diff --git a/internal/services/loganalytics/log_analytics_workspace_resource.go b/internal/services/loganalytics/log_analytics_workspace_resource.go index fea1bf511ce9..2b9befbe9b24 100644 --- a/internal/services/loganalytics/log_analytics_workspace_resource.go +++ b/internal/services/loganalytics/log_analytics_workspace_resource.go @@ -14,6 +14,7 @@ import ( "github.com/hashicorp/go-azure-helpers/lang/pointer" "github.com/hashicorp/go-azure-helpers/lang/response" "github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema" + "github.com/hashicorp/go-azure-sdk/resource-manager/insights/2022-06-01/datacollectionrules" sharedKeyWorkspaces "github.com/hashicorp/go-azure-sdk/resource-manager/operationalinsights/2020-08-01/workspaces" "github.com/hashicorp/go-azure-sdk/resource-manager/operationalinsights/2022-10-01/workspaces" "github.com/hashicorp/terraform-provider-azurerm/helpers/azure" @@ -144,6 +145,12 @@ func resourceLogAnalyticsWorkspace() *pluginsdk.Resource { ValidateFunc: validation.FloatAtLeast(-1.0), }, + "data_collection_rule_id": { + Type: pluginsdk.TypeString, + Optional: true, + ValidateFunc: datacollectionrules.ValidateDataCollectionRuleID, + }, + "workspace_id": { Type: pluginsdk.TypeString, Computed: true, @@ -311,6 +318,12 @@ func resourceLogAnalyticsWorkspaceCreateUpdate(d *pluginsdk.ResourceData, meta i return err } + // `data_collection_rule_id` also needs an additional update. + // error message: Default dcr is not applicable on workspace creation, please provide it on update. + if v, ok := d.GetOk("data_collection_rule_id"); ok { + parameters.Properties.DefaultDataCollectionRuleResourceId = pointer.To(v.(string)) + } + // `allow_resource_only_permissions` needs an additional update, tacked on https://github.com/Azure/azure-rest-api-specs/issues/21591 err = client.CreateOrUpdateThenPoll(ctx, id, parameters) if err != nil { @@ -438,6 +451,17 @@ func resourceLogAnalyticsWorkspaceRead(d *pluginsdk.ResourceData, meta interface d.Set("allow_resource_only_permissions", allowResourceOnlyPermissions) d.Set("local_authentication_disabled", disableLocalAuth) + defaultDataCollectionRuleResourceId := "" + if props.DefaultDataCollectionRuleResourceId != nil { + dataCollectionId, err := datacollectionrules.ParseDataCollectionRuleID(*props.DefaultDataCollectionRuleResourceId) + if err != nil { + return err + } + + defaultDataCollectionRuleResourceId = dataCollectionId.ID() + } + d.Set("data_collection_rule_id", defaultDataCollectionRuleResourceId) + sharedKeyId := sharedKeyWorkspaces.WorkspaceId{ SubscriptionId: id.SubscriptionId, ResourceGroupName: id.ResourceGroupName, diff --git a/internal/services/loganalytics/log_analytics_workspace_resource_test.go b/internal/services/loganalytics/log_analytics_workspace_resource_test.go index d78fba1708ce..3f8a95df7a7c 100644 --- a/internal/services/loganalytics/log_analytics_workspace_resource_test.go +++ b/internal/services/loganalytics/log_analytics_workspace_resource_test.go @@ -8,6 +8,7 @@ import ( "fmt" "testing" + "github.com/hashicorp/go-azure-sdk/resource-manager/insights/2022-06-01/datacollectionrules" "github.com/hashicorp/go-azure-sdk/resource-manager/operationalinsights/2020-08-01/workspaces" "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance" "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check" @@ -354,6 +355,30 @@ func TestAccLogAnalyticsWorkspace_updateSku(t *testing.T) { }) } +func TestAccLogAnalyticsWorkspace_withDefaultDataCollectionRule(t *testing.T) { + data := acceptance.BuildTestData(t, "azurerm_log_analytics_workspace", "test") + r := LogAnalyticsWorkspaceResource{} + + // the default data collection rule could only be set during update, + // and to avoid the dependency cycle, we do an additional update here. + data.ResourceTest(t, r, []acceptance.TestStep{ + { + Config: r.withDataCollectionRule(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.ImportStep(), + { + Config: r.withDefaultDataCollectionRule(data, datacollectionrules.NewDataCollectionRuleID(data.Subscriptions.Primary, fmt.Sprintf("acctestRG-%d", data.RandomInteger), fmt.Sprintf("acctestmdcr-%d", data.RandomInteger)).ID()), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + data.ImportStep(), + }) +} + func (t LogAnalyticsWorkspaceResource) Exists(ctx context.Context, clients *clients.Client, state *pluginsdk.InstanceState) (*bool, error) { id, err := workspaces.ParseWorkspaceID(state.ID) if err != nil { @@ -716,3 +741,82 @@ resource "azurerm_log_analytics_workspace" "test" { } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, disableLocalAuth) } + +func (LogAnalyticsWorkspaceResource) withDataCollectionRule(data acceptance.TestData) string { + return fmt.Sprintf(` +provider "azurerm" { + features {} +} + +resource "azurerm_resource_group" "test" { + name = "acctestRG-%[1]d" + location = "%s" +} + +resource "azurerm_monitor_data_collection_rule" "test" { + name = "acctestmdcr-%[1]d" + resource_group_name = azurerm_resource_group.test.name + location = azurerm_resource_group.test.location + + destinations { + log_analytics { + workspace_resource_id = azurerm_log_analytics_workspace.test.id + name = "test-destination" + } + } + + data_flow { + streams = ["Microsoft-InsightsMetrics"] + destinations = ["test-destination"] + } +} + +resource "azurerm_log_analytics_workspace" "test" { + name = "acctestLAW-%[1]d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + sku = "PerGB2018" + retention_in_days = 30 +} +`, data.RandomInteger, data.Locations.Primary) +} + +func (LogAnalyticsWorkspaceResource) withDefaultDataCollectionRule(data acceptance.TestData, ruleID string) string { + return fmt.Sprintf(` +provider "azurerm" { + features {} +} + +resource "azurerm_resource_group" "test" { + name = "acctestRG-%[1]d" + location = "%s" +} + +resource "azurerm_monitor_data_collection_rule" "test" { + name = "acctestmdcr-%[1]d" + resource_group_name = azurerm_resource_group.test.name + location = azurerm_resource_group.test.location + + destinations { + log_analytics { + workspace_resource_id = azurerm_log_analytics_workspace.test.id + name = "test-destination" + } + } + + data_flow { + streams = ["Microsoft-InsightsMetrics"] + destinations = ["test-destination"] + } +} + +resource "azurerm_log_analytics_workspace" "test" { + name = "acctestLAW-%[1]d" + location = azurerm_resource_group.test.location + resource_group_name = azurerm_resource_group.test.name + sku = "PerGB2018" + retention_in_days = 30 + data_collection_rule_id = "%[3]s" +} +`, data.RandomInteger, data.Locations.Primary, ruleID) +} diff --git a/website/docs/r/log_analytics_workspace.html.markdown b/website/docs/r/log_analytics_workspace.html.markdown index 332f1b7b2e55..c645fc859ff6 100644 --- a/website/docs/r/log_analytics_workspace.html.markdown +++ b/website/docs/r/log_analytics_workspace.html.markdown @@ -65,6 +65,8 @@ The following arguments are supported: ~> **NOTE:** `reservation_capacity_in_gb_per_day` can only be used when the `sku` is set to `CapacityReservation`. +* `data_collection_rule_id` - (Optional) The ID of the Data Collection Rule to use for this workspace. + * `tags` - (Optional) A mapping of tags to assign to the resource. ~> **NOTE:** If a `azurerm_log_analytics_workspace` is connected to a `azurerm_log_analytics_cluster` via a `azurerm_log_analytics_linked_service` you will not be able to modify the workspaces `sku` field until the link between the workspace and the cluster has been broken by deleting the `azurerm_log_analytics_linked_service` resource. All other fields are modifiable while the workspace is linked to a cluster.