modules/web/site/slot/main.bicep index 75871fe8dd..f293bc18d1 100644 --- a/modules/web/site/slot/main.bicep +++ b/modules/web/site/slot/main.bicep @@ -97,10 +97,6 @@ param enableDefaultTelemetry bool = true param roleAssignments array = [] // Diagnostic Settings -@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.') -@minValue(0) -@maxValue(365) -param diagnosticLogsRetentionInDays int = 365 @description('Optional. Resource ID of the diagnostic storage account.') param diagnosticStorageAccountId string = '' @@ -217,20 +213,12 @@ param hybridConnectionRelays array = [] var diagnosticsLogs = [for category in diagnosticLogCategoriesToEnable: { category: category enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var diagnosticsMetrics = [for metric in diagnosticMetricsToEnable: { category: metric timeGrain: null enabled: true - retentionPolicy: { - enabled: true - days: diagnosticLogsRetentionInDays - } }] var identityType = systemAssignedIdentity ? (!empty(userAssignedIdentities) ? 'SystemAssigned,UserAssigned' : 'SystemAssigned') : (!empty(userAssignedIdentities) ? 'UserAssigned' : 'None') diff --git a/modules/web/site/slot/main.json b/modules/web/site/slot/main.json index 5a60270d2e..e2d9a3c9ae 100644 --- a/modules/web/site/slot/main.json +++ b/modules/web/site/slot/main.json @@ -5,7 +5,7 @@ "_generator": { "name": "bicep", "version": "0.20.4.51522", - "templateHash": "3335652793898104714" + "templateHash": "16902564518059278998" }, "name": "Web/Function App Deployment Slots", "description": "This module deploys a Web or Function App Deployment Slot.", @@ -189,15 +189,6 @@ "description": "Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'." } }, - "diagnosticLogsRetentionInDays": { - "type": "int", - "defaultValue": 365, - "minValue": 0, - "maxValue": 365, - "metadata": { - "description": "Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely." - } - }, "diagnosticStorageAccountId": { "type": "string", "defaultValue": "", @@ -398,11 +389,7 @@ "count": "[length(parameters('diagnosticLogCategoriesToEnable'))]", "input": { "category": "[parameters('diagnosticLogCategoriesToEnable')[copyIndex('diagnosticsLogs')]]", - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } }, { @@ -411,11 +398,7 @@ "input": { "category": "[parameters('diagnosticMetricsToEnable')[copyIndex('diagnosticsMetrics')]]", "timeGrain": null, - "enabled": true, - "retentionPolicy": { - "enabled": true, - "days": "[parameters('diagnosticLogsRetentionInDays')]" - } + "enabled": true } } ], diff --git a/utilities/tools/Set-ModuleReadMe.ps1 b/utilities/tools/Set-ModuleReadMe.ps1 index c9f9a169c6..9f55b4cca6 100644 --- a/utilities/tools/Set-ModuleReadMe.ps1 +++ b/utilities/tools/Set-ModuleReadMe.ps1 @@ -492,13 +492,12 @@ Mandatory. The JSON parameters block to process (ideally already without 'value' Mandatory. A list of all required top-level (i.e. non-nested) parameter names .EXAMPLE -Get-OrderedParametersJSON -RequiredParametersList @('name') -ParametersJSON '{ "diagnosticLogsRetentionInDays": 7,"lock": "CanNotDelete","name": "carml" }' +Get-OrderedParametersJSON -RequiredParametersList @('name') -ParametersJSON '{ "lock": "CanNotDelete","name": "carml" }' Order the given JSON object alphabetically. Would result into: @{ name: 'carml' - diagnosticLogsRetentionInDays: 7 lock: 'CanNotDelete' } #> @@ -551,7 +550,7 @@ Mandatory. The parameter JSON object to process Mandatory. A list of all required top-level (i.e. non-nested) parameter names .EXAMPLE -Build-OrderedJSONObject -RequiredParametersList @('name') -ParametersJSON '{ "lock": { "value": "CanNotDelete" }, "name": { "value": "carml" }, "diagnosticLogsRetentionInDays": { "value": 7 } }' +Build-OrderedJSONObject -RequiredParametersList @('name') -ParametersJSON '{ "lock": { "value": "CanNotDelete" }, "name": { "value": "carml" } }' Build a formatted Parameter-JSON object with one required parameter. Would result into: @@ -564,9 +563,6 @@ Build a formatted Parameter-JSON object with one required parameter. Would resul "value": "carml" }, // Non-required parameters - "diagnosticLogsRetentionInDays": { - "value": 7 - }, "lock": { "value": "CanNotDelete" } @@ -792,7 +788,6 @@ Convert the given JSONParameters object with one required parameter to a formatt // Required parameters name: 'carml' // Non-required parameters - diagnosticLogsRetentionInDays: 7 lock: 'CanNotDelete' ' #>