Azure Diagnostics settings with Terraform

Photo by Testalize.me on Unsplash
  • Introduction
  • Diagnostics settings with Terraform
  • Issues with Terraform Diagnostics resource block
  • Resolving Diagnostics Resource Issue with Module
  • Conclusion

Introduction

Many of you know that when we provision azure services, we want to monitor those service health as well and for that we use services like azure log analytics, application insights, event hub or storage account, these service captures various type of logs from the azure services, the type of logs could be the transaction logs, activity log or simple monitoring logs, each services have its own log categories in which the log data can be better categories and use for further analysis.

Azure Keyvault Diagnostics settings
-- audit
- Audit Logs
- Azure Policy Evaluation Details
-- AllMetrics

Diagnostics settings with Terraform

If your azure infrastructure is deployed using terraform and you want to setup diagnostics settings with your azure services then terraform has special resource block “azurerm_monitor_diagnostic_setting” which can be used to perform this action.

  • Resource group
  • Log Anlytics resource
  • Azure Keyvault resource

Issues with Terraform Diagnostics resource block

Now as the code using log and metric section where we are using category enable (enabled=true/false) and retention policy again another boolean (enabled=false).

terraform plan diff

Resolving Diagnostics Resource Issue with Module

To resolve above mentioned issue we can create a magic terraform diagnostic settings module.

data "azurerm_monitor_diagnostic_categories" "this" {  
resource_id = var.resource_id
}

Testing

To test this module we can call our module like this.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Bee-a-Learner

Bee-a-Learner

Rakesh Suryawanshi — Azure Solutions Architect, DevOps with Terraform