Azure · jtracey93 · Feb 5, 2024 · Jan 31, 2024 · Jan 31, 2024 · Jan 31, 2024
@@ -17,6 +17,7 @@ This component deploys an Application Insights instance.
 | :-- | :-- |
 | `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) |
 | `Microsoft.Insights/components` | [2020-02-02](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Insights/2020-02-02/components) |
+| `microsoft.insights/components/linkedStorageAccounts` | [2020-03-01-preview](https://learn.microsoft.com/en-us/azure/templates/microsoft.insights/2020-03-01-preview/components/linkedStorageAccounts) |
 | `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) |
 
 ## Usage examples
@@ -114,6 +115,10 @@ module component 'br/public:avm/res/insights/component:<version>' = {
         workspaceResourceId: '<workspaceResourceId>'
       }
     ]
+    disableIpMasking: false
+    disableLocalAuth: true
+    forceCustomerStorageForProfiler: true
+    linkedStorageAccountResourceId: '<linkedStorageAccountResourceId>'
     location: '<location>'
     roleAssignments: [
       {
@@ -177,6 +182,18 @@ module component 'br/public:avm/res/insights/component:<version>' = {
         }
       ]
     },
+    "disableIpMasking": {
+      "value": false
+    },
+    "disableLocalAuth": {
+      "value": true
+    },
+    "forceCustomerStorageForProfiler": {
+      "value": true
+    },
+    "linkedStorageAccountResourceId": {
+      "value": "<linkedStorageAccountResourceId>"
+    },
     "location": {
       "value": "<location>"
     },
@@ -323,8 +340,12 @@ module component 'br/public:avm/res/insights/component:<version>' = {
 | :-- | :-- | :-- |
 | [`applicationType`](#parameter-applicationtype) | string | Application type. |
 | [`diagnosticSettings`](#parameter-diagnosticsettings) | array | The diagnostic settings of the service. |
+| [`disableIpMasking`](#parameter-disableipmasking) | bool | Disable IP masking. Default value is set to true. |
+| [`disableLocalAuth`](#parameter-disablelocalauth) | bool | Disable Non-AAD based Auth. Default value is set to false. |
 | [`enableTelemetry`](#parameter-enabletelemetry) | bool | Enable/Disable usage telemetry for module. |
+| [`forceCustomerStorageForProfiler`](#parameter-forcecustomerstorageforprofiler) | bool | Force users to create their own storage account for profiler and debugger. |
 | [`kind`](#parameter-kind) | string | The kind of application that this component refers to, used to customize UI. This value is a freeform string, values should typically be one of the following: web, ios, other, store, java, phone. |
+| [`linkedStorageAccountResourceId`](#parameter-linkedstorageaccountresourceid) | string | Linked storage account resource ID. |
 | [`location`](#parameter-location) | string | Location for all Resources. |
 | [`publicNetworkAccessForIngestion`](#parameter-publicnetworkaccessforingestion) | string | The network access type for accessing Application Insights ingestion. - Enabled or Disabled. |
 | [`publicNetworkAccessForQuery`](#parameter-publicnetworkaccessforquery) | string | The network access type for accessing Application Insights query. - Enabled or Disabled. |
@@ -453,6 +474,22 @@ Resource ID of the diagnostic log analytics workspace. For security reasons, it
 - Required: No
 - Type: string
 
+### Parameter: `disableIpMasking`
+
+Disable IP masking. Default value is set to true.
+
+- Required: No
+- Type: bool
+- Default: `True`
+
+### Parameter: `disableLocalAuth`
+
+Disable Non-AAD based Auth. Default value is set to false.
+
+- Required: No
+- Type: bool
+- Default: `False`
+
 ### Parameter: `enableTelemetry`
 
 Enable/Disable usage telemetry for module.
@@ -461,6 +498,14 @@ Enable/Disable usage telemetry for module.
 - Type: bool
 - Default: `True`
 
+### Parameter: `forceCustomerStorageForProfiler`
+
+Force users to create their own storage account for profiler and debugger.
+
+- Required: No
+- Type: bool
+- Default: `False`
+
 ### Parameter: `kind`
 
 The kind of application that this component refers to, used to customize UI. This value is a freeform string, values should typically be one of the following: web, ios, other, store, java, phone.
@@ -469,6 +514,14 @@ The kind of application that this component refers to, used to customize UI. Thi
 - Type: string
 - Default: `''`
 
+### Parameter: `linkedStorageAccountResourceId`
+
+Linked storage account resource ID.
+
+- Required: No
+- Type: string
+- Default: `''`
+
 ### Parameter: `location`
 
 Location for all Resources.

