azureazure-resource-managerazure-rm-templateazure-virtual-networkazure-diagnostics

How to create Activity logs diagnostic setting for Azure resources using ARM template

We are referring this documentation here which talks about Creating diagnostic setting in Azure using a Resource Manager template.

We have managed to provision resources with ARM template along with diagnostic setting for resource logs, however snippet in the documentation to enable the activity logs diagnostic setting does not seem to work as the template deployment command (new-azresourcegroupdeployment) returns the Bad request error.

New-AzResourceGroupDeployment : Resource Microsoft.Insights/diagnosticSettings 'test-vnet' failed with message '{ "Code": "BadRequest", "Message": "" }'

Here is the template (trimmed some code to avoid noise)

{  
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
   ...
},
"variables": {
    ...
},
"resources": [
    {
        "apiVersion": "2018-08-01",
        "type": "Microsoft.Network/virtualNetworks",
        "name": "[parameters('virtualNetworkName')]",
        "location": "[parameters('resourceLocation')]",
        "properties": {
            "addressSpace": {
                "addressPrefixes": [
                    "[parameters('addressPrefix')]"
                ]
            },
            "subnets": "[parameters('subnets')]",
            "dhcpOptions": {
                "dnsServers": "[parameters('dnsServers')]"
            }
        },
        "resources":
        [
            {
                "type": "Microsoft.Insights/diagnosticSettings",
                "apiVersion": "2017-05-01-preview",
                "name": "[variables('diagnosticsSettingsName')]",
                "dependsOn": [
                    "[parameters('virtualNetworkName')]"
                ],
                "location": "global",
                "properties": 
                 {
                    "storageAccountId": "..valid_id_here",
                    "logs": 
                    [
                        {
                            "category": "Administrative",
                            "enabled": true
                        },
                        {
                            "category": "Security",
                            "enabled": true
                        },
                        {
                            "category": "ServiceHealth",
                            "enabled": true
                        },
                        {
                            "category": "ResourceHealth",
                            "enabled": true
                        }
                    ]
                }
            }
        ]
    }
],
"outputs": {
    ..
}
Solution

  • The documentation here which you are referring for Creating diagnostic settings.

    So If you will check the Deployment Methods in this document, it says that you can deploy Resource Manager templates using any valid method including PowerShell and CLI. Diagnostic settings for Activity log must deploy to a subscription using az deployment create for CLI or New-AzDeployment for PowerShell.

    Use New-AzDeployment instead of New-AzResourceGroupDeployment to deploy the ARM Template.

    Hope this helps!!