@@ -0,0 +1,62 @@
+# Application Insights Linked Storage Account `[microsoft.insights/components/linkedStorageAccounts]`
+
+This component deploys an Application Insights Linked Storage Account.
+
+## Navigation
+
+- [Resource Types](#Resource-Types)
+- [Parameters](#Parameters)
+- [Outputs](#Outputs)
+- [Cross-referenced modules](#Cross-referenced-modules)
+- [Data Collection](#Data-Collection)
+
+## Resource Types
+
+| Resource Type | API Version |
+| :-- | :-- |
+| `microsoft.insights/components/linkedStorageAccounts` | [2020-03-01-preview](https://learn.microsoft.com/en-us/azure/templates/microsoft.insights/2020-03-01-preview/components/linkedStorageAccounts) |
+
+## Parameters
+
+**Required parameters**
+
+| Parameter | Type | Description |
+| :-- | :-- | :-- |
+| [`storageAccountResourceId`](#parameter-storageaccountresourceid) | string | Linked storage account resource ID. |
+
+**Conditional parameters**
+
+| Parameter | Type | Description |
+| :-- | :-- | :-- |
+| [`appInsightsName`](#parameter-appinsightsname) | string | The name of the parent Application Insights instance. Required if the template is used in a standalone deployment. |
+
+### Parameter: `storageAccountResourceId`
+
+Linked storage account resource ID.
+
+- Required: Yes
+- Type: string
+
+### Parameter: `appInsightsName`
+
+The name of the parent Application Insights instance. Required if the template is used in a standalone deployment.
+
+- Required: Yes
+- Type: string
+
+
+## Outputs
+
+| Output | Type | Description |
+| :-- | :-- | :-- |
+| `name` | string | The name of the Linked Storage Account. |
+| `resourceGroupName` | string | The resource group the agent pool was deployed into. |
+| `resourceId` | string | The resource ID of the Linked Storage Account. |
+
+## Cross-referenced modules
+
+_None_
+
+## Data Collection
+
+The software may collect information about you and your use of the software and send it to Microsoft. Microsoft may use this information to provide services and improve our products and services. You may turn off the telemetry as described in the [repository](https://aka.ms/avm/telemetry). There are also some features in the software that may enable you and Microsoft to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with a copy of Microsoft’s privacy statement. Our privacy statement is located at <https://go.microsoft.com/fwlink/?LinkID=824704>. You can learn more about data collection and use in the help documentation and our privacy statement. Your use of the software operates as your consent to these practices.
@@ -0,0 +1,30 @@
+metadata name = 'Application Insights Linked Storage Account'
+metadata description = 'This component deploys an Application Insights Linked Storage Account.'
+metadata owner = 'Azure/module-maintainers'
+
+@description('Conditional. The name of the parent Application Insights instance. Required if the template is used in a standalone deployment.')
+param appInsightsName string
+
+@description('Required. Linked storage account resource ID.')
+param storageAccountResourceId string
+
+resource appInsights 'Microsoft.Insights/components@2020-02-02' existing = {
+  name: appInsightsName
+}
+
+resource linkedStorageAccount 'Microsoft.Insights/components/linkedStorageAccounts@2020-03-01-preview' = {
+  name: 'ServiceProfiler'
+  parent: appInsights
+  properties: {
+    linkedStorageAccount: storageAccountResourceId
+  }
+}
+
+@description('The name of the Linked Storage Account.')
+output name string = linkedStorageAccount.name
+
+@description('The resource ID of the Linked Storage Account.')
+output resourceId string = linkedStorageAccount.id
+
+@description('The resource group the agent pool was deployed into.')
+output resourceGroupName string = resourceGroup().name
@@ -0,0 +1,61 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "metadata": {
+    "_generator": {
+      "name": "bicep",
+      "version": "0.24.24.22086",
+      "templateHash": "15481388144279509267"
+    },
+    "name": "Application Insights Linked Storage Account",
+    "description": "This component deploys an Application Insights Linked Storage Account.",
+    "owner": "Azure/module-maintainers"
+  },
+  "parameters": {
+    "appInsightsName": {
+      "type": "string",
+      "metadata": {
+        "description": "Conditional. The name of the parent Application Insights instance. Required if the template is used in a standalone deployment."
+      }
+    },
+    "storageAccountResourceId": {
+      "type": "string",
+      "metadata": {
+        "description": "Required. Linked storage account resource ID."
+      }
+    }
+  },
+  "resources": [
+    {
+      "type": "microsoft.insights/components/linkedStorageAccounts",
+      "apiVersion": "2020-03-01-preview",
+      "name": "[format('{0}/{1}', parameters('appInsightsName'), 'ServiceProfiler')]",
+      "properties": {
+        "linkedStorageAccount": "[parameters('storageAccountResourceId')]"
+      }
+    }
+  ],
+  "outputs": {
+    "name": {
+      "type": "string",
+      "metadata": {
+        "description": "The name of the Linked Storage Account."
+      },
+      "value": "ServiceProfiler"
+    },
+    "resourceId": {
+      "type": "string",
+      "metadata": {
+        "description": "The resource ID of the Linked Storage Account."
+      },
+      "value": "[resourceId('microsoft.insights/components/linkedStorageAccounts', parameters('appInsightsName'), 'ServiceProfiler')]"
+    },
+    "resourceGroupName": {
+      "type": "string",
+      "metadata": {
+        "description": "The resource group the agent pool was deployed into."
+      },
+      "value": "[resourceGroup().name]"
+    }
+  }
+}
@@ -0,0 +1,7 @@
+{
+  "$schema": "https://aka.ms/bicep-registry-module-version-file-schema#",
+  "version": "0.2",
+  "pathFilters": [
+    "./main.json"
+  ]
+}
@@ -15,6 +15,18 @@ param applicationType string = 'web'
 @description('Required. Resource ID of the log analytics workspace which the data will be ingested to. This property is required to create an application with this API version. Applications from older versions will not have this property.')
 param workspaceResourceId string
 
+@description('Optional. Disable IP masking. Default value is set to true.')
+param disableIpMasking bool = true
+
+@description('Optional. Disable Non-AAD based Auth. Default value is set to false.')
+param disableLocalAuth bool = false
+
+@description('Optional. Force users to create their own storage account for profiler and debugger.')
+param forceCustomerStorageForProfiler bool = false
+
+@description('Optional. Linked storage account resource ID.')
+param linkedStorageAccountResourceId string = ''
+
 @description('Optional. The network access type for accessing Application Insights ingestion. - Enabled or Disabled.')
 @allowed([
   'Enabled'
@@ -99,6 +111,9 @@ resource appInsights 'Microsoft.Insights/components@2020-02-02' = {
   kind: kind
   properties: {
     Application_Type: applicationType
+    DisableIpMasking: disableIpMasking
+    DisableLocalAuth: disableLocalAuth
+    ForceCustomerStorageForProfiler: forceCustomerStorageForProfiler
     WorkspaceResourceId: workspaceResourceId
     publicNetworkAccessForIngestion: publicNetworkAccessForIngestion
     publicNetworkAccessForQuery: publicNetworkAccessForQuery
@@ -107,6 +122,14 @@ resource appInsights 'Microsoft.Insights/components@2020-02-02' = {
   }
 }
 
+module linkedStorageAccount 'linkedStorageAccounts/main.bicep' = if (!empty(linkedStorageAccountResourceId)) {
+  name: '${uniqueString(deployment().name, location)}-appInsights-linkedStorageAccount'
+  params: {
+    appInsightsName: appInsights.name
+    storageAccountResourceId: linkedStorageAccountResourceId
+  }
+}
+
 resource appInsights_roleAssignments 'Microsoft.Authorization/roleAssignments@2022-04-01' = [for (roleAssignment, index) in (roleAssignments ?? []): {
   name: guid(appInsights.id, roleAssignment.principalId, roleAssignment.roleDefinitionIdOrName)
   properties: